Bypassing DDoS-Protection with Proxies
OR: Why Your GeoIP-Restrictions Might Soon Become Obsolete
TL;DR
The use of proxy services for DDoS Attacks is an effective and cost-efficient tool for
State of DDoS - Summary
zeroBS continuously collects informations and status reports on the subject of infrastructure and application security vs DDoS-Threats and showcases an condensed overview of trends and developments.
DDoS-Attacks on EU-Insitutions by russian activist, analyzed and summarized
TL;DR:
While attacks are ongoing and are problem for some institutions, most defenders could go with Geofencing, and we did not saw widespread coordinated
HTTP/2 Continuation Flood (and POC)
Intro
In early April 2024, Bartek Nowotarski disclosed a new DDoS attack technique named "HTTP/2 Continuation Flood", which exploits vulnerabilities in various
KeyTrap - Assessment (DNSSEC-DOS, CVE-2023-50387)
A Protocol-Flaw has been detected in DNSSEC that would allow a malicious actor to execute a Single-Request-DOS against DNS-Servers who have been configured as DNSSEC-Validators