Heidelberg University
University Computing Centre Heidelberg logo

IT Security - Alerts IT Security Alerts

This page provides links to authoritative information services covering current IT security vulnerabilities and weaknesses. These alerts help IT administrators identify risks early on and secure their systems.
For IT administrators at Heidelberg University, subscribing to the BSI’s security alerts is considered particularly important and is strongly recommended. 

Recommended lists

BSI - CERT-Bund: Strongly Recommended

Warning and Information Service (WID) / CERT-Bund

The Warning and Information Service (WID) of the Federal Office for Information Security (BSI) is a central reporting and warning service.
Through the WID, the Federal Administration’s Computer Emergency Response Team (CERT-Bund) publishes daily updates on vulnerabilities, patches, and workarounds in common IT products. The database can be filtered by product and severity level.

NVD - NIST: international / supplementary

National Vulnerability Database (NVD) / NIST

The National Vulnerability Database (NVD) is the official cybersecurity database sponsored by the U.S. government and operated by NIST (National Institute of Standards and Technology).
It serves as a database for CVE (Common Vulnerabilities and Exposures) entries. Every vulnerability referenced in the distribution lists leads to a CVE entry—the NVD provides structured information for this, including CVSS scores.

How should security alerts be classified?

Most security alert distribution services use a four-tiered vulnerability rating system, some of which are color-coded. The classification is based on the CVSS (Common Vulnerability Scoring System) score and provides a quick indication of the urgency of protective measures.

  • 4 - CRITICAL or VERY HIGH: Critical vulnerability. Active exploitation: Immediate action required.
  • 3 - HIGH: Significant risk. Install updates promptly or apply a workaround.
  • 2 - MEDIUM: Moderate risk. Include the patch in the regular maintenance cycle.
  • 1 - LOW: Low risk. Monitor and include in routine updates.

What to do in case of a critical alert

If you receive a Level 3 or 4 alert affecting a system you use, you should proceed as follows:

  1.    Verify Impact
    First, determine whether the specified software version or product is actually in use on your system. Also check for dependencies in libraries or containers
     
  2. Patch or Workaround
    Install the update provided by the manufacturer. If no patch is yet available, review the workaround specified in the advisory and document it.  
     
  3. Report
    If there is reasonable suspicion that a compromise has already occurred: immediately report it to the IT security team at the URZ via the linked web form or by email to 

    it-sicherheit@urz.uni-heidelberg.de

Alternative ways to contact us: By phone via IT Services at +49 6221 54-117

Web form IT security incident

When reporting an incident, please follow the standard “W” questions used in the security field:

Who? – e.g., first and last name, affiliation with which department, full email address, phone number
What? – e.g., virus infection, system breach, data theft
When? – Time of discovery and/or the incident
Where? – On which IT system did the incident occur, IP address, hardware address, hostname, etc.

Who can help?

URZ IT Security Team

The first point of contact for all university members regarding IT security incidents, suspicious emails, and questions about data protection.

Data Protection Office of the University Administration

In the event of incidents involving personal data (e.g., successful phishing, data breach), also notify the Data Protection Office.
 

Deutsch

IT Security