Get a Pentest and security assessment of your IT network.

Cyber Security

8 New HTTP/2 Implementation Flaws Expose Websites to DoS Attacks

Vulnerabilities found in HTTP/2, the latest version of the HTTP network protocol, have been found. Seven of eight high-severity, seven discovered by Netflix and one by Google, exist due to resource exhaustion when handling malicious input, allowing a client to overload server’s queue management code. The vulnerabilities can be exploited to launch Denial of Service (DoS) attacks against millions of online services and websites that are running on a vulnerable implementation of the protocol. Affected vendors include NGINX H2O, Nghttp2, Microsoft (IIS), Cloudflare Akamai, Apple (SwiftNIO), Amazon, Amazon, Facebook (Proxygen), Facebook (proxygen), Node.js, and Envoy proxy.

Source: https://thehackernews.com/2019/08/http2-dos-vulnerability.html

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation