The Cyberinfrastructure Vulnerabilities team provides concise announcements on critical vulnerabilities that affect science cyberinfrastructure (CI) of research and education centers, including those threats which may impact scientific instruments. This service is freely available by subscribing to Trusted CI's mailing list (see below).
We monitor a number of sources for vulnerabilities, then determine which ones are of critical interest to the CI community. While there are many cybersecurity issues reported in the news, we strive to alert on issues that affect the CI community in particular. These issues are identified using the following criteria:
- the affected technology's or software's pervasiveness in the CI community
- the technology's or software's importance to the CI community
- the type and severity of a potential threat, e.g., remote code execution (RCE)
- the threat's ability to be triggered remotely
- the threat's ability to affect critical core functions
- the availability of mitigations
For issues that warrant alerts to the Trusted CI mailing list, we also provide guidance on how operators and developers can reduce risks and mitigate threats. We coordinate with ACCESS, Open Science Grid (OSG), the NSF supercomputing centers, and the ResearchSOC on drafting and distributing alerts to minimize duplication of effort and maximize benefit from community expertise. Sources we monitor for possible threats to CI include the following:
- OpenSSL and OpenSSH
- US-CERT advisories
- RHEL/EPEL advisories
- REN-ISAC Alerts and Advisories
- Social media, such as Twitter, and Reddit (/r/netsec and /r/cybersecurity)
- News sources, such as The Hacker News, Threatpost, The Register, Naked Security, Slashdot, Krebs on Security, SANS Internet Storm Center, and Schneier on Security
In 2022 the Cyberinfrastructure Vulnerabilities team discussed 41 vulnerabilities and issued 29 alerts to 192 subscribers.
You can subscribe to Trusted CI's Cyberinfrastructure Vulnerability Alerts mailing list by sending email to cv-announce+subscribe@trustedci.org . This mailing list is public and its archives are available at https://groups.google.com/a/trustedci.org/g/cv-announce .
If you have information on a cyberinfrastructure vulnerability, let us know by sending email to alerts@trustedci.org .
