Ars Technica

Biggest DDoSes of all time generated by protocol 0-day in HTTP/2

In August and September, threat actors unleashed the biggest distributed denial-of-service attacks in Internet history by exploiting a previously unknown vulnerability in a key technical protocol.
Wired

Move Over, HTTP. Say ‘Hello World’ to SPDY

Google plans to introduce a new protocol for web transactions it says is more than 50 percent faster than HTTP. A post on Google's Chromium blog describes the new protocol, SPDY, pronounced "Speedy": ...
CSOonline

Built-in weakness in HTTP/2 protocol exploited for massive DDoS attacks

HTTP/2-enabled DDoS attacks are the largest Cloudflare and Google have seen and were launched from a relatively small botnet. Over the past two months attackers have been abusing a feature of the HTTP ...
CSOonline

Application layer DDoS attacks rising

Application layer distributed denial of service (DDoS) attacks are on the rise, and organizations must protect themselves from this uptick in application layer attacks and from the overall scourge of ...
Dark Reading

HTTP/2 Implementation Errors Exposing Websites to Serious Risks

BLACK HAT USA 2021 - Implementation flaws and imperfections in the technical specifications around HTTP/2 are exposing websites using the network protocol to a brand-new set of risks, a security ...