There's an important vulnerability being disclosed today that allows attackers to massively increase the size of DDoS attacks.
The flaw is being tracked as CVE-2023-44487, a.k.a. "HTTP/2 Rapid Reset Attack." According to Damian Menscher at Google, the attack "works by sending a request and then immediately cancelling it (a feature of HTTP/2). This lets attackers skip waiting for responses, resulting in a more efficient attack."
More info:
https://aws.amazon.com/blogs/security/how-aws-protects-customers-from-ddos-events/
https://aws.amazon.com/security/security-bulletins/AWS-2023-011/
@briankrebs just a layer 4 syn flood?