Vulnerable SDK components lead to supply chain risks in IoT and OT environments

As vulnerabilities in network components, architecture files, and developer tools have become an increasingly popular attack vector to leverage access into secure networks and devices, Microsoft identified such a vulnerable component and found evidence of a supply chain risk that might affect millions of organizations and devices.
The post Vulnerable SDK components lead to supply chain risks in IoT and OT environments appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Microsoft contributes S2C2F to OpenSSF to improve supply chain security

We are pleased to announce that the S2C2F has been adopted by the OpenSSF under the Supply Chain Integrity Working Group and formed into its own Special Initiative Group. Our peers at the OpenSSF and across the globe agree with Microsoft when it comes to how fundamental this work is to improving supply chain security for everyone.
The post Microsoft contributes S2C2F to OpenSSF to improve supply chain security appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Securing your IoT with Edge Secured-core devices

To simplify your IoT security journey, today, we’re announcing the availability of Windows IoT Edge Secured-core devices available in the Azure Certified Device catalog from Lenovo, ASUS and AAEON, additionally we’re also announcing the availability of devices that meet the Microsoft sponsored Edge Compute Node protection profile which is governed with industry oversight, from Scalys and Eurotech. And learn more on Microsoft’s investments in MCU security.
The post Securing your IoT with Edge Secured-core devices appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure

The Microsoft Defender for IoT research team has recently discovered the exact method through which MikroTik devices are used in Trickbot’s C2 infrastructure. In this blog, we share the analysis of this method and provide insights on how attackers gain access and how they use compromised IoT devices in Trickbot attacks.
The post Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Secure your healthcare devices with Microsoft Defender for IoT and HCL’s CARE

Recently, Microsoft and global technology services firm HCL Technologies teamed up to help solve the security challenge with a high-performance solution for medical devices. The result is a new reference architecture and platform for building secure medical devices and services based on HCL’s CARE, Microsoft Defender for IoT and Azure IoT.
The post Secure your healthcare devices with Microsoft Defender for IoT and HCL’s CARE appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

New research shows IoT and OT innovation is critical to business but comes with significant risks

This year the need for much improved IoT and OT cybersecurity has become even more clear with the recent and now famous attacks. To better understand the challenges customers are facing, Microsoft partnered with the Ponemon Institute to produce empirical data to help us better understand the state of IoT and OT security from a customer’s perspective.
The post New research shows IoT and OT innovation is critical to business but comes with significant risks appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

How Microsoft Defender for IoT can secure your IoT devices

Cybersecurity threats are always evolving, and today we’re seeing a new wave of advanced attacks specifically targeting IoT devices used in enterprise environments as well as operational technology devices used in industrial systems and critical infrastructure.
The post How Microsoft Defender for IoT can secure your IoT devices appeared first on Microsoft Security Blog. READ MORE HERE…

Read more

Risks in Telecommunications IT Sr. Threat Researcher Sr. Threat Researcher Sr. Threat Researcher Manager, Threat Research

We summarize the characteristics, threats, and recommendations to improve the security posture of enterprises’ and telecommunications companies’ IT infrastructure. Read More HERE…

Read more