Featured Story
HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks
Different implementations of HTTP/2 are vulnerable to what is known as HTTP/2 CONTINUATION Flood. In this type of attack, an attacker can leverage a diversity of existing, vulnerable implementations to disrupt server availability, with consequences ranging from instant server crashes to Out of Memory crashes, to CPU exhaustion affecting servers’ performance. Some vendors reported limited impact on integrity as well.
The particularity of HTTP/2 CONTINUATION Flood is that in certain instances, a single machine – or a single TCP connection or even a handful of frames – are sufficient to cause a denial of service condition. In addition, requests that constitute an attack are not visible to admins in HTTP access logs. Media reporting assesses this attack type could be more severe than HTTP/2 Rapid Reset, a distributed denial of service (DDoS) attack considered up until now to be the most powerful hyper-volumetric attack.
Our advice: patch as soon as practically convenient.
You don’t have an asset inventory that highlights your exposed web servers? Approach Cyber can help evaluate your attack surface.
Other Stories
Belgian Cybersecurity Strategy Now on E-Campus
The Centre for Cybersecurity Belgium coordinates the Belgian cybersecurity strategy—a vision for a secure and resilient digital space for all citizens. Now available via an accessible e-learning module on the federal platform, it presents national objectives to tackle growing cyber threats.
Hackers Use Malware to Hunt Software Vulnerabilities
According to Palo Alto Networks’ Unit 42, a growing number of malware strains are being deployed specifically to scan networks for software vulnerabilities. In 2023, these scans made up a significant share of detected scanning activity, showing how threat actors are automating the vulnerability discovery phase of attacks.
LG TV Vulnerabilities Expose 91,000 Devices
Researchers discovered multiple vulnerabilities in LG TVs running webOS that could allow attackers to take full control of devices. Exploitation requires network access, and although most attacks would need local access, compromised devices could be leveraged for lateral movement or botnet recruitment.
Beware of Fraudulent Holiday Booking Messages
Cybercriminals are taking advantage of the holiday season by distributing phishing messages impersonating booking platforms. Some Booking.com users have fallen victim after hackers compromised hotel email accounts, leading to fraudulent communications and data theft.
Suspicious messages can be forwarded to:
– verdacht@safeonweb.be
– suspect@safeonweb.be
– suspicious@safeonweb.be