The US government Cybersecurity and Infrastructure Security Agency (CISA) has issued a number of security advisories and added to its Known Exploited Vulnerabilities Catalog.
This is one of my key sites for keeping our clients up to date with vulnerabilities and patches.
Cyber Security Advisories
Not all of this software is in widespread use – as the website is built for use by the US Government and concentrates on products they use – but the information is publicly available.
Cisco Releases Security Advisories for Multiple Products | CISA
VMware Releases Security Update for Aria Operations for Logs | CISA
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core | CISA
Oracle Releases Security Updates | CISA
Known Exploited Vulnerabilities Catalog
The database is a quick way to find out if you are running software on your systems that is actively being exploited and what to do about it.
CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA
CISA also releases industrial control system advisories – if you are responsible for these types of systems you should monitor their news page:
My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.
