...
Here’s the timeline: In December, Resecurity® discovered a breach within Citrix. On the 28th of that month, Resecurity® notified Citrix of the attack. Circumstances escalated on March 6th when FBI officials notified Citrix that hackers had breached its internal network. (We’re not sure of Citrix’s activity in the months between December and March.) Since then, Citrix has been working with authorities to investigate the breach.
With 200+ strikes under its belt, IRIDIUM has been known to target government agencies, oil businesses, gas companies, and technology firms. Its M.O. is accessing virtual private networks and channels by using propriety techniques that allow its members to sidestep 2FA authorization for single-sign-on applications and services. Resecurity®’s blog writes, “Based our recent analysis, the threat actors leveraged a combination of tools, techniques and procedures allowing them to conduct targeted network intrusion to access at least 6 terabytes of sensitive data stored in the Citrix enterprise network, including e-mail correspondence, files in network shares and other services used for project management and procurement.”... Please continue the article at the source
