ICS Security
42 TopicsLatest Threat Intelligence (December 2024)
Microsoft Defender for IoT has released the December 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 1a4f92389b5014d34e46cb655b96f047 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.48Views0likes0CommentsLatest Threat Intelligence (November 2024)
Microsoft Defender for IoT has released the November 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 9ca38769e04c3eade790c1f317cb9ed4 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.85Views1like0CommentsLatest Threat Intelligence (October 2024)
Latest Threat Intelligence (October 2024) Microsoft Defender for IoT has released the October 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 0e92a7718f9f6b78738c8a6ee6c7ba89 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.164Views1like0CommentsLatest Threat Intelligence (September 2024)
Microsoft Defender for IoT has released the September 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 1f2ebc6fe76113338b3dc11bbe1d288d For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.302Views1like0CommentsLatest Threat Intelligence (August 2024)
Microsoft Defender for IoT has released the August 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 1b0b3742c28c70692504dcf88d63d54c For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.388Views1like0CommentsLatest Threat Intelligence (July 2024)
Latest Threat Intelligence (July 2024) Microsoft Defender for IoT has released the July 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 323c19d85bc31e035d9154643b99a69c For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.667Views1like0CommentsLatest Threat Intelligence (May 2024)
Microsoft Defender for IoT has released the May 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 5eec8bb9ccc842a2447ad1ee60232208 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.618Views1like0CommentsIntroducing Single Sign-On (SSO) for Sensor Console: Enhanced Security and Streamlined Access
We’re thrilled to announce the release of Single Sign-On (SSO) for the Defender for IoT Sensor Console! This powerful feature simplifies the login process, enhances security, and provides a seamless experience for all users. Let’s dive into the details: What’s New? Simplified Access With SSO, users can log in once and gain access to the sensor console without the hassle of re-entering credentials. Say goodbye to multiple users and passwoards and enjoy a frictionless experience. Enhanced Security Leverage the robust security features of SSO. By using Microsoft Entra ID, your organization ensures consistent access controls across different sensors and sites. SSO simplifies onboarding and offboarding processes, reduces administrative overhead, and strengthens security. Getting Started Ready to set up SSO for your sensor console? Follow these step-by-step guide, visit our documentation: Set up single sign-on for Microsoft Defender for IoT sensor console. Learn More What's new in Microsoft Defender for IoT? Get ready to experience enhanced security and seamless access with SSO for the Sensor Console. If you have any questions, feel free to reach out!368Views0likes0CommentsMaximizing Cloud Connectivity Visibility
Overview Defender for IoT help you protect your operational technology (OT) network from cyber threats. By using network sensors to monitor your network, you gain real-time insight into your OT devices and are notified if suspicious or malicious events occur. The Defender for IoT cloud management is designed to augment your on-premises processing power while providing a source of centralized management for global security teams, raising the bar for OT defense. By connecting your OT sensors to the Azure portal, you can get: Holistic Insights: The Defender for IoT Azure portal becomes your watchtower, offering full visibility of your entire OT network. Health and security metrics converge in one place. Real-Time Empowerment: Updates and alerts arrive in real time for one place from all your sites around the world. Learn more- connecting your sensor to the cloud. Connecting your OT sensors to the cloud is not always straightforward. There are many factors that can affect the connectivity of your OT sensors, such as network configuration, proxy settings, DNS servers, or SSL certificates. If any of these factors are not configured correctly, your OT sensors may not be able to communicate with the cloud. This can result in missing or delayed alerts and cause reduced visibility and control over your OT network. To help you troubleshoot OT sensor connectivity issues, we have introduced a new capability in version 23.1.3 of the OT sensor software. It allows you to check the status of your sensor’s connection to the cloud and identify any errors or issues that may prevent it from communicating with the cloud. Ultimately, you received detailed steps to resolve this issue. This tool will help you- Streamlining troubleshooting Reducing resolution time Enhancing identification of connectivity issues In this blog post, we will show you how to use the Cloud connectivity troubleshooting tool which can help you identify the root cause and provide you with a step-by-step explanation to fix some common connectivity issues that you may encounter. How to Troubleshoot Sensor Connectivity Issues? As an IoT/ OT Security project manager working for a manufacturing company. You are responsible for maintaining the OT network security and ensuring that your OT sensors are connected to the cloud. One day, you notice that one of your sensors is not sending any data to the cloud. On the Site and Sensor page, you see that the sensor has disconnected health status - on the sensor's Overview page - As you wonder what is causing this connectivity issue, you contact the network team on site to investigate it. When it comes to finding a connectivity issue it’s complex and can take hours and days. Here is how the Cloud connectivity troubleshooting tool can help you in this scenario: Step 1- Access the Cloud connectivity troubleshooting page: From the sensor’s Overview page, select the Troubleshoot link in the error at the top of the page or Select System settings > Sensor management > Health and troubleshooting > Cloud connectivity troubleshooting Step 2- Identify the connectivity issue The Cloud connectivity troubleshooting pane opens on the right. If the sensor isn’t connected, a description of the issue and any mitigation instructions are listed. Step 3- Fix the connectivity issue The connectivity tool provides you with recommendations on how to fix your connectivity issues. In case you still can't fix the connectivity issue, please submit a support ticket and include the log files so the support engineer team can assist you as quickly as possible. Leran More What's new in Microsoft Defender for IoT? Connecting your sensor to the cloud357Views0likes0CommentsLatest Threat Intelligence (April 2024)
Microsoft Defender for IoT has released the April 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 58e727f2e7c5d004b27613bac3a49314 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.664Views1like0Comments