Iridium: The FBI notified Citrix last week that they had been compromised by Iranian hackers roughly 10 years ago. Despite the fact that the Iranian hackers, who are believed to be part of the Iridium group, compromised Citrix’ systems nearly a decade ago, they do not appear to have made any attempts to exfiltrate data until late last year. The investigation is still in the early stages, but so far the methods employed by Iridium once inside Citrix’ network were sophisticated, even if their initial intrusion was not. The group gained their foothold into Citrix’ network through password spraying, which involves testing a large number of accounts with weak well-known passwords. It appears at this time that between six and ten terabytes of data were stolen, although that number could climb as the investigation continues. Citrix has stated that there are no indications that any of their products or services were compromised in any way during the intrusion
