Recent Discussions
Latest Threat Intelligence (May 2025)
Microsoft Defender for IoT has released the May 2025 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: d24a971301003c37622f21b7e30a80cb For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.
Azure IoT Hub Defender Micro Agent on Yocto/STM32MP1 – No Defender Metrics in IoT Hub Portal
Hi all, I'm currently running the Azure IoT Defender Micro Agent on a Yocto-based image (STM32MP1), and although the logs suggest the agent is working and sending data, no Defender metrics are visible in the Azure IoT Hub portal under Defender Metrics. Setup Details: Platform: STM32MP1 with Yocto Linux Transport: AMQP IoT Hub connection: Successful Cloud messages: send_confirm_callback success and device twin updates with result 200 Collectors enabled: SBoM, NetworkActivity, Heartbeat, LogCollector, Process, FileSystem, Peripheral, Baseline, etc. Observations: Logs show telemetry batching with message sizes up to 101KB. Agent attempts to read common paths like /etc/crontab fail with errno=[2] (file not found), which is expected given it's an embedded system. Repeated logs like Failed to stat() on=/proc/[pid]/cmdline, not sure if it's a blocker. Main Issue: Even though the agent appears to be collecting data and successfully sending messages, the Defender Metrics tab in the IoT Hub Portal remains empty, making it hard to verify if Defender is actively evaluating device risk or just accepting telemetry blindly. Questions: Does IoT Hub Defender require a full Linux environment with tools like dmidecode, /boot/grub/grub.cfg, or cron directories to process and display metrics? Are there any known limitations with Yocto-based minimal images that prevent Defender metrics from showing in the IoT Hub portal? Is there a way to validate if metrics are actually reaching and being processed by the Defender backend beyond the send_confirm_callback log? Any insights or guidance would be greatly appreciated. Thanks in advance!Latest Threat Intelligence (April 2025)
Microsoft Defender for IoT has released the April 2025 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 0a36607c37220a634f614de8bf7a0528 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (March 2025)
Microsoft Defender for IoT has released the March 2025 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 3b0522536f51a13701f172a5d2c435d5 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (January 2024)
Microsoft Defender for IoT has released the January 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 462230b55b930c63177530d4b8f69c0a For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (February 2025)
Microsoft Defender for IoT has released the February 2025 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 5b052ee069d62916b55fc0aa24e47114 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (December 2024)
Microsoft Defender for IoT has released the December 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 1a4f92389b5014d34e46cb655b96f047 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (November 2024)
Microsoft Defender for IoT has released the November 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 9ca38769e04c3eade790c1f317cb9ed4 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (October 2024)
Latest Threat Intelligence (October 2024) Microsoft Defender for IoT has released the October 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 0e92a7718f9f6b78738c8a6ee6c7ba89 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (September 2024)
Microsoft Defender for IoT has released the September 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 1f2ebc6fe76113338b3dc11bbe1d288d For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (August 2024)
Microsoft Defender for IoT has released the August 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 1b0b3742c28c70692504dcf88d63d54c For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (July 2024)
Latest Threat Intelligence (July 2024) Microsoft Defender for IoT has released the July 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 323c19d85bc31e035d9154643b99a69c For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.
Defender for IoT and ServiceNow integration for real-time alerts
Hi, I know that ServiceNow & MS were working together to send the alerts natively and in real-time from Defender or IoT to ServiceNow application. Howver, in the documentation: Integrate ServiceNow with Microsoft Defender for IoT - Microsoft Defender for IoT | Microsoft Learn , I cannot see it is really possible. They mention Operational Technology Manager application is required (quite expensive) from ServiceNow. But today can we send native alerts from Defender for IoT directly to ServiceNow without any application like OTM? Thanks for feedback.Latest Threat Intelligence (June 2024)
Microsoft Defender for IoT has released the June 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: dcdd8a2d48f81aa4df4af4c9a14652d0 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.Latest Threat Intelligence (May 2024)
Microsoft Defender for IoT has released the May 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 5eec8bb9ccc842a2447ad1ee60232208 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.New Blog | Introducing Single Sign-On (SSO) for Sensor Console: Enhanced Security and Streamlined Ac
By Belle Kriger We are excited to announce the release of Single Sign-On (SSO) for the Defender for IoT Sensor Console! This powerful feature simplifies the login process, enhances security, and provides a seamless experience for all users. Let’s dive into the details: What’s New? SSO Support on the sensor console With SSO, users can log in once and gain access to the sensor console without the hassle of re-entering credentials. Figure 1: Defender for IoT login page Read the full post here: Introducing Single Sign-On (SSO) for Sensor Console: Enhanced Security and Streamlined Access
Introducing Single Sign-On (SSO) for Sensor Console: Enhanced Security and Streamlined Access
We’re thrilled to announce the release of Single Sign-On (SSO) for the Defender for IoT Sensor Console! This powerful feature simplifies the login process, enhances security, and provides a seamless experience for all users. Let’s dive into the details: What’s New? Simplified Access With SSO, users can log in once and gain access to the sensor console without the hassle of re-entering credentials. Say goodbye to multiple users and passwoards and enjoy a frictionless experience. Enhanced Security Leverage the robust security features of SSO. By using Microsoft Entra ID, your organization ensures consistent access controls across different sensors and sites. SSO simplifies onboarding and offboarding processes, reduces administrative overhead, and strengthens security. Getting Started Ready to set up SSO for your sensor console? Follow these step-by-step guide, visit our documentation: Set up single sign-on for Microsoft Defender for IoT sensor console. Learn More What's new in Microsoft Defender for IoT? Get ready to experience enhanced security and seamless access with SSO for the Sensor Console. If you have any questions, feel free to reach out!Maximizing Cloud Connectivity Visibility
Overview Defender for IoT help you protect your operational technology (OT) network from cyber threats. By using network sensors to monitor your network, you gain real-time insight into your OT devices and are notified if suspicious or malicious events occur. The Defender for IoT cloud management is designed to augment your on-premises processing power while providing a source of centralized management for global security teams, raising the bar for OT defense. By connecting your OT sensors to the Azure portal, you can get: Holistic Insights: The Defender for IoT Azure portal becomes your watchtower, offering full visibility of your entire OT network. Health and security metrics converge in one place. Real-Time Empowerment: Updates and alerts arrive in real time for one place from all your sites around the world. Learn more- connecting your sensor to the cloud. Connecting your OT sensors to the cloud is not always straightforward. There are many factors that can affect the connectivity of your OT sensors, such as network configuration, proxy settings, DNS servers, or SSL certificates. If any of these factors are not configured correctly, your OT sensors may not be able to communicate with the cloud. This can result in missing or delayed alerts and cause reduced visibility and control over your OT network. To help you troubleshoot OT sensor connectivity issues, we have introduced a new capability in version 23.1.3 of the OT sensor software. It allows you to check the status of your sensor’s connection to the cloud and identify any errors or issues that may prevent it from communicating with the cloud. Ultimately, you received detailed steps to resolve this issue. This tool will help you- Streamlining troubleshooting Reducing resolution time Enhancing identification of connectivity issues In this blog post, we will show you how to use the Cloud connectivity troubleshooting tool which can help you identify the root cause and provide you with a step-by-step explanation to fix some common connectivity issues that you may encounter. How to Troubleshoot Sensor Connectivity Issues? As an IoT/ OT Security project manager working for a manufacturing company. You are responsible for maintaining the OT network security and ensuring that your OT sensors are connected to the cloud. One day, you notice that one of your sensors is not sending any data to the cloud. On the Site and Sensor page, you see that the sensor has disconnected health status - on the sensor's Overview page - As you wonder what is causing this connectivity issue, you contact the network team on site to investigate it. When it comes to finding a connectivity issue it’s complex and can take hours and days. Here is how the Cloud connectivity troubleshooting tool can help you in this scenario: Step 1- Access the Cloud connectivity troubleshooting page: From the sensor’s Overview page, select the Troubleshoot link in the error at the top of the page or Select System settings > Sensor management > Health and troubleshooting > Cloud connectivity troubleshooting Step 2- Identify the connectivity issue The Cloud connectivity troubleshooting pane opens on the right. If the sensor isn’t connected, a description of the issue and any mitigation instructions are listed. Step 3- Fix the connectivity issue The connectivity tool provides you with recommendations on how to fix your connectivity issues. In case you still can't fix the connectivity issue, please submit a support ticket and include the log files so the support engineer team can assist you as quickly as possible. Leran More What's new in Microsoft Defender for IoT? Connecting your sensor to the cloudLatest Threat Intelligence (April 2024)
Microsoft Defender for IoT has released the April 2024 Threat Intelligence package. The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file). Threat Intelligence updates reflect the combined impact of proprietary research and threat intelligence carried out by Microsoft security teams. Each package contains the latest CVEs (Common Vulnerabilities and Exposures), IOCs (Indicators of Compromise), and other indicators applicable to IoT/ICS/OT networks (published during the past month) researched and implemented by Microsoft Threat Intelligence Research - CPS. The CVE scores are aligned with the National Vulnerability Database (NVD). Starting with the August 2023 threat intelligence updates, CVSSv3 scores are shown if they are relevant; otherwise the CVSSv2 scores are shown. Guidance Customers are recommended to update their systems with the latest TI package in order to detect potential exposure risks and vulnerabilities in their networks and on their devices. Threat Intelligence packages are updated every month with the most up-to-date security information available, ensuring that Microsoft Defender for IoT can identify malicious actors and behaviors on devices. Update your system with the latest TI package The package is available for download from the Microsoft Defender for IoT portal (click Updates, then Download file), for more information, please review Update threat intelligence data | Microsoft Docs. MD5 Hash: 58e727f2e7c5d004b27613bac3a49314 For cloud connected sensors, Microsoft Defender for IoT can automatically update new threat intelligence packages following their release, click here for more information.
Defender for IoT Sensor release 24.1.2
Currently version 24.1.2 is available to download and I notice that on the current version list https://learn.microsoft.com/en-us/azure/defender-for-iot/organizations/release-notes#versions-231x that v. 24.1.2 is not listed with the release date, scope, EOS date, or and version notes. The last version listed with information is 24.1.0. Can this be updated? I would especially like to know what enhancements were made and when support ends. Thanks, Tony USACE
Recent Blogs
- 1 MIN READWhat Does This Playbook Do? This new automated playbook sends real-time email notifications whenever a sensor disconnects from the cloud. This ensures you’re immediately alerted if there’s an issue...Mar 20, 2025
- 1 MIN READWe are excited to announce that Single Sign-On (SSO) is now available for the sensor console! This new feature streamlines the login process by using Entra ID, enhancing security and convenience for ...May 02, 2024
