We monitor a number of sources for software vulnerabilities of interest. For those issues which warrant alerts to the CTSC mailing lists, we also provide guidance on how operators and developers can reduce risks and mitigate threats. We coordinate with XSEDE and the NSF supercomputing centers on drafting and distributing alerts to minimize duplication of effort and benefit from community expertise.
Some of the sources we monitor for possible threats to CI include:
- OpenSSL, OpenSSH, and Globus project and security announcements
- US-CERT advisories
- XSEDE announcements
- RHEL/EPEL advisories
- REN-ISAC Alerts and Advisories
- Social media, such as Twitter, Reddit (/r/netsec and /r/security), and LinkedIn
- News sources, such as The Hacker News, ARS Technica, Threatpost, The Register, Naked Security, Slashdot, Krebs, SANS Internet Storm Center, Paul’s Security Weekly and Schneier
In 4Q2017 the Cyberinfrastructure Vulnerabilities team issued the following 3 vulnerability alerts to 87 subscribers:
- dnsmasq Remote Code Execution via DNS (CVE-2017-14491)
- Slurm Privilege Escalation Vulnerability (CVE-15566)
- Apache Struts 2 Vulnerabilities (CVE-2017-7525 & CVE-2017-15707)
If you wish to subscribe to the Cyberinfrastructure Vulnerability Alerts mailing list you may do so through https://list.iu.edu/sympa/subscribe/cv-announce-l. This mailing list is public and the archives are available through https://list.iu.edu/sympa/arc/cv-announce-l.
If you believe you have information on a cyberinfrastructure vulnerability, let us know by sending us an email at alerts@trustedci.org.