New DDoS amplification vector could enable massive attacks

Security researchers sounded the alert about a vulnerability in an UDP-based network service called the Service Location Protocol (SLP) that can be abused to amplify DDoS attacks. Tens of thousands of systems and devices have this service exposed to the internet. Attackers could use them to generate massive attacks, and cleaning them up will likely take a very long time.

Researchers from security firms Bitsight and Curesec found a vulnerability that allows attackers to exploit SLP endpoints in a specific way that will generate big responses and then reflect those responses toward victims.

To read this article in full, please click here