Holiday Traffic Report, HPACK Feature Of HTTP/2 And More in This Weeks News

Real-time insights on holiday traffic

Fastly, given they provide CDN services to a lot of businesses, has an unique view of real-time aggregated traffic patterns on the web. This past week, they’ve decided to share these insights in a detailed article. Fact of the matter is that 30% of annual retails sales happen between Black Friday and Christmas, and 70% of consumers planned on doing shopping online this year. All of this resulted in a 207% increase in traffic as compared to normal 11AM ET on Black Friday.

A busy Walmart store checkout area with customers in line and employees assisting shoppers.
Image Source

See the insights: Fastly

Book a demo today to see GlobalDots is action.

Optimize cloud costs, control spend, and automate for deeper insights and efficiency.

Book a demo today to see GlobalDots is action.

HPACK – the silent feature of HTTP/2

First HTTP compression was performed in the TLS layer using gzip, after that came SPDY with a new, dedicated compression algorithm. SPDY still used the DEFLATE algorithm along with Huffman codes and string matching. All this means they were vulnerable to the CRIME attack, and this made all edge networks disable header compression. HTTP/2 now supports a solution to this problem called HPACK which is a dedicated header compression algorithm which is resilient to CRIME. In layman’s terms:

By implementing HPACK compression for HTTP response headers we’ve seen a significant drop in egress bandwidth. HPACK has been enabled for all Cloudflare customers using HTTP/2, all of whom benefit from faster, smaller HTTP responses.
– Cloudflare blog

A graphic promoting HTTP/2,emphasizing its benefits for a faster and safer internet.
Image Source

Read more: Cloudflare Blog

Bot Threats during the Holidays

As we’ve previously mentioned, holiday ecommerce activities are dramatically rising and this means more opportunities for cybercriminals. PerimiterX published an article about what those threats may be and what should every business focus on to be safe from fraudulent consumers.

Santa, a master at large-scale behavior analysis, used to know who’s good and “who’s bad.” That’s much more difficult this year, as more professional cybercriminal organizations use sophisticated bots to get their Christmas bonus. It may look like Mom or Dad shopping – it may even BE Mom or Dad – but they could carry a significant threat.

Read more: PerimiterX Blog

European Commission hit by a DDoS attack

In other news, the European Commission confirmed that their network was hit by a large-scale DDoS attack that lasted for several hours. No further details have been disclosed at this moment, but one thing is clear – it has been successfully stopped although connections speeds have been considerably affected. The identity of the perpetrators is still not resolved as well as their motives.

A modern glass building of the European Commission with several flags of the European Union displayed in front.
Image Source

Read more: Hacking Threat

Zenedge informs of record growth in third quarter

Zenedge, one of the leading cybersecurity platforms, posted three consecutive quarters of record growth in 2016. In Q3 Zenedge saw triple-digit year-over-year revenue growth, as well as an influx of big deals and high-profile costumers. All of this should definetly be accredited to their AI-driven Web Application Firewall (WAF) and their sophisticated DDoS mitigation systems.

“As we look into this market, we see that our platform and AI driven engine is ideally suited to address the bot detection and mitigation challenges,”

“We even had a hacker come to our web site and comment on how good our technology was!”
– Alp Hug (Co-founder of Zenedge)

Read more: Bizety

Latest Articles

What is an API Security Audit?

 In January 2024, a misconfigured API exposed 650,000 private messages. These included passwords and internal communications. No exploit chain. No zero-day. Just a public-facing endpoint with no authentication. This wasn’t an isolated incident. From T-Mobile and Twitter (now X) to Kronos Research and the US Treasury, attackers have consistently used APIs as entry points. They […]

Ganesh The Awesome
26th June, 2025
The Ultimate API Security Checklist for 2025

APIs are now the top attack vector in enterprise apps. In 2024 alone, breaches tied to APIs cost an average of $4.88 million, and that number is rising fast. Attackers exploit gaps in API authentication, input validation, and outdated endpoints to compromise systems. Legacy controls no longer suffice, and the OWASP API Top 10 outlines […]

Ganesh The Awesome
26th June, 2025
10 API Security Best Practices for 2025

APIs are the backbone of today’s interconnected software. They power everything from mobile apps and SaaS platforms to internal microservices and partner integrations. But their rapid growth has left many security teams flat-footed. In 2025, many attackers prefer to exploit API misconfigurations hiding in plain sight. What used to be fringe cases (token leakage, zombie […]

Ganesh The Awesome
23rd June, 2025
API Security in 2025: Practical Assessment & Modern Protection Strategies

APIs are no longer an edge case. In 2025, they’re a core requirement for maintaining trust, compliance, and operational continuity. As organizations build more API-driven systems—from customer apps to internal microservices—the exposure risk compounds. And quickly, too. Even mature security teams are finding that traditional tools can’t keep pace with the volume, velocity, and nuance […]

Ganesh The Awesome
23rd June, 2025

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services