jrefior, 8 months ago

Google Cloud's summary of the new HTTP/2 "rapid reset" DDoS attack:
https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack

I see #golang released a version update today with a patch to net/http:

"go1.21.3 (released 2023-10-10) includes a security fix to the net/http package"
https://go.dev/doc/devel/release
—
#security #http2 #ddos