Threat Advisories

HTTP/2 Zero-Day Exploited for the Most Explosive DDoS Attacks

October 14, 2023

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

A zero-day vulnerability in HTTP/2 has been actively exploited in August, introducing a novel DDoS technique referred as “Rapid Reset”. The attack, utilizing CVE-2023-44487, exploits a vulnerability within the HTTP/2 protocol and enables remote attackers to carry out a denial of service (DoS) attack.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Grayling APT Emerges as a Silent Threat Targeting Taiwan

Microsoft’s October 2023 Patch Tuesday Addresses Three Zero-day Vulnerabilities