Citrix Confirms Password-Spraying Heist of Reams of Internal IP

From threatpost.com

citrix password praying attack

Security experts say the attack stemmed from weak cybersecurity controls.

Digital workspace and enterprise networks vendor Citrix has concluded its investigation into a 6TB data heist in March, which it said was the work of international cybercriminals who exploited weak passwords on an internal network.

The attackers intermittently accessed Citrix’ infrastrucure between October 13, 2018 and March 8, 2019, the company said in an update on its website. They “principally stole business documents and files from a company shared network drive that has been used to store current and historical business documents, as well as a drive associated with a web-based tool used in our consulting practice,” according to the notice.

There’s no indication that Citrix products or services were compromised, it added, though a small number of customers may have been impacted; that part of the investigation is still ongoing, it said.

Read more…