New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute
Summary
A new denial-of-service (DoS) attack named 'HTTP/2 Bomb' has been discovered, capable of crashing web servers in under a minute using a single machine. The attack exploits a weakness in the HTTP/2 protocol, which allows for efficient multiplexing of requests.
IFF Assessment
FOE
This attack highlights a newly discovered method to disrupt web services, posing a direct threat to the availability of online resources.
Defender Context
This 'HTTP/2 Bomb' attack underscores the importance of keeping web server software updated and patched, as it exploits a protocol-level weakness. Defenders should monitor network traffic for unusual request patterns indicative of DoS attacks and ensure their infrastructure is resilient to such exploits.