Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

5/15/2020
02:55 PM
100%
0%

Microsoft Open Sources Its Coronavirus Threat Data

Microsoft's COVID-19 intelligence will be made publicly available to help businesses fight virus-related security threats.

Microsoft has begun to open source its COVID-19 threat intelligence feeds to help organizations better protect themselves from coronavirus-related cybersecurity threats. Since the pandemic began, businesses have seen a spike in attacks as more employees transition into home offices.

The company collects threat data by processing trillions of signals each day across identities, cloud, endpoints, applications, and email, which enables visibility into COVID-19 attacks, its threat intelligence team states in a blog post. Now Microsoft is making these indicators of compromise available via Azure Sentinel GitHub and the Microsoft Graph Security API. For enterprises that use MISP for storing threat data, indicators can be consumed via the MISP feed. 

This decision will bring Microsoft's threat data to the broader security community so security pros can learn how attackers' techniques are changing, how to spot malicious activity, and how they can enable custom threat hunting. Microsoft Threat Protection customers are already protected against these threats via Microsoft Defender ATP and email with Office 365 ATP. 

Microsoft says this is a time-limited feed that will be maintained through the peak of the outbreak so businesses can focus on recovery.

Read more details in the full post here.

 
 
Learn from industry experts in a setting that is conducive to interaction and conversation about how to prepare for that "really  bad day" in cybersecurity. Click for more information and to register
Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/3/2020
Stay-at-Home Orders Coincide With Massive DNS Surge
Robert Lemos, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4035
PUBLISHED: 2020-06-03
In WatermelonDB (NPM package "@nozbe/watermelondb") before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and cause the app to delete all or selected records from the database, generally causing the app to...
CVE-2020-13783
PUBLISHED: 2020-06-03
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information.
CVE-2020-13784
PUBLISHED: 2020-06-03
D-Link DIR-865L Ax 1.20B01 Beta devices have a predictable seed in a Pseudo-Random Number Generator.
CVE-2020-13785
PUBLISHED: 2020-06-03
D-Link DIR-865L Ax 1.20B01 Beta devices have Inadequate Encryption Strength.
CVE-2020-13786
PUBLISHED: 2020-06-03
D-Link DIR-865L Ax 1.20B01 Beta devices allow CSRF.