Nozomi Networks Labs Finds New Rockwell PLC Vulnerability

Nozomi Networks Labs Finds New Rockwell PLC Vulnerability

Today, the U.S. Department of Homeland Security issued ICS CERT Advisory (ICSA-19-120-01) concerning Rockwell Automation CompactLogix controllers.

Nozomi Networks responsibly disclosed the vulnerability to CISA and Rockwell Automation.

Read on to learn about our findings and gain a better understanding of the cyber risks of legacy devices.

New TRITON Analysis Tool: Wireshark Dissector for TriStation Protocol

New TRITON Analysis Tool: Wireshark Dissector for TriStation Protocol

In 2017, TRITON malware was used to attack a gas facility, directly interacting with its Safety Instrumented System (SIS). Given the significance of this attack, Nozomi Networks conducted research to better understand how TRITON works.

Today we released a Wireshark dissector for the TriStation protocol on GitHub to help the ICS community understand SIS communications. Our complete TRITON analysis will be presented at Black Hat USA 2018.