The US government Cybersecurity and Infrastructure Security Agency security advisories

The US government Cybersecurity and Infrastructure Security Agency (CISA) is a trusted source of information on security updates and exploited vulnerabilities. My team use it as one of their go to resources.

The latest updates include the other vendors that release updates around the same time as Microsoft’s Patch Tuesday.

Here are the advisories:

Adobe Releases Security Updates for Multiple Products | CISA

Microsoft Releases September 2023 Updates | CISA (Patch Tuesday)

Apple Releases Security Updates for iOS and macOS | CISA

Mozilla Releases Security Updates for Multiple Products | CISA

Fortinet Releases Security Updates for Multiple Products | CISA

Known Exploited Vulnerabilities Catalog

CISA had also added a number of products to its Known Exploited Vulnerabilities database, including products from Android, Cisco, Apple, Google, Apache, and Microsoft.

Known Exploited Vulnerabilities Catalog | CISA

My advice: Either you or your IT support need to check whether these issues impact your systems. You need to have a master document that details your systems, hardware, software, online, networks, back-ups, suppliers etc – so when cyber security (or operational) issues arise you and your support teams can quickly check if you are affected. From there you can take fast, effective action.

CISA also releases industrial control system advisories – if you are responsible for these types of systems you should monitor their news page:

Current Activity | CISA

Clive Catton MSc (Cyber Security) – by-line and other articles

Further Reading