A novel HTTP/2-based DDoS attack, named ‘Rapid Reset’, has been making waves in the cybersecurity world. Recently analyzed by Google Cloud, this attack surpassed 398 million requests per second, and showcases the evolving nature of current cyber threats.

Google Cloud’s in-depth analysis provides key insights into this style of attack and the mechanism used, while highlighting how HTTP/2’s efficiency features can be exploited in DDoS scenarios. This is a critical read for IT and cybersecurity professionals, as it offers lessons in advanced network defense strategies.

In response to this threat, Cisco disclosed the vulnerability identified as CVE-2023-44487, affecting numerous products. Cisco is actively investigating and updating its product line to mitigate this vulnerability, emphasizing the importance of keeping software updated to protect against such sophisticated attacks.

Sharing knowledge about these vulnerabilities and attack methods is vital for collaborative cybersecurity efforts. Staying informed and proactively updating software is crucial in safeguarding digital infrastructure against such innovative threats.



Learn more about the attack and Cisco’s response:

By Bryan Hefner

Senior Network Security Architect