Citrix confirmed incident was a password re-use attack.
Services like Citrix’s GoToMyPC provide front door access, but they’re not at fault.
The LinkedIn compromise has been linked to a number of confirmed incidents where data exfiltration has taken place. It’s possible these incidents are only the tip of the iceberg though, as many of the organizations compromised are service providers with access to customer networks.
On June 18, Citrix posted an alert warning of an incident that forced the company to reset all of their customer’s passwords. A day later, Citrix updated the alert and explained the problem.
To read the entire article, please click here.