Rply for inital post

profileuser504
PPT.pptx

Citrix Brute Force Spray Attack

CITRIX - Introduction

Citrix Systems is a leading global computer solutions company.

Citrix average annual sales growth of more than 20 percent over the last five years, revenues exceeded $US1.4bn.

98% of top 500 companies around the globe are citrix’s clients.

Citrix competitors and collaborators such as Microsoft have recognized the vast potential of this technology.

References

Weinstein, A. (2011). Segmenting technology markets: Applying the nested approach. Marketing Intelligence & Planning, 29(7), 672-686.  doi:http://dx.doi.org/10.1108/02634501111178695.

https://www.citrix.com/about/legal/brand-guidelines.html

Products of Citrix

Digital workspace

 Citrix workspace

Citrix Virtual apps and desktops

Citrix Content Collaboration

 Citrix Endpoint Management

 Citrix Managed desktops

Citrix Hypervisor

 Sharefile

References

Weinstein, A. (2011). Segmenting technology markets: Applying the nested approach. Marketing Intelligence & Planning, 29(7), 672-686. doi:http://dx.doi.org/10.1108/02634501111178695

Brute Force Attack

Brute force is a trial and error method used to decode encrypted data such as password or data Encryption Standard (DES) keys.

Brute force cracking application proceeds through all possible combinations of legal characters in sequence using a computer program.

Brute force is considered to be an infallible, although time-consuming, approach.

Reference

Petters, J. (2018, October 16). What is Brute Force Attack. Retrieved October 26, 2019, from https://www.varonis.com/blog/brute-force-attack/

Spraying Attack

The origin of the attack.

What is the attack about ?

Brute Force Attack v/s Password Spray Attack.

How does Password Spraying Attack the Target.

Preventing Password Spraying Attack.

Reference: Mitropoulos, D., Karakoidas, V., Louridas, P., & Spinellis, D. (2011). Countering code injection attacks: A unified approach. Information Management & Computer Security, 19(3), 177-194. doi:http://dx.doi.org/10.1108/09685221111153555

Counter Measures taken by Citrix

Hired cybersecurity professional

Global password reset

Improved internal password management

Strengthened password protocols

Improved firewall

Eliminated internal access to non-essential web-based services

Cybersecurity committee

Additional Counter Measures Proposed by Team3

Two factor authentication

Monitoring log information

Monitoring network traffic

Monitoring large number of failed attempts

Regular security training

Refresher training

Reference

Loshin, P. (2019, April 1). What is a password spraying attack and how does it work? Retrieved October 26, 2019, from https://searchsecurity.techtarget.com/answer/What-is-a-password-spraying-attack-and-how-does-it-work

Reference: Cyber Security. (2014, February 14). Retrieved October 26, 2019, from https://cipher.com/blog/a-quick-nist-cybersecurity-framework-summary/

8

Reference: Best Practices for Enterprise Security. (2016, March 3). Retrieved October 26, 2019, from Cyber Security. (2014, February 14). Retrieved October 26, 2019, from https://cipher.com/blog/a-quick-nist-cybersecurity-framework-summary/.

Conclusion

New Brute Force

Failure of Citrix Policies vs IRIDIUM

Multi Factor Authentication

Password Renewal Restrictions

EID , Password(username) and Password

Cloud Architecture vs Customers

Thank You…