Security News

Triton malware still a threat to energy sector, FBI warns
2022-03-28 12:30

The new FBI warning [PDF] came a day after the US Department of Justice unsealed a pair of indictments that detail alleged Russian government efforts to use supply chain attacks and malware in an attempt to compromise and control critical infrastructure. One of the two indictments involves Triton malware and its use in the 2017 attack.

From Triton to Stuxnet: Preparing for OT Incident Response
2020-11-12 14:00

LC: Trying to plug IT security on top of operations has caused the water to be bloodied for many years, often times there are very hostile relationships between the IT and the operational teams because IT security's been trying to force what we consider standard cyber security models on top of the OT systems, and it just doesn't work. So if you don't have basic incident response preparation done in either your IT or OT environment, you're going to see spending a lot more money when you have an incident to have it done by your consulting incident respondent, or even your on staff highly paid incident responders.

U.S. Treasury Sanctions Russian Institute Linked to Triton Malware
2020-10-26 11:07

The United States Department of the Treasury's Office of Foreign Assets Control has announced sanctions against a Russian government institute connected to the destructive Triton malware. Initially identified in 2017 on the systems of a Saudi Arabian oil and gas company and also referred to as Trisis and HatMan, Triton is known for the targeting of Schneider Electric's Triconex Safety Instrumented System controllers.

U.S. Levies Sanctions Against Russian Research Institution Linked to Triton Malware
2020-10-23 21:26

The latest in a flurry of actions this week, tied to foreign threats against U.S. computer systems, includes sanctions by the Department of the Treasury. The Trump administration sanctioned a Russia government research institution on Friday claiming it was behind a series of cyberattacks using the highly destructive Triton malware.

400G Triton cyber warfare simulation tool can replicate any attack
2019-08-22 09:16

Telesoft Technologies — a provider of cyber security technologies for high-density cyber environments, including network, government, and large organizations — has announced the release of Triton...

Hackers Behind 'Triton' Malware Target Electric Utilities in US, APAC
2019-06-14 11:43

Xenotime, the threat actor behind the 2017 Trisis/Triton malware attack, is now targeting — in addition to oil and gas organizations — electric utilities in the United States and the Asia-Pacific...

Examining Triton Attack Framework: Lessons Learned in Protecting Industrial Systems
2019-04-22 14:24

Recently, the infamous Triton (also known as Trisis) malware framework made news again after researchers from FireEye found evidence of the same attacker lurking in other critical infrastructure. read more

More on the Triton Malware
2019-04-16 11:10

FireEye is releasing much more information about the Triton malware that attacks critical infrastructure. It has been discovered in more places. This is also a good -- but older -- article on...

IE under fire, Triton goes under the microscope, and Norsk still reeling from ransomware attack
2019-04-13 12:23

Plus, Minnesota and North Carolina cities hit by hackers As April hits its stride, we saw a week of Wi-Fi bugs, Assange's public eviction and King's College warnings.…