Vulnerability disclosure: the Code Red lessons
The Code Red sequence has clarified the disclosure-versus-deployment timing problem in ways that the more abstract debate has not. A walk through what the data teaches.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged code red — 4 results.
Code Red II: a more capable variant
A more sophisticated variant of Code Red has appeared. Code Red II uses the same IIS vulnerability but installs a persistent backdoor and propagates more cleverly. The trajectory I predicted last week is on schedule.
Code Red analysed
A week into Code Red. The worm has reached saturation; the analysis from multiple research groups is converging. A walk through what we now know and what it teaches.
Code Red is here
Last Friday a worm exploiting the IIS .ida vulnerability appeared in the wild. By Saturday it had compromised tens of thousands of hosts. By Sunday, hundreds of thousands. The worm I have been predicting is here.