{"id":3258,"date":"2022-09-13T14:25:04","date_gmt":"2022-09-13T11:25:04","guid":{"rendered":"https:\/\/rockvell.com\/?p=3258"},"modified":"2022-09-13T14:25:05","modified_gmt":"2022-09-13T11:25:05","slug":"t%c9%99cavuzkarlar-sirk%c9%99t-s%c9%99b%c9%99k%c9%99l%c9%99rin%c9%99-%c9%99n-cox-%c9%99m%c9%99liyyat-sistemind%c9%99-aciq-qalmis-z%c9%99iflikl%c9%99r-vasit%c9%99sil%c9%99-nufuz-edirl%c9%99r","status":"publish","type":"post","link":"https:\/\/rockvell.com\/?p=3258","title":{"rendered":"T\u0259cav\u00fczkarlar \u015firk\u0259t \u015f\u0259b\u0259k\u0259l\u0259rin\u0259 \u0259n \u00e7ox \u0259m\u0259liyyat sistemind\u0259 a\u00e7\u0131q qalm\u0131\u015f z\u0259iflikl\u0259r vasit\u0259sil\u0259 n\u00fcfuz edirl\u0259r"},"content":{"rendered":"\n

T\u0259cav\u00fczkarlar \u015firk\u0259t \u015f\u0259b\u0259k\u0259l\u0259rin\u0259 \u0259n \u00e7ox \u0259m\u0259liyyat sistemind\u0259 a\u00e7\u0131q qalm\u0131\u015f z\u0259iflikl\u0259r vasit\u0259sil\u0259 n\u00fcfuz edirl\u0259r<\/strong><\/p>\n\n\n\n

2021-ci ild\u0259 Kaspersky t\u0259r\u0259find\u0259n ara\u015fd\u0131r\u0131lan hadis\u0259l\u0259rin yar\u0131dan \u00e7oxu (53,6%) z\u0259iflikl\u0259rin istismar\u0131 il\u0259 ba\u015flay\u0131b*. Bel\u0259 h\u00fccumlar\u0131n pay\u0131 2020-ci ild\u0259n b\u0259ri 20 faizd\u0259n \u00e7ox art\u0131b. Bu g\u00f6st\u0259rici \u00e7ox g\u00fcman ki, \u00f6t\u0259n il Microsoft Exchange Server-d\u0259 bir \u00e7ox bo\u015fluqlar\u0131n a\u015fkarlanmas\u0131ndan qaynaqlan\u0131r. Bu proqram t\u0259minat\u0131n\u0131n geni\u015f yay\u0131lmas\u0131 v\u0259 bu bo\u015fluqlardan istifad\u0259 \u00fc\u00e7\u00fcn eksploytlar\u0131n ictimaiyy\u0259t\u0259 a\u00e7\u0131q olmas\u0131 onlar\u0131n istismar\u0131n\u0131n m\u00fc\u015fahid\u0259 olundu\u011fu \u00e7oxlu sayda insidentl\u0259r\u0259 s\u0259b\u0259b olub.<\/p>\n\n\n\n

Z\u0259r\u0259rli kampaniya haz\u0131rlayark\u0259n, t\u0259cav\u00fczkarlar ilk n\u00f6vb\u0259d\u0259 asanl\u0131qla \u00e7ata bil\u0259c\u0259kl\u0259ri h\u0259d\u0259fl\u0259r axtar\u0131rlar. Bunlar, m\u0259s\u0259l\u0259n, bilin\u0259n z\u0259iflikl\u0259ri, z\u0259if \u015fifr\u0259l\u0259ri v\u0259 ya o\u011furlanm\u0131\u015f hesablar\u0131 olan ictimai serverl\u0259rdir. M\u0259hz bel\u0259 h\u00fccum vektorlar\u0131na g\u00f6r\u0259 y\u00fcks\u0259k d\u0259r\u0259c\u0259d\u0259 kritik hesab edil\u0259 bil\u0259c\u0259k hadis\u0259l\u0259rin say\u0131 ild\u0259n-il\u0259 art\u0131r<\/a>.<\/p>\n\n\n\n

Son \u00fc\u00e7 ild\u0259 \u015firk\u0259tl\u0259r \u00fc\u00e7\u00fcn \u0259n \u00e7ox rast g\u0259lin\u0259n problem fidy\u0259 proqramlar\u0131 olub. M\u0259hz 2021-ci ild\u0259 onlar\u0131n \u015fifr\u0259l\u0259m\u0259si il\u0259 m\u0259lumatlara giri\u015fin itirilm\u0259si n\u0259tic\u0259sind\u0259 Kaspersky-nin \u0130nsidentl\u0259rin T\u0259hqiqat\u0131 Departamentin\u0259 m\u00fcraci\u0259tl\u0259rin \u0259sas s\u0259b\u0259bin\u0259 \u00e7evrilib. Bel\u0259 z\u0259ngl\u0259rin pay\u0131 2019-cu ild\u0259 qeyd\u0259 al\u0131nan 34%-d\u0259n 2021-ci ild\u0259 51,9%-\u0259 y\u00fcks\u0259lib. Hallar\u0131n yar\u0131s\u0131ndan \u00e7oxunda (62,5%) t\u0259cav\u00fczkarlar ilkin bo\u015fluqlar\u0131n istismar\u0131ndan sonra m\u0259lumat\u0131 \u015fifr\u0259l\u0259m\u0259zd\u0259n \u0259vv\u0259l \u015f\u0259b\u0259k\u0259d\u0259 bir aydan \u00e7ox vaxt ke\u00e7iribl\u0259r.<\/p>\n\n\n\n

T\u0259cav\u00fczkarlar \u0259m\u0259liyyat sistemi al\u0259tl\u0259rind\u0259n, art\u0131q m\u00fc\u015ft\u0259ri komp\u00fcterl\u0259rind\u0259 qura\u015fd\u0131r\u0131lm\u0131\u015f olan proqram t\u0259minat\u0131ndan, h\u0259m\u00e7inin \u015f\u0259b\u0259k\u0259 idar\u0259etm\u0259 proqramlar\u0131ndan v\u0259 kommersiya \u00e7\u0259r\u00e7iv\u0259l\u0259rind\u0259n istifad\u0259 ed\u0259r\u0259k a\u015fkarlanmama\u011fa \u00e7al\u0131\u015f\u0131rlar. Bu c\u00fcr al\u0259tl\u0259r Kaspersky t\u0259r\u0259find\u0259n ara\u015fd\u0131r\u0131lan b\u00fct\u00fcn hadis\u0259l\u0259rin 40%-d\u0259 a\u015fkar edilib. Sistem\u0259 daxil olduqdan sonra t\u0259cav\u00fczkarlar m\u00fcxt\u0259lif m\u0259qs\u0259dl\u0259r \u00fc\u00e7\u00fcn qanuni vasit\u0259l\u0259rd\u0259n istifad\u0259 edirl\u0259r: m\u0259lumat toplamaq \u00fc\u00e7\u00fcn PowerShell, imtiyazlar\u0131 art\u0131rmaq \u00fc\u00e7\u00fcn Mimikatz, \u0259mrl\u0259ri uzaqdan yerin\u0259 yetirm\u0259k \u00fc\u00e7\u00fcn PsExec, h\u00fccumun b\u00fct\u00fcn m\u0259rh\u0259l\u0259l\u0259rind\u0259 Cobalt Strike kimi \u00e7\u0259r\u00e7iv\u0259l\u0259r.<\/p>\n\n\n\n

\u201cBaxmayaraq ki, b\u00fct\u00fcn z\u0259ruri t\u0259dbirl\u0259r\u0259 \u0259m\u0259l olunmas\u0131 kibert\u0259hl\u00fck\u0259l\u0259rd\u0259n 100% m\u00fcdafi\u0259y\u0259 z\u0259man\u0259t vermir, proqram t\u0259minat\u0131 yenil\u0259nm\u0259sinin vaxt\u0131nda qura\u015fd\u0131r\u0131lmas\u0131 u\u011furlu h\u00fccum ehtimal\u0131n\u0131 50% azalda bil\u0259r\u201d, – dey\u0259 Kaspersky-nin insidentl\u0259rin ara\u015fd\u0131r\u0131lmas\u0131 \u015f\u00f6b\u0259sinin r\u0259hb\u0259ri Konstantin Sapronov bildirib. \u201cT\u0259cav\u00fczkarlar m\u00fcxt\u0259lif \u00fcsullardan istifad\u0259 edirl\u0259r v\u0259 infrastrukturun t\u0259hl\u00fck\u0259sizliyini t\u0259min etm\u0259yin \u0259n yax\u015f\u0131 yolu onlar\u0131n h\u0259r\u0259k\u0259tl\u0259rini a\u015fkar etm\u0259y\u0259 v\u0259 m\u00fcxt\u0259lif m\u0259rh\u0259l\u0259l\u0259rd\u0259 h\u00fccumlar\u0131 dayand\u0131rma\u011fa imkan ver\u0259n al\u0259tl\u0259r v\u0259 yana\u015fmalardan istifad\u0259 etm\u0259kdir\u201d.<\/p>\n\n\n\n

\u018ftrafl\u0131 m\u0259lumat \u00fc\u00e7\u00fcn, Kaspersky-nin 2021-ci ild\u0259 t\u0259hl\u00fck\u0259sizlik insidentl\u0259rinin t\u0259hlilinin n\u0259tic\u0259l\u0259rin\u0259 dair hesabat\u0131na<\/a> baxa bil\u0259rsiniz.<\/p>\n\n\n\n

U\u011furlu h\u00fccum ehtimal\u0131n\u0131 v\u0259 korporativ infrastruktura m\u00fcdaxil\u0259 hal\u0131nda z\u0259r\u0259ri minimuma endirm\u0259k \u00fc\u00e7\u00fcn Kaspersky t\u00f6vsiy\u0259 edir:<\/p>\n\n\n\n