Suspected Iridium / APT39 . Brothers of SEA , Iranian Cyber Army ** Citrix Data Breach Update: IRIDIUM Threat Actor Update: On December 28, 2018 at 10:25 AM – Resecurity has reached out to Citrix and shared early warning notification about targeted attack and data breach. The incident has been identified as a part of a sophisticated cyberespionage campaign supported by nation-state due to strong targeting on government, military-industrial complex, energy companies, financial institutions and large enterprises involved in critical areas of economy. https://resecurity.com/blog/supply-chain-the-major-target-of-cyberespionage-groups/ https://otx.alienvault.com/pulse/5c6a9eebaab50764aa34ca81/