{"id":1313,"date":"2014-08-09T06:34:21","date_gmt":"2014-08-09T10:34:21","guid":{"rendered":"http:\/\/www.kaspersky.com.tr\/blog\/?p=1313"},"modified":"2017-09-21T12:06:30","modified_gmt":"2017-09-21T09:06:30","slug":"stuxnet-kullanicilari-tehdit-etmeye-devam-ediyor","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/stuxnet-kullanicilari-tehdit-etmeye-devam-ediyor\/1313\/","title":{"rendered":"Stuxnet, Kullan\u0131c\u0131lar\u0131 Tehdit Etmeye Devam Ediyor"},"content":{"rendered":"

Kaspersky Lab, 2014 yaz\u0131nda yap\u0131lan \u201cWindows kullan\u0131m\u0131 ve zay\u0131fl\u0131klar\u0131<\/a>\u201d ara\u015ft\u0131rmas\u0131n\u0131n sonu\u00e7lar\u0131n\u0131 a\u00e7\u0131klad\u0131. Buna g\u00f6re CVE-2010-2568 kodl\u0131 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 2010 y\u0131l\u0131nda, \u00fcnl\u00fc Stuxnet solucan\u0131 ile ayn\u0131 zamanda ke\u015ffedilmi\u015fti. Bu zararl\u0131 yaz\u0131l\u0131m g\u00fcn\u00fcm\u00fczde dahi bu a\u00e7\u0131ktan yayg\u0131n \u015fekilde faydalan\u0131yor ve kullan\u0131c\u0131lar i\u00e7in ciddi bir tehdit olu\u015fturuyor.<\/p>\n

Kaspersky Lab uzmanlar\u0131, kurumsal BT y\u00f6neticilerini kurumsal bilgisayarlardaki yaz\u0131l\u0131m\u0131n g\u00fcncel tutulmas\u0131 ve gereken siber tehlike koruma ara\u00e7lar\u0131n\u0131n kurulmas\u0131 konular\u0131na daha fazla dikkat etmeye \u00e7a\u011f\u0131r\u0131yor<\/p>\n

Stuxnet, halen bir tehdit. Bu tehdit, Kas\u0131m 2013\u2019ten Haziran 2014\u2019teki sekiz ayl\u0131k d\u00f6neme kadar tam 19 milyon kullan\u0131c\u0131y\u0131 etkiledi.<\/p>\n

Stuxnet, CVE-2010-2568 kodlu g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan \u00f6zellikle faydalan\u0131yor. Bu a\u00e7\u0131k sald\u0131rganlar\u0131n kullan\u0131c\u0131n\u0131n bilgisi olmadan bir DLL y\u00fcklemesini m\u00fcmk\u00fcn k\u0131lan bir Windows k\u0131sa yol y\u00f6netimi hatas\u0131. Bu a\u00e7\u0131k Windows XP, Vista ve Windows 7\u2019nin yan\u0131 s\u0131ra Windows Server 2003 ve 2008\u2019i etkiliyor. Bu zay\u0131fl\u0131ktan en fazla Haziran 2010\u2019da belirlenen ve \u0130ran\u2019da bulunan n\u00fckleer tesislerdeki uranyum zenginle\u015ftirme ekipman\u0131na fiziksel olarak zarar verdi\u011fi d\u00fc\u015f\u00fcn\u00fclen Stuxnet faydaland\u0131.<\/p>\n

Etkilenen \u00fclkeler aras\u0131nda T\u00fcrkiye de var <\/strong><\/p>\n

2010 sonbahar\u0131 itibariyle Microsoft, bu zay\u0131fl\u0131\u011f\u0131 kapatan bir g\u00fcvenlik g\u00fcncellemesi yay\u0131nlad\u0131. Buna ra\u011fmen Kaspersky Lab alg\u0131lama sistemleri hala zararl\u0131 yaz\u0131l\u0131m\u0131n bu zay\u0131fl\u0131ktan faydaland\u0131\u011f\u0131 milyonlarca olay kaydetmekte. Bu a\u00e7\u0131\u011f\u0131 hedef alan zararl\u0131 yaz\u0131l\u0131m \u00f6rneklerinin Kas\u0131m 2013 \u2013 Haziran 2014 aras\u0131nda en s\u0131k g\u00f6r\u00fcld\u00fc\u011f\u00fc \u00fclkelere bak\u0131ld\u0131\u011f\u0131nda liste Vietnam (%42,45), Hindistan (%11,7), Endonezya (%9,43), Brezilya (%5,52) ve Cezayir (%3,74) \u015feklinde. T\u00fcrkiye ise 1.23 oran\u0131yla bu listenin altlar\u0131nda.<\/p>\n

\"stuxnet\"<\/a>T\u00fcm kay\u0131tl\u0131 CVE-2010-2568 belirlemelerinin co\u011frafi da\u011f\u0131l\u0131m\u0131<\/p>\n

Bu ara\u015ft\u0131rma g\u00f6steriyor ki Vietnam, Hindistan ve Cezayir, hem en fazla CVE-2010-2568 belirlemenin ger\u00e7ekle\u015fti\u011fi \u00fclkeler listesinde hem de hala Windows XP kullan\u0131lan \u00fclkeler listesinde \u00fcst s\u0131ralarda. Bu i\u015fletim sistemi CVE-2010-2568 belirlemelerinde ilk s\u0131rada yer almakta: Belirlemelerin %64,19\u2019u Windows XP kullan\u0131lan bilgisayarlarda ger\u00e7ekle\u015fmi\u015f. \u015eu anda d\u00fcnyada en fazla kullan\u0131lan i\u015fletim sistemi olan Windows 7, belirlemelerin yaln\u0131zca %27,99\u2019u ile ikinci s\u0131rada. Daha sonra %3,99 ve %1,58 ile Windows Server 2008 ve 2003 geliyor.<\/p>\n

Kaspersky Lab uzmanlar\u0131 \u00f6zellikle bu durum ile ilgili olarak, \u00e7ok say\u0131da belirlemenin do\u011frudan \u00e7ok say\u0131da sald\u0131r\u0131 anlam\u0131na gelmedi\u011fini belirtiyor. Bu zay\u0131fl\u0131ktan s\u0131ra d\u0131\u015f\u0131 y\u00f6ntemlerle faydalan\u0131lmas\u0131 nedeniyle Kaspersky Lab \u00fcr\u00fcn\u00fcn\u00fcn CVE-2010-2568\u2019den faydalanan ger\u00e7ek sald\u0131r\u0131lara kar\u015f\u0131 zararl\u0131 yaz\u0131l\u0131mdan korunma sa\u011flad\u0131\u011f\u0131 olaylar ile yaln\u0131zca belirli bir solucan taraf\u0131ndan otomatik olarak olu\u015fturulan k\u0131sayolu belirledi\u011fi olaylar\u0131 net olarak birbirinden ay\u0131rmak m\u00fcmk\u00fcn de\u011fil. CVE-2010-2568\u2019in bir\u00e7ok kez belirlenmesi, bu zay\u0131fl\u0131ktan faydalanan zararl\u0131 yaz\u0131l\u0131m\u0131n sald\u0131r\u0131lar\u0131na kar\u015f\u0131 hala hassas durumda olan bir\u00e7ok bilgisayar\u0131n bulundu\u011funu kan\u0131tl\u0131yor. Kaspersky Lab uzmanlar\u0131 bu belirlemelerin \u00f6nemli bir k\u0131sm\u0131n\u0131n g\u00fcncellemeleri d\u00fczenli olarak yap\u0131lmayan veya herhangi bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc kurulu olmayan sunuculardan kaynakland\u0131\u011f\u0131n\u0131 \u00f6ng\u00f6rmekte.<\/p>\n

Kurumsal BT y\u00f6neticileri dikkatli olmal\u0131<\/strong><\/p>\n

Kaspersky Lab Zay\u0131fl\u0131k Ara\u015ft\u0131rma Ekibi Y\u00f6neticisi Vyacheslav Zakorzhevsky<\/strong> \u015funlar\u0131 ifade ediyor: \u201cBu durum b\u00f6yle bir a\u00e7\u0131k i\u00e7eren sunucular\u0131n hala kullan\u0131ld\u0131\u011f\u0131 kurulu\u015flarda devam eden bir zararl\u0131 yaz\u0131l\u0131m enfeksiyonu riski olu\u015fturuyor. Bu nedenle kurumsal BT y\u00f6neticilerini kurumsal bilgisayarlardaki yaz\u0131l\u0131m\u0131n g\u00fcncel tutulmas\u0131 ve gereken siber tehlike koruma ara\u00e7lar\u0131n\u0131n kurulmas\u0131 konular\u0131na daha fazla dikkat etmeye \u00e7a\u011f\u0131r\u0131yoruz<\/em>.\u201d<\/p>\n

Bu zay\u0131fl\u0131ktan faydalan\u0131lan sald\u0131r\u0131lara maruz kalma durumlar\u0131n\u0131n minimum seviyeye d\u00fc\u015f\u00fcr\u00fclmesi ad\u0131na Kaspersky Lab uzmanlar\u0131, kullan\u0131c\u0131lara yaz\u0131l\u0131mlar\u0131n\u0131 d\u00fczenli olarak g\u00fcncellemelerini, kullanmad\u0131klar\u0131 yaz\u0131l\u0131mlar\u0131 silmelerini ve bu t\u00fcr sald\u0131r\u0131lar\u0131 engellemek i\u00e7in gereken teknolojilere sahip ve g\u00fcvenilir bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc kullanmalar\u0131n\u0131 tavsiye ediyor.<\/p>\n

\u00d6rne\u011fin Kaspersky Lab\u2019in WhitePaper Automatic Exploit Prevention<\/strong> \u00f6zelli\u011fi sezgisel alg\u0131lama yap\u0131s\u0131 ve ba\u011f\u0131ms\u0131z ara\u015ft\u0131rma kurulu\u015flar\u0131 taraf\u0131ndan onaylanm\u0131\u015f etkinli\u011fi ile \u015fu anda bilinmeyen yaz\u0131l\u0131m zay\u0131fl\u0131klar\u0131 ile ilgili sald\u0131r\u0131larla m\u00fccadele edebilmektedir. Bu teknoloji Kaspersky Lab\u2019in Kaspersky Internet Security Multi-Device, Kaspersky Small Office Security ve Kaspersky Endpoint Security for Business gibi ev ve kurumsal \u00fcr\u00fcnlerinde bulunmaktad\u0131r.<\/p>\n

Daha fazla bilgi almak i\u00e7in securelist.com<\/a> adresini ziyaret edin.<\/p>\n","protected":false},"excerpt":{"rendered":"

Kaspersky Lab, 2014 yaz\u0131nda yap\u0131lan \u201cWindows kullan\u0131m\u0131 ve zay\u0131fl\u0131klar\u0131\u201d ara\u015ft\u0131rmas\u0131n\u0131n sonu\u00e7lar\u0131n\u0131 a\u00e7\u0131klad\u0131. Buna g\u00f6re CVE-2010-2568 kodl\u0131 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 2010 y\u0131l\u0131nda, \u00fcnl\u00fc Stuxnet solucan\u0131 ile ayn\u0131 zamanda ke\u015ffedilmi\u015fti. Bu zararl\u0131 yaz\u0131l\u0131m<\/p>\n","protected":false},"author":350,"featured_media":1315,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1287],"tags":[615,196],"class_list":{"0":"post-1313","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-hedefli-saldiri","9":"tag-stuxnet"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/stuxnet-kullanicilari-tehdit-etmeye-devam-ediyor\/1313\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/hedefli-saldiri\/","name":"hedefli sald\u0131r\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/1313","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/350"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=1313"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/1313\/revisions"}],"predecessor-version":[{"id":3942,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/1313\/revisions\/3942"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/1315"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=1313"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=1313"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=1313"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}