#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

SPDY Protocol | Breaking Cybersecurity News | The Hacker News

4 Flaws hit HTTP/2 Protocol that could allow Hackers to Disrupt Servers

4 Flaws hit HTTP/2 Protocol that could allow Hackers to Disrupt Servers

Aug 03, 2016
If you think that the HTTP/2 protocol is more secure than the standard HTTP ( Hypertext Transfer Protocol ), then you might be wrong, as it took researchers just four months to discover four flaws in the HTTP/2 protocol. HTTP/2 was launched properly just in May last year after Google bundled its SPDY project into HTTP/2 in February in an effort to speed up the loading of web pages as well as the browsing experience of the online users. Now, security researchers from data center security vendor Imperva today at Black Hat conference revealed details on at least four high-profile vulnerabilities in HTTP/2 – a major revision of the HTTP network protocol that the today's web is based on. The vulnerabilities allow attackers to slow web servers by flooding them with innocent looking messages that carry a payload of gigabytes of data, putting the servers into infinite loops and even causing them to crash. The HTTP/2 protocol can be divided into three layers: The transmissio
Google To Speed Up The Internet With Its New QUIC Protocol

Google To Speed Up The Internet With Its New QUIC Protocol

Apr 19, 2015
Google is trying every effort to make the World Wide Web faster for Internet users. The company has announced plans to propose its homemade networking protocol, called Quick UDP Internet Connections (QUIC) , to the Internet Engineering Task Force (IETF) in order to make it the next-generation Internet standard. Probably the term QUIC is new for you, but if you use Google's Chrome browser then there are chances that you have used this network protocol already. What is QUIC? QUIC is a low-latency transport protocol for the modern Internet over UDP, an Internet protocol that is often used for streaming media, gaming and VoIP services. The search engine giant first unveiled the experimental protocol QUIC and added it to Chrome Canary update in June 2013. The protocol already included a variety of new features, but the key feature is that QUIC runs a stream multiplexing protocol on top of UDP instead of TCP. The Idea behind QUIC: QUIC was developed to s
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
What is HTTP/2 ? Next-Gen Protocol For Faster and Safer Internet

What is HTTP/2 ? Next-Gen Protocol For Faster and Safer Internet

Feb 19, 2015
Good news for Internet folks! Get Ready as the entire web you know is about to change. The new and long-awaited version of HTTP took a major step toward becoming a reality on Wednesday – It is been officially finalized and approved. Mark Nottingham, chairman of the Internet Engineering Task Force (IETF) working group behind creating the standards, announced in a blog post that the HTTP 2.0 specifications have been formally approved. Now, the specifications will go through a last formality – Request for comment and editorial processes – before being published as a standard. LARGEST CHANGE IN HTTP OVER LAST 16 YEARS HTTP, or Hypertext Transfer Protocol, is one of the web standards familiar to most as the https:// at the beginning of a web address. HTTP protocol governs the connections between a user's browser and the server hosting a website, invented by the father of the web Sir Tim Berners-Lee. HTTP/2 is simply an update to the protocol, but is really a huge deal be
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Cybersecurity Resources