Unauthorized access to the Potsdam administration’s servers was noticed on Tuesday and their Internet connection was shut down on Wednesday evening to prevent data exfiltration. Emergency services including the city’s fire department fully operational and payments are not affected. Unpatched Citrix servers are being used as initial points of access to ransomware victims’ networks. Citrix is expected to patch the last supported firmware version later today with the release of a permanent fix for version 10.5.5. The attack was a “very tactical preliminary update
Source: security