The return of the Triton actor.
FireEye discovered another intrusion by the threat actor responsible for the Triton custom attack framework. This intrusion happened at an unnamed "critical infrastructure facility." The Triton malware is most notable for targeting safety systems in industrial environments. FireEye doesn't say whether this malware was seen in the latest attack, but they did observe the use of "new custom tool sets."
GossipGirl and connections among malware.
Chronicle, Alphabet's cybersecurity division, revealed the results of their investigation into Stuxnet, Duqu, and Flame—three strains of malware that have targeted industrial systems. Chronicle researchers believe the three strains are connected to a "supra threat actor" they're calling "GossipGirl."