Galaxy updated

2017-12-14 18:08:12 +01:00 · 2017-12-14 18:08:12 +01:00 · 3324d4c980
parent 1a3f8d0a70
commit 3324d4c980
2 changed files with 3032 additions and 2753 deletions
--- a/galaxy.html
+++ b/galaxy.html
@ -55837,12 +55837,34 @@ The initial version of this threat was loaded via an include call for the wp-vcd
 </tbody>
 </table>
 </div>
+<div class="sect2">
+<h3 id="_triton"><a class="anchor" href="#_triton"></a><a class="link" href="#_triton">TRITON</a></h3>
+<div class="literalblock">
+<div class="content">
+<pre>This malware, which we call TRITON, is an attack framework built to interact with Triconex Safety Instrumented System (SIS) controllers. We have not attributed the incident to a threat actor, though we believe the activity is consistent with a nation state preparing for an attack.  TRITON is one of a limited number of publicly identified malicious software families targeted at industrial control systems (ICS). It follows Stuxnet which was used against Iran in 2010 and Industroyer which we believe was deployed by Sandworm Team against Ukraine in 2016.</pre>
+</div>
+</div>
+<table class="tableblock frame-all grid-all spread">
+<caption class="title">Table 1969. Table References</caption>
+<colgroup>
+<col style="width: 100%;">
+</colgroup>
+<tbody>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock">Links</p></td>
+</tr>
+<tr>
+<td class="tableblock halign-left valign-top"><p class="tableblock"><a href="https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html">https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html</a></p></td>
+</tr>
+</tbody>
+</table>
+</div>
 </div>
 </div>
 </div>
 <div id="footer">
 <div id="footer-text">
-Last updated 2017-12-14 15:30:25 CET
+Last updated 2017-12-14 18:07:14 CET
 </div>
 </div>
 </body>
--- a/galaxy.pdf
+++ b/galaxy.pdf