Decoding HTTP/2 Rapid Reset Zero-Day (CVE-2023-44487) Exploited
Health-ISAC is distributing this bulletin for your situational awareness.
On October 10, 2023, DDoS Protection firm CloudFlare, in conjunction with Google and Amazon AWS released a statement regarding the discovery of a zero-day vulnerability which could generate massive hyper-volumetric Distributed Denial of Service (DDoS) attacks. The largest attack ever recorded at CloudFlare before the exploit of HTTP/2 Rapid Reset Zero-Day was 71 million requests per second (rps). The attack using the CVE-2023-44487 resulted in an attack which peaked at over 201 million rps.
This zero-day was brought to the attention of Cloudflare in late August 2023 when it was being developed by an unknown threat actor. Later, Cloudflare observed this zero-day exploit being used in conjunction with DDoS botnets to create DDoS attacks with unprecedented volumes.
NOTE: On October 10, 2023, at 12pm ET, Health-ISAC’s Threat Operations Center held a Spotlight webinar to discuss what Cloudflare has seen: the vulnerability, impacts seen, and recommendations to address the issue.
[pdf-embedder url=”https://h-isac.org/tmp24/wp-content/uploads/2023/10/10-10-Spotlight-webinar-TLP-WHITE-c0fe0cdd-Decoding-HTTP_2-Rapid-Reset-Zero-Day-CVE-2023-44487-Exploited.pdf” title=”10-10 Spotlight webinar TLP WHITE – c0fe0cdd – Decoding HTTP_2 Rapid Reset Zero-Day (CVE-2023-44487) Exploited”]
- Related Resources & News
- Health-ISAC Hacking Healthcare 8-26-2024
- What is Threat Intelligence? A Comprehensive Overview
- Why Cybercriminals Target Healthcare Data and How Organisations Can Protect Themselves
- Federal Authorities Work to Boost Health-Care Cybersecurity
- Health-ISAC Hacking Healthcare 8-9-2024
- Health-ISAC Medical Device Blog – VEX
- Podcast: Health-ISAC Featured in Cyberwire Daily episode 2021
- Health-ISAC Hacking Healthcare 8-2-2024
- Protecting Healthcare Organizations with Human-Centric Email Security
- American Hospital Association and Health-ISAC Joint Threat Bulletin