...
Cybersecurity firm Resecurity® claimed it had alerted Citrix to the attack as early as December 28, 2018, and that “threat actors leveraged a combination of tools, techniques and procedures (TTPs) allowing them to conduct a targeted network intrusion to access at least 6 terabytes of sensitive data stored in the Citrix enterprise network, including e-mail correspondence, files in network shares and other services used for project management and procurement.” They also called out the Iranian-backed IRIDIUM hacker group as the culprit.
While the breach is still under investigation and the full extent of the damage yet unknown, Citrix customers should be very concerned. Beyond customer records that may have been lost, attackers may have been able to get access to the source code of products like Netscaler Gateway (AKA Citrix Access Gateway), Logmein, and other highly sensitive products that may uncover a backdoor into Citrix customers’ networks. For those of us that remember, the attack against Lockheed Martin back in 2011 was made possible after security vendor RSA Security was breached, exposing the secrets that went into its SecurID authentication token that Lockheed used to protect its networks... Please continue the article at the source
