cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Latest Threat Intelligence (April, 2021)

arielsgv
Microsoft

‎Apr 12 2021 03:28 AM - edited ‎Apr 13 2021 08:37 AM

‎Apr 12 2021 03:28 AM - edited ‎Apr 13 2021 08:37 AM

Latest Threat Intelligence (April, 2021)

 

Microsoft has released the April 2021 Threat Intelligence update package. The package is available for download from the Azure Defender for IoT portal (click Updates, then Download file). 

 

Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. 

arielsgv_2-1618222661115.png

 

The package includes the latest CVEs (Common Vulnerabilities and Exposures) and IOCs (Indicators of Compromise) applicable for IoT/ICS/OT networks (published during the month of March).
 
CVEs provide a reference method for publicly known information security vulnerabilities and exposures, and are available for reference on the MITRE site, in the National Vulnurability Database site (NVD) as well as IoT/OT specific ICS-CERT.
 

In addition to the updated IOC artifacts in the package for the month of March, there are also detection rules for Solorigate associated malware (GoldMax, GoldFinder, and Sibot), follow this link to read more.

 

Update your system with the latest TI package:

The package can be downloaded from the Azure Defender for IoT Portal, Updates page:

arielsgv_1-1618222634484.png

 

To update a package on a single sensor:

  1. Go to the Azure Defender for IoT Updates page.
  2. Download and save the Threat Intelligence package.
  3. Sign into the sensor console.
  4. On the side menu, select System Settings.
  5. Select Threat Intelligence Data, and then select Update.
  6. Upload the new package.

To update a package on multiple sensors simultaneously:

  1. Go to the Azure Defender for IoT Updates page.
  2. Download and save the Threat Intelligence package.
  3. Sign into the management console.
  4. On the side menu, select System Settings.
  5. In the Sensor Engine Configuration section, select the sensors that should receive the updated packages.
  6. In the Select Threat Intelligence Data section, select the plus sign (+).
  7. Upload the package.

For more information, please review Update threat intelligence data | Microsoft Docs

 
 
 
 
691 Views
0 Likes
0 Replies
Reply
0 Replies