Triton – WindowsTechs.com

PyTorch: Machine Learning toolkit pwned from Christmas to New Year

Posted on January 1, 2023 by Paul Ducklin

The bad news: the crooks have your SSH private keys. The good news: only users of the “nightly” build were affected. Continue reading PyTorch: Machine Learning toolkit pwned from Christmas to New Year→

Actions Target Russian Govt. Botnet, Hydra Dark Market

Posted on April 7, 2022 by BrianKrebs

The U.S. Federal Bureau of Investigation (FBI) says it has disrupted a giant botnet built and operated by a Russian government intelligence unit known for launching destructive cyberattacks against energy infrastructure in the United States and Ukraine. Separately, law enforcement agencies in the U.S. and Germany moved to decapitate “Hydra,” a billion-dollar Russian darknet drug bazaar that also helped to launder the profits of multiple Russian ransomware groups. Continue reading Actions Target Russian Govt. Botnet, Hydra Dark Market→

Researchers find big flaw in a Schneider Electric ICS system popular in building systems, utilities

Posted on July 13, 2021 by Tonya Riley

A vulnerability in Schneider Electric computer control systems popular in heating, air conditioning and other building systems could allow hackers to take control of them, researchers at security firm Armis warn. The remote code execution vulnerability puts millions of devices at risk, Armis said in a report out Tuesday. The affected Modicon programmable logic controllers (PLCs) are also used widely in manufacturing, automation applications and energy utilities. The vulnerability could be used to deploy a variety of attacks, from launching ransomware to altering the commands to machinery. “It’s a very wide range,” said Ben Seri, vice president of research at Armis. “It does reach on one end nation-states and sophisticated attacks in that type of scale, but it can also just be the next logical steps for ransomware attackers.” The vulnerability would allow attackers to hijack a command that would leak a password hash from the device’s memory. Once they have […]

The post Researchers find big flaw in a Schneider Electric ICS system popular in building systems, utilities appeared first on CyberScoop.

Continue reading Researchers find big flaw in a Schneider Electric ICS system popular in building systems, utilities→

From Triton to Stuxnet: Preparing for OT Incident Response

Posted on November 12, 2020 by Lindsey O'Donnell

Lesley Carhart, with Dragos, gives Threatpost a behind-the-scenes look at how industrial companies are faring during the COVID-19 pandemic – and how they can prepare for future threats. Continue reading From Triton to Stuxnet: Preparing for OT Incident Response→

U.S. Levies Sanctions Against Russian Research Institution Linked to Triton Malware

Posted on October 23, 2020 by Tom Spring

The latest in a flurry of actions this week, tied to foreign threats against U.S. computer systems, includes sanctions by the Department of the Treasury. Continue reading U.S. Levies Sanctions Against Russian Research Institution Linked to Triton Malware→

US sanctions Russian government institution in connection with Trisis malware

Posted on October 23, 2020 by Tim Starks

The U.S. Treasury Department sanctioned a Russian government research institute on Friday that it said was connected to the strain of destructive malware frequently labeled the most dangerous in the world. Known as Trisis or Triton, the malicious software is designed to target systems used to safely control emergency shutdowns of industrial plants. Last year, security researchers at Dragos determined that the hackers behind the tool had scanned the networks of U.S. electrical utilities, after the malware initially surfaced in 2017 at a Saudi petrochemical plant. The sanctions mark the first time any government has publicly connected Trisis to Russia. “In recent years, the Triton malware has been deployed against U.S. partners in the Middle East, and the hackers behind the malware have been reportedly scanning and probing U.S. facilities,” Treasury said it its sanctions announcement. “The development and deployment of the Triton malware against our partners is particularly troubling given the Russian government’s involvement in malicious […]

The post US sanctions Russian government institution in connection with Trisis malware appeared first on CyberScoop.

Continue reading US sanctions Russian government institution in connection with Trisis malware→

Critical Bugs in Utilities VPNs Could Cause Physical Damage

Posted on July 29, 2020 by Tara Seals

Gear from Secomea, Moxa and HMS Networks are affected by remote code-execution flaws, researchers warn. Continue reading Critical Bugs in Utilities VPNs Could Cause Physical Damage→

ICS Attackers Set To Inflict More Damage With Evolving Tactics

Posted on October 31, 2019 by Elizabeth Montalbano

While it remains difficult to attack critical infrastructure successfully, adversaries aim to use past experience to launch more destructive future attacks, according to analysis. Continue reading ICS Attackers Set To Inflict More Damage With Evolving Tactics→

Black Hat: The Future of Securing Power Grid Intelligent Devices

Posted on August 8, 2019 by Alessandro Di Pinto

Today at Black Hat USA we’re presenting an innovative power grid cyber security solution that greatly improves monitoring of intelligent electronic devices (IEDs).
Using the IEC 62351 standard for monitoring industrial networks, we demonstrate h… Continue reading Black Hat: The Future of Securing Power Grid Intelligent Devices→

TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies

Posted on June 14, 2019 by Tara Seals

XENOTIME, a destructive APT linked to Russia, has broadened its target set beyond Middle East oil and gas. Continue reading TRISIS Group, Known for Physical Destruction, Targets U.S. Electric Companies→