{"id":2709,"date":"2022-08-12T10:59:00","date_gmt":"2022-08-12T07:59:00","guid":{"rendered":"https:\/\/rockvell.com\/?p=2709"},"modified":"2022-08-12T10:59:02","modified_gmt":"2022-08-12T07:59:02","slug":"simali-koreyadan-olan-kiberqrup-dunya-uzr%c9%99-sirk%c9%99tl%c9%99r%c9%99-hucum-edir","status":"publish","type":"post","link":"https:\/\/rockvell.com\/?p=2709","title":{"rendered":"\u015eimali Koreyadan olan kiberqrup d\u00fcnya \u00fczr\u0259 \u015firk\u0259tl\u0259r\u0259 h\u00fccum edir"},"content":{"rendered":"\n<p>Kaspersky m\u00fct\u0259x\u0259ssisl\u0259ri \u015eimali Koreyan\u0131n \u201cLazarus\u201d qrupuna daxil olan \u201cAndariel\u201d kiberqrupunun yeni h\u00fccumlar\u0131n\u0131 a\u015fkar edibl\u0259r. Onlar tan\u0131nm\u0131\u015f DTrack proqram t\u0259minat\u0131n\u0131n modifikasiyalar\u0131ndan, el\u0259c\u0259 d\u0259 yeni fidy\u0259 proqram\u0131 \u201cMaui\u201d-d\u0259n istifad\u0259 edirl\u0259r. H\u0259d\u0259fl\u0259r aras\u0131nda AB\u015e, Yaponiya, Hindistan, Vyetnam v\u0259 Rusiyadak\u0131 b\u00f6y\u00fck t\u0259\u015fkilatlar yer al\u0131b. \u201cAndariel\u201d he\u00e7 bir x\u00fcsusi \u015firk\u0259t\u0259 diqq\u0259t yetirmir, t\u0259cav\u00fczkarlar \u00fc\u00e7\u00fcn \u0259sas h\u0259d\u0259f h\u0259d\u0259f t\u0259\u015fkilat\u0131n g\u00fccl\u00fc maliyy\u0259 v\u0259ziyy\u0259tidir.<\/p>\n\n\n\n<p>Qrup on ild\u0259n \u00e7oxdur ki, f\u0259aliyy\u0259t g\u00f6st\u0259rir v\u0259 2022-ci ild\u0259 z\u0259r\u0259rli proqram arsenal\u0131n\u0131 v\u0259 h\u00fccum co\u011frafiyas\u0131n\u0131 geni\u015fl\u0259ndirm\u0259y\u0259 davam etm\u0259kd\u0259dir. AB\u015e-\u0131n Kibert\u0259hl\u00fck\u0259sizlik v\u0259 \u0130nfrastrukturun M\u00fchafiz\u0259si Agentliyinin iyul <a href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/aa22-187a\">hesabat\u0131nda<\/a> \u201cAndariel\u201d-in \u201cMaui\u201d fidy\u0259 proqram\u0131 il\u0259 h\u00f6kum\u0259t v\u0259 s\u0259hiyy\u0259 t\u0259\u015fkilatlar\u0131na h\u00fccum etdiyi qeyd olunur.<\/p>\n\n\n\n<p><a href=\"https:\/\/www.kaspersky.ru\/enterprise-security\/cyber-attack-attribution-tool\">Kaspersky Threat Attribution Engine<\/a>-in m\u0259lumat\u0131na g\u00f6r\u0259 t\u0259cav\u00fczkarlar h\u0259m\u00e7inin \u201cLazarus\u201d qrupu t\u0259r\u0259find\u0259n yarad\u0131lm\u0131\u015f DTrack casus proqram\u0131ndan istifad\u0259 edir. Z\u0259r\u0259rli proqram qurbanlar\u0131n sisteml\u0259rin\u0259 v\u0259 sisteml\u0259rind\u0259n fayllar\u0131 y\u00fckl\u0259m\u0259k, d\u00fcym\u0259 toxunu\u015flar\u0131n\u0131 qeyd etm\u0259k v\u0259 z\u0259r\u0259rli uzaqdan idar\u0259etm\u0259 al\u0259tin\u0259 (RAT) xas olan dig\u0259r h\u0259r\u0259k\u0259tl\u0259ri yerin\u0259 yetirm\u0259k \u00fc\u00e7\u00fcn istifad\u0259 olunur. DTrack Windows \u0259mrl\u0259ri vasit\u0259sil\u0259 sistem v\u0259 brauzer tarix\u00e7\u0259si haqq\u0131nda m\u0259lumatlar\u0131n\u0131 toplay\u0131r. T\u0259cav\u00fczkarlar h\u00fccuma ba\u015flamazdan \u0259vv\u0259l bir ne\u00e7\u0259 ay se\u00e7ilmi\u015f h\u0259d\u0259fin \u015f\u0259b\u0259k\u0259sind\u0259 qala bil\u0259rl\u0259r.<\/p>\n\n\n\n<p>Kaspersky ekspertl\u0259rinin m\u00fc\u015fahid\u0259l\u0259rin\u0259 g\u00f6r\u0259, \u201cMaui\u201d fidy\u0259 proqram\u0131 DTrack z\u0259r\u0259rli proqram t\u0259minat\u0131n\u0131n korporativ \u015f\u0259b\u0259k\u0259y\u0259 daxil edilm\u0259sind\u0259n sonra i\u015f\u0259 sal\u0131n\u0131b v\u0259 ilk n\u00f6vb\u0259d\u0259 AB\u015e v\u0259 Yaponiya \u015firk\u0259tl\u0259rini h\u0259d\u0259f alan h\u00fccumlarda istifad\u0259 edilib.<\/p>\n\n\n\n<p>\u201cBiz ill\u0259rdir ki \u201cAndariel\u201d-i izl\u0259yirik v\u0259 g\u00f6r\u00fcr\u00fck ki, onlar\u0131n h\u00fccumlar\u0131 daim d\u0259yi\u015fir v\u0259 m\u00fcr\u0259kk\u0259bl\u0259\u015fir. Qrupun b\u00fct\u00fcn d\u00fcnyada fidy\u0259 proqramlar\u0131 yaymas\u0131na diqq\u0259t yetirm\u0259k laz\u0131md\u0131r. Bu, pulun h\u0259l\u0259 d\u0259 bu qrup \u00fc\u00e7\u00fcn motivasiya m\u0259nb\u0259yi oldu\u011funu t\u0259sdiql\u0259yir\u201d, &#8211; dey\u0259 Kaspersky-nin Rusiya t\u0259dqiqat m\u0259rk\u0259zinin r\u0259hb\u0259ri Mariya Namestnikova bildirir.<\/p>\n\n\n\n<p>Biznesl\u0259ri fidy\u0259 proqram\u0131 h\u00fccumlar\u0131ndan qorumaq \u00fc\u00e7\u00fcn Kaspersky \u015firk\u0259tl\u0259r\u0259 a\u015fa\u011f\u0131dak\u0131 vacib t\u0259dbirl\u0259ri xat\u0131rlad\u0131r:<\/p>\n\n\n\n<ul><li>ictimai \u015f\u0259b\u0259k\u0259l\u0259rd\u0259n uzaq i\u015f masas\u0131 xidm\u0259tl\u0259rin\u0259 (m\u0259s\u0259l\u0259n, RDP) qo\u015fulmalar\u0131n qar\u015f\u0131s\u0131n\u0131 al\u0131n, h\u0259min xidm\u0259tl\u0259r \u00fc\u00e7\u00fcn g\u00fccl\u00fc \u015fifr\u0259l\u0259rd\u0259n istifad\u0259 etm\u0259k \u00fc\u00e7\u00fcn t\u0259hl\u00fck\u0259sizlik siyas\u0259tl\u0259rini konfiqurasiya edin;<\/li><li>\u015firk\u0259td\u0259 istifad\u0259 olunan kommersiya VPN h\u0259ll\u0259ri \u00fc\u00e7\u00fcn m\u00f6vcud yamaqlar\u0131 onlar d\u0259rc olunan kimi qura\u015fd\u0131r\u0131n;<\/li><li>fidy\u0259 proqramlar\u0131n\u0131n z\u0259iflikl\u0259rd\u0259n istifad\u0259 ed\u0259 bilm\u0259m\u0259si \u00fc\u00e7\u00fcn \u015firk\u0259td\u0259 istifad\u0259 olunan b\u00fct\u00fcn proqram t\u0259minatlar\u0131n\u0131 m\u00fct\u0259madi olaraq yenil\u0259yin;<\/li><li>m\u00fchafiz\u0259 strategiyas\u0131n\u0131 \u015f\u0259b\u0259k\u0259d\u0259ki h\u0259r\u0259k\u0259tl\u0259rin a\u015fkarlanmas\u0131 v\u0259 m\u0259lumatlar\u0131n internet\u0259 \u00f6t\u00fcr\u00fclm\u0259sin\u0259 y\u00f6n\u0259ldin; t\u0259cav\u00fczkarlar\u0131n ba\u011flant\u0131s\u0131n\u0131 m\u00fc\u0259yy\u0259n etm\u0259k \u00fc\u00e7\u00fcn \u00e7\u0131x\u0131\u015f trafikin\u0259 x\u00fcsusi diqq\u0259t yetirin;<\/li><li>m\u0259lumatlar\u0131n m\u00fct\u0259madi olaraq ehtiyat n\u00fcsx\u0259sini yarad\u0131n v\u0259 z\u0259ruri hallarda onlara tez daxil oluna bil\u0259c\u0259yind\u0259n \u0259min olun;<\/li><li>b\u00fct\u00fcn infrastrukturu ist\u0259nil\u0259n m\u00fcr\u0259kk\u0259blikd\u0259 olan kiberh\u00fccumlardan qorumaq \u00fc\u00e7\u00fcn <a href=\"https:\/\/www.kaspersky.ru\/enterprise-security\/symphony\">Kaspersky Symphony XDR<\/a> kimi h\u0259rt\u0259r\u0259fli h\u0259ll\u0259rd\u0259n istifad\u0259 edin: bu platforma dig\u0259r \u015feyl\u0259rl\u0259 yana\u015f\u0131, h\u00fccumlar\u0131 ilkin m\u0259rh\u0259l\u0259d\u0259, t\u0259cav\u00fczkarlar \u00f6z h\u0259d\u0259fl\u0259rin\u0259 \u00e7atmazdan \u0259vv\u0259l tan\u0131ma\u011fa v\u0259 dayand\u0131rma\u011fa k\u00f6m\u0259k ed\u0259c\u0259k a\u015fkarlama v\u0259 reaksiya sisteml\u0259rini \u0259hat\u0259 edir;<\/li><li>i\u015f\u00e7il\u0259r\u0259 kibert\u0259hl\u00fck\u0259sizlik qaydalar\u0131 \u00fczr\u0259 t\u0259lim ke\u00e7in, m\u0259s\u0259l\u0259n, <a href=\"https:\/\/www.kaspersky.ru\/small-to-medium-business-security\/security-awareness-platform\" target=\"_blank\" rel=\"noreferrer noopener\">Kaspersky Automated Security Awareness Platform<\/a> bu i\u015fd\u0259 siz\u0259 k\u00f6m\u0259k ed\u0259 bil\u0259r;<\/li><li>eksploytlar\u0131n qar\u015f\u0131s\u0131n\u0131n al\u0131nmas\u0131 funksiyas\u0131, davran\u0131\u015f a\u015fkarlanmas\u0131 modulu v\u0259 z\u0259r\u0259rli h\u0259r\u0259k\u0259tl\u0259ri dayand\u0131rmaq imkan\u0131n\u0131 \u00f6z\u00fcnd\u0259 birl\u0259\u015fdir\u0259n <a href=\"https:\/\/www.kaspersky.ru\/small-to-medium-business-security\/endpoint-select\">biznes \u00fc\u00e7\u00fcn Kaspersky Endpoint Security<\/a> kimi etibarl\u0131 t\u0259hl\u00fck\u0259sizlik h\u0259llind\u0259n istifad\u0259 edin. H\u0259ll, h\u0259m\u00e7inin, onun t\u0259cav\u00fczkarlar t\u0259r\u0259find\u0259n silinm\u0259si ehtimal\u0131n\u0131 aradan qald\u0131rma\u011fa imkan ver\u0259n \u00f6z\u00fcn\u00fcm\u00fcdafi\u0259 mexanizml\u0259rin\u0259 mailkdir;<\/li><\/ul>\n\n\n\n<p>SOC m\u0259rk\u0259zi m\u00fct\u0259x\u0259ssisl\u0259rin\u0259 Kaspersky-nin 25 illik f\u0259aliyy\u0259ti \u0259rzind\u0259 toplanm\u0131\u015f kiberh\u00fccumlar haqq\u0131nda m\u0259lumatlar\u0131 ehtiva ed\u0259n <a href=\"https:\/\/www.kaspersky.ru\/enterprise-security\/threat-intelligence\">Kaspersky Threat Intelligence Portal<\/a> kimi \u0259n yeni t\u0259hl\u00fck\u0259 m\u0259lumatlar\u0131na \u00e7\u0131x\u0131\u015f t\u0259min edin. \u018fsas funksiyalara pulsuz giri\u015f <a href=\"https:\/\/opentip.kaspersky.com\/\">https:\/\/opentip.kaspersky.com\/<\/a> sayt\u0131nda m\u00f6vcuddur.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kaspersky m\u00fct\u0259x\u0259ssisl\u0259ri \u015eimali Koreyan\u0131n \u201cLazarus\u201d qrupuna daxil olan \u201cAndariel\u201d kiberqrupunun yeni h\u00fccumlar\u0131n\u0131 a\u015fkar edibl\u0259r. Onlar tan\u0131nm\u0131\u015f DTrack proqram t\u0259minat\u0131n\u0131n modifikasiyalar\u0131ndan, el\u0259c\u0259 d\u0259 yeni fidy\u0259 proqram\u0131 \u201cMaui\u201d-d\u0259n istifad\u0259 edirl\u0259r. H\u0259d\u0259fl\u0259r aras\u0131nda AB\u015e, Yaponiya, Hindistan, Vyetnam v\u0259&#8230;<\/p>\n","protected":false},"author":2,"featured_media":2199,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/posts\/2709"}],"collection":[{"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2709"}],"version-history":[{"count":1,"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/posts\/2709\/revisions"}],"predecessor-version":[{"id":2710,"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/posts\/2709\/revisions\/2710"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=\/wp\/v2\/media\/2199"}],"wp:attachment":[{"href":"https:\/\/rockvell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2709"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2709"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/rockvell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2709"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}