Vulnerability Management, Threat Intelligence

Potentially significant risk of novel DoS attack technique examined

DDoS attack

Threat actors could leverage the novel HTTP/2 Continuation Flood denial-of-service attack technique to facilitate DDoS attacks more severe than record-breaking intrusions enabled by the Rapid Reset approach last year, according to SecurityWeek.

All websites and APIs leveraging the HTTP/2 protocol could be disrupted by using the Continuation Flood method, which involves vulnerabilities in various implementations of the protocol, from a single machine, indicating a significantly greater threat than Rapid Reset, noted cybersecurity researcher Bartek Nowotarski, who discovered the attack technique. Identifying compromise has also been made challenging due to lacking request visibility in HTTP access logs.

"Had it been exploited in the wild, this would have been very hard to debug without proper HTTP/2 knowledge by the server administrators. This is due to the fact that none of malicious HTTP requests connected to this vulnerability is properly closed," said Nowotarski.

Meanwhile, various vendors have already been issuing fixes for instances affected by the Continuation Flood issue.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.