Cyber security alerts and advisories

Purpose

Security alerts and advisories inform you of possible vulnerabilities to your system or project and can provide you with recommended mitigations and solutions to secure your work.

Audience

faculty researchers Admin staff IT staff students

Initial considerations

Maintain an asset inventory.

Maintain a device and service inventory so you are aware if alerts and advisories are relevant to your systems.
- https://handbook.security.utoronto.ca/wiki/spaces/ISH/pages/4948416

Patch and update frequently.

Ensure that you are regularly (or ideally, automatically) updating and patching your systems, in addition to other practices to maintain a secure system.
- https://handbook.security.utoronto.ca/wiki/spaces/ISH/pages/4948504

What can I do?

Visit Security Matters for issues relevant to the U of T community.

https://securitymatters.utoronto.ca/

Visit Alerts and Advisories by the Canadian Centre for Cyber Security.

https://www.cyber.gc.ca/en/alerts-advisories

Visit and subscribe to Alerts by the Cybersecurity & Infrastructure Security Agency (US).

https://www.cisa.gov/uscert/ncas/alerts
Alerts and advisories often link to the Known Exploited Vulnerabilities (KEV) catalogue, which is an authoritative source for vulnerabilities that have been exploited.
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Search

Additional help

General

https://handbook.security.utoronto.ca/wiki/spaces/ISH/pages/4948958/Contact+us#Information-Security-(IS)

https://handbook.security.utoronto.ca/wiki/spaces/ISH/pages/4948958/Contact+us#Information-Technology-(IT)

Researchers

https://security.utoronto.ca/services/research-information-security-program/

Information Security Handbook