cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Latest Threat Intelligence (April 2022)

arielsgv
Microsoft

‎Apr 07 2022 05:50 AM

‎Apr 07 2022 05:50 AM

Latest Threat Intelligence (April 2022)

Microsoft has released the April 2022 Threat Intelligence update package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). 



Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. 

arielsgv_2-1649335613265.png

MD5 Hash - 6efaddcd91b5d3094cb1dc61c35248fb

 
This package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise) and indicators applicable to IoT/ICS/OT networks (published during the past month) including indicators for the the Trickbot IoT botnet
 
CVEs provide a reference method for publicly known information security vulnerabilities and exposures, and are available for reference on the MITRE site, in the National Vulnerability Database site (NVD) as well as IoT/OT specific ICS-CERT.
 

Update your system with the latest TI package:

Microsoft Defender for IoT now pushes new threat intelligence packages to cloud-connected sensors upon release, click here for more information. Starting with sensor version 10.3, users can automatically receive up-to-date threat intelligence packages through Microsoft Defender for IoT. Working with automatic updates reduces operational effort and ensures greater security. Enable automatic updating on the Defender for IoT portal by onboarding your cloud-connected sensor with the toggle for Automatic Threat Intelligence Updates turned on.

 

 

Additionally, the package can be downloaded from the Microsoft Defender for IoT portal, under Updates:

 
   arielsgv_1-1649329680872.png

 

 

 

 

 

 

 

 

To update a package on a single sensor:

  1. Go to the Microsoft Defender for IoT Updates page.
  2. Download and save the Threat Intelligence package.
  3. Sign into the sensor console.
  4. On the side menu, select System Settings.
  5. Select Threat Intelligence Data, and then select Update.
  6. Upload the new package.

To update a package on multiple sensors simultaneously:

  1. Go to the Microsoft Defender for IoT Updates page.
  2. Download and save the Threat Intelligence package.
  3. Sign into the management console.
  4. On the side menu, select System Settings.
  5. In the Sensor Engine Configuration section, select the sensors that should receive the updated packages.
  6. In the Select Threat Intelligence Data section, select the plus sign (+).
  7. Upload the package.

For more information, please review Update threat intelligence data | Microsoft Docs

1,681 Views
0 Likes
2 Replies
Reply
2 Replies
Reza_Ameri

‎Apr 07 2022 06:40 AM

‎Apr 07 2022 06:40 AM

Re: Latest Threat Intelligence (April 2022)

Thank you for sharing
0 Likes
Reply
mwittersict

‎Apr 19 2022 07:47 AM

‎Apr 19 2022 07:47 AM

Re: Latest Threat Intelligence (April 2022)

Thank you for sharing this information @arielsgv.

 

I was wondering if it is also possible to give a detailed overview of the vulnerabilities that are solved within this update, for example by device vendor or protocol?

This information is needed to handle the update with the right priority. Especially when the update procedure is a manual action. 

 

Kind regards, Mark

0 Likes
Reply