SECURITYFOCUS IDENTIFIES NEW VARIANT OF "CODE RED" WORM

First to alert more than 40,000 administrators of infected IP addresses; executives available to offer analysis

San Mateo, Calif.-July 20, 2001-SecurityFocus, the leading provider of security intelligence services for business, was first to identify a new variant of the Code Red worm, which has already attacked hundreds of thousands of Windows IIS servers. The new variant is more efficient and relatively undetectable, randomly infecting new hosts across the entire Internet without defacing the sites. With access to the largest amount of global attack data available, SecurityFocus is the first company to notify the administrators of more than 40,000 infected IP addresses-the highest volume of incident notification thus far with the worm.

"The need for early alerts is essential to effectively manage attacks of this magnitude and control your IT infrastructure," said Elias Levy, CTO of SecurityFocus. "We are the only company with the capability to identify and analyze attacks on an international level, helping companies across the globe prioritize implementation of security patches, thereby saving money and time in ensuring their security posture."

[Geez this is bad. Several organizations or companies (like incidents.org) had packet dumps of this variation (and others) days before SecurityFocus mailed out this release. The fact is, Securityfocus is not the only organization that has the capability to identify/analyze/notify on a global level. Further, they were not the first to identify this worm, or the variant. This press release is misleading on those points and does not credit the source of the information they used to notify the admins. SecurityFocus did put in their time and expertise in doing further analysis and notified admins across the globe.]