Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Latest Threat Intelligence (February 2022)

Microsoft
Microsoft has released the February 2022 Threat Intelligence update package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). 



Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. 

arielsgv_2-1644784364665.png

MD5 Hash - 2083f911879b675ab11d3ee2b15ac07e

 
This package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise) and other indicators applicable to IoT/ICS/OT networks (published during the past month).
 
CVEs provide a reference method for publicly known information security vulnerabilities and exposures, and are available for reference on the MITRE site, in the National Vulnerability Database site (NVD) as well as IoT/OT specific ICS-CERT.
 

Update your system with the latest TI package:

Microsoft Defender for IoT now pushes new threat intelligence packages to cloud-connected sensors upon release, click here for more information. Starting with sensor version 10.3, users can automatically receive up-to-date threat intelligence packages through Microsoft Defender for IoT. Working with automatic updates reduces operational effort and ensures greater security. Enable automatic updating on the Defender for IoT portal by onboarding your cloud-connected sensor with the toggle for Automatic Threat Intelligence Updates turned on.

 

 

Additionally, the package can be downloaded from the Microsoft Defender for IoT portal, under Updates:

 
 arielsgv_1-1644784030089.png

 

 

 

 

 

 

To update a package on a single sensor:

  1. Go to the Microsoft Defender for IoT Updates page.
  2. Download and save the Threat Intelligence package.
  3. Sign into the sensor console.
  4. On the side menu, select System Settings.
  5. Select Threat Intelligence Data, and then select Update.
  6. Upload the new package.

To update a package on multiple sensors simultaneously:

  1. Go to the Microsoft Defender for IoT Updates page.
  2. Download and save the Threat Intelligence package.
  3. Sign into the management console.
  4. On the side menu, select System Settings.
  5. In the Sensor Engine Configuration section, select the sensors that should receive the updated packages.
  6. In the Select Threat Intelligence Data section, select the plus sign (+).
  7. Upload the package.

For more information, please review Update threat intelligence data | Microsoft Docs

2 Replies
@arielsgv
Can we get an email alert to have notification received whenever a new TI is updated
Hi @Harris_Faizan,
Please "Subscribe" to this hub in order to get notifications for new threat intelligence updates. Notifications can be configured to be sent by email from the settings page.