Rply for inital post
Citrix Brute Force Spray Attack
CITRIX - Introduction
Citrix Systems is a leading global computer solutions company.
Citrix average annual sales growth of more than 20 percent over the last five years, revenues exceeded $US1.4bn.
98% of top 500 companies around the globe are citrix’s clients.
Citrix competitors and collaborators such as Microsoft have recognized the vast potential of this technology.
References
Weinstein, A. (2011). Segmenting technology markets: Applying the nested approach. Marketing Intelligence & Planning, 29(7), 672-686. doi:http://dx.doi.org/10.1108/02634501111178695.
https://www.citrix.com/about/legal/brand-guidelines.html
Products of Citrix
Digital workspace
Citrix workspace
Citrix Virtual apps and desktops
Citrix Content Collaboration
Citrix Endpoint Management
Citrix Managed desktops
Citrix Hypervisor
Sharefile
References
Weinstein, A. (2011). Segmenting technology markets: Applying the nested approach. Marketing Intelligence & Planning, 29(7), 672-686. doi:http://dx.doi.org/10.1108/02634501111178695
Brute Force Attack
Brute force is a trial and error method used to decode encrypted data such as password or data Encryption Standard (DES) keys.
Brute force cracking application proceeds through all possible combinations of legal characters in sequence using a computer program.
Brute force is considered to be an infallible, although time-consuming, approach.
Reference
Petters, J. (2018, October 16). What is Brute Force Attack. Retrieved October 26, 2019, from https://www.varonis.com/blog/brute-force-attack/
Spraying Attack
The origin of the attack.
What is the attack about ?
Brute Force Attack v/s Password Spray Attack.
How does Password Spraying Attack the Target.
Preventing Password Spraying Attack.
Reference: Mitropoulos, D., Karakoidas, V., Louridas, P., & Spinellis, D. (2011). Countering code injection attacks: A unified approach. Information Management & Computer Security, 19(3), 177-194. doi:http://dx.doi.org/10.1108/09685221111153555
Counter Measures taken by Citrix
Hired cybersecurity professional
Global password reset
Improved internal password management
Strengthened password protocols
Improved firewall
Eliminated internal access to non-essential web-based services
Cybersecurity committee
Additional Counter Measures Proposed by Team3
Two factor authentication
Monitoring log information
Monitoring network traffic
Monitoring large number of failed attempts
Regular security training
Refresher training
Reference
Loshin, P. (2019, April 1). What is a password spraying attack and how does it work? Retrieved October 26, 2019, from https://searchsecurity.techtarget.com/answer/What-is-a-password-spraying-attack-and-how-does-it-work
Reference: Cyber Security. (2014, February 14). Retrieved October 26, 2019, from https://cipher.com/blog/a-quick-nist-cybersecurity-framework-summary/
8
Reference: Best Practices for Enterprise Security. (2016, March 3). Retrieved October 26, 2019, from Cyber Security. (2014, February 14). Retrieved October 26, 2019, from https://cipher.com/blog/a-quick-nist-cybersecurity-framework-summary/.
Conclusion
New Brute Force
Failure of Citrix Policies vs IRIDIUM
Multi Factor Authentication
Password Renewal Restrictions
EID , Password(username) and Password
Cloud Architecture vs Customers
Thank You…