all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

Add to bookmarks
April 4, 2024, 11:15 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks.
The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024.
"Many HTTP/2 implementations do not properly limit or sanitize the

attacks can center cert coordination dos exploited flood found http issue january protocol research researcher security security researcher servers service vulnerability web web servers

Visit resource

More from thehackernews.com / The Hacker News

Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years 8 hours ago | thehackernews.com
attacks campaigns containers cybersecurity +10
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure 11 hours ago | thehackernews.com
address ai risks ai security artificial +16
Considerations for Operational Technology Cybersecurity 11 hours ago | thehackernews.com
change control cybersecurity devices +18
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 15 hours ago | thehackernews.com
act and telecommunications april bans +23
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 1 day, 4 hours ago | thehackernews.com
access accounts address android +20
China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale 1 day, 8 hours ago | thehackernews.com
actor china cloud cloud security +22
Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM 1 day, 10 hours ago | thehackernews.com
adoption attackers challenge cyber +21
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks 1 day, 11 hours ago | thehackernews.com
actor attacks code code execution +22
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover 1 day, 11 hours ago | thehackernews.com
access adversary code code execution +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineer - Vulnerability Management

@ Starling Bank | Southampton, England, United Kingdom
View on infosec-jobs.com

Manager Cybersecurity

@ Sia Partners | Rotterdam, Netherlands
View on infosec-jobs.com

Compliance Analyst

@ SiteMinder | Manila
View on infosec-jobs.com

Information System Security Engineer (ISSE)-Level 3, OS&CI Job #447

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Enterprise Cyber Security Analyst – Advisory and Consulting

@ Ford Motor Company | Mexico City, MEX, Mexico
View on infosec-jobs.com
View more jobs