Attackers Can Weaponize Firewalls and Middleboxes for Amplified DDoS Attacks

Weaknesses in the implementation of TCP protocol in middleboxes and censorship infrastructure could be weaponized as a vector to stage reflected denial of service (DoS) amplification attacks, surpassing many of the existing UDP-based amplification factors to date. Detailed by a group of academics from the University of Maryland and the University of Colorado Boulder at the USENIX Security