{"id":6416,"date":"2019-09-13T10:56:40","date_gmt":"2019-09-13T07:56:40","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=6416"},"modified":"2019-11-15T14:24:28","modified_gmt":"2019-11-15T11:24:28","slug":"browser-history-leak","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/browser-history-leak\/6416\/","title":{"rendered":"Taray\u0131c\u0131 eklentileri kurumsal s\u0131rlar\u0131 nas\u0131l s\u0131zd\u0131r\u0131yor"},"content":{"rendered":"<p>2019 y\u0131l\u0131 Temmuz ay\u0131nda ara\u015ft\u0131rmac\u0131 Sam Jadali, Chrome ve Firefox taray\u0131c\u0131lar\u0131nda taray\u0131c\u0131 ge\u00e7mi\u015fini kaydeden ve \u00fc\u00e7\u00fcnc\u00fc taraflara g\u00f6nderen baz\u0131 eklentiler <a href=\"https:\/\/securitywithsam.com\/2019\/07\/dataspii-leak-via-browser-extensions\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">ke\u015ffetti<\/a>. Dahas\u0131, bu verilerin al\u0131n\u0131p sat\u0131ld\u0131\u011f\u0131 bir platform da buldu.<\/p>\n<p>Bu sizi alarma ge\u00e7irmiyor olabilir. Birileri \u00e7al\u0131\u015fanlar\u0131n\u0131zdan birinin sosyal bir a\u011fda bir y\u00fcklenicinin internet sitesine girdi\u011fini ve hatta kurumsal bir hesapta oturum a\u00e7t\u0131\u011f\u0131n\u0131 fark etse ne \u00e7\u0131kar? Sald\u0131rganlar\u0131n \u00f6\u011frenece\u011fi tek \u015fey adrestir. Ba\u015fka bir bilgiye eri\u015femeyeceklerine g\u00f6re kimin umrunda? \u0130\u015fin asl\u0131 bu eklentiler d\u00fczenli olarak kurumi\u00e7i verileri s\u0131zd\u0131r\u0131r. A\u015fa\u011f\u0131da bunu nas\u0131l yapt\u0131klar\u0131n\u0131 a\u00e7\u0131kl\u0131yoruz. <\/p>\n<h2>Hakk\u0131n\u0131zdaki her \u015feyi ortaya koyan ba\u011flant\u0131lar<\/h2>\n<p>Sosyal a\u011flarda ve y\u00fcklenicilerinizin ve ortaklar\u0131n\u0131z\u0131n resmi internet sitelerinde muhtemelen gizli bilgiler if\u015fa edilmez. Daha \u00e7ok, sadece e\u015fsiz ba\u011flant\u0131larla eri\u015filebilen \u201ckapal\u0131\u201d sayfalar\u0131n bilgi s\u0131zd\u0131rma amac\u0131yla kullan\u0131labilece\u011fi konusunda endi\u015felenmelisiniz. Ger\u00e7ekte, bu sayfalar\u0131 koruyan tek \u015fey gizlilikleridir: \u00dc\u00e7\u00fcnc\u00fc \u015fah\u0131slar bunlar\u0131n adresini bilmez. A\u015fa\u011f\u0131da bu sayfalara baz\u0131 \u00f6rnekler verilmi\u015ftir.<\/p>\n<h3>\u00c7evrimi\u00e7i toplant\u0131lar<\/h3>\n<p>\u015eirketinizin, farkl\u0131 departmanlardan \u00e7al\u0131\u015fanlar\u0131n mevcut planlar\u0131 g\u00f6r\u00fc\u015ft\u00fc\u011f\u00fc, beyin f\u0131rt\u0131nas\u0131 yapt\u0131\u011f\u0131 veya sadece y\u00f6netimden bilgi ald\u0131\u011f\u0131 Web konferanslar\u0131 yapt\u0131\u011f\u0131n\u0131 farz edelim. Bu tip konferanslar\u0131n yap\u0131labildi\u011fi \u00e7ok say\u0131da platform mevcuttur. Baz\u0131lar\u0131na kat\u0131lmak i\u00e7in anahtar gerekir ancak k\u00fc\u00e7\u00fck firmalar \u00e7o\u011funlukla toplant\u0131y\u0131 d\u00fczenleyenin ilgili taraflara g\u00f6nderdi\u011fi e\u015fsiz bir toplant\u0131 tan\u0131mlay\u0131c\u0131s\u0131 i\u00e7eren bir ba\u011flant\u0131dan ba\u015fka bir \u015fey gerektirmeyen \u00fccretsiz ya da uygun fiyatl\u0131 \u00e7\u00f6z\u00fcmler kullan\u0131r. Bir kat\u0131l\u0131mc\u0131n\u0131n bir etkinli\u011fe kat\u0131lmas\u0131 i\u00e7in gereken tek \u015fey budur.<\/p>\n<p>\u015eimdi, bu ba\u011flant\u0131n\u0131n g\u00f6nderildi\u011fi \u00e7al\u0131\u015fanlardan birinin taray\u0131c\u0131s\u0131nda bilgileri \u00fc\u00e7\u00fcnc\u00fc taraflara aktaran bir eklenti y\u00fckl\u00fc oldu\u011funu d\u00fc\u015f\u00fcnelim. \u0130lgili \u015fah\u0131s konferansa kat\u0131l\u0131r kat\u0131lmaz, bu k\u00f6t\u00fc ama\u00e7l\u0131 eklenti konferans\u0131n URL\u2019sini bir pazara g\u00f6nderir. \u015eirketiniz hakk\u0131nda bilgi toplamaya \u00e7al\u0131\u015fan ya da sadece bir f\u0131rsat arayan sald\u0131rgan, \u00e7al\u0131\u015fan\u0131n taray\u0131c\u0131 ge\u00e7mi\u015fini sat\u0131n al\u0131r, b\u00f6ylelikle eri\u015filebilir toplant\u0131lardan birinin o anda ger\u00e7ekle\u015fmekte oldu\u011funu g\u00f6rebilir.<\/p>\n<p>Bu ba\u011flant\u0131y\u0131 sat\u0131n alan ki\u015finin toplant\u0131ya kat\u0131lmas\u0131n\u0131 \u00f6nleyen hi\u00e7bir \u015fey yoktur. Tabii ki di\u011fer kat\u0131l\u0131mc\u0131lar, etkinli\u011fe birinin kat\u0131ld\u0131\u011f\u0131na dair bildirim al\u0131r. Ancak, \u00f6rne\u011fin otuz-k\u0131rk ki\u015finin kat\u0131ld\u0131\u011f\u0131 ve tamam\u0131n\u0131n birbirini tan\u0131mad\u0131\u011f\u0131 toplant\u0131larda, bu bilinmeyen kat\u0131l\u0131mc\u0131n\u0131n kim oldu\u011fu pek de sorgulanmayacakt\u0131r. Sonu\u00e7 olarak \u00fc\u00e7\u00fcnc\u00fc taraf, konferansta konu\u015fulan her \u015feyi \u00f6\u011frenmi\u015f olacakt\u0131r.<\/p>\n<h3>Tedarik\u00e7ilerden gelen online faturalar<\/h3>\n<p>\u015eirketinizin tedarik\u00e7iler, online fatura hizmetleri kullan\u0131yor olabilir. Baz\u0131 hizmetlerde \u00f6deme faturalar\u0131na, ba\u015fkalar\u0131n\u0131n eri\u015fimine a\u00e7\u0131k e\u015fsiz bir ba\u011flant\u0131 \u00fczerinden eri\u015filmesi s\u00f6z konusudur. Bir sald\u0131rgan, b\u00f6yle bir faturaya eri\u015fmesi durumunda, \u015firketinizin ve tedarik\u00e7i \u015firketin ad\u0131n\u0131 ve adresini, \u00f6denen tutar\u0131 ve ba\u015fka bilgileri \u00f6\u011frenebilir.<\/p>\n<p>\u00c7o\u011fu durumda, bu bilgilerin yanl\u0131\u015f ellere d\u00fc\u015fmesinden k\u00f6t\u00fc bir \u015fey \u00e7\u0131kmayaca\u011f\u0131 do\u011frudur. Ancak toplum m\u00fchendisli\u011fi ile u\u011fra\u015fan ki\u015filer i\u00e7in bu faturalar de\u011ferli bilgiler i\u00e7erir.<\/p>\n<h3>\u0130\u015f belgeleri<\/h3>\n<p>Pek \u00e7ok \u015firket, i\u015fbirli\u011fi \u00e7er\u00e7evesinde Google Drive gibi online hizmetler kullan\u0131yor. Teoride \u00fc\u00e7\u00fcnc\u00fc taraflar\u0131n a\u00e7mas\u0131n\u0131 engellemek i\u00e7in dosyalara eri\u015fimi k\u0131s\u0131tlaman\u0131za izin verirler. Ancak, herkes payla\u015f\u0131lan dosyalarda bu k\u0131s\u0131tlamalar\u0131 uygulamaz. \u00c7o\u011fu zaman elinde bir dosyaya ba\u011flant\u0131 olan ki\u015filer belgeyi g\u00f6r\u00fcnt\u00fcleyebilir ve hatta d\u00fczenleyebilir.<\/p>\n<p>\u00dcstelik bu belgelerde fiyat tekliflerinden personelin ki\u015fisel verilerine kadar <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/clutter-as-cyberrisk\/5902\/\" target=\"_blank\" rel=\"noopener noreferrer\">her t\u00fcrl\u00fc bilgi yer alabilir<\/a>.<\/p>\n<h2>B\u00fcy\u00fck \u00f6l\u00e7ekli veri s\u0131z\u0131nt\u0131lar\u0131na kar\u015f\u0131 kendinizi nas\u0131l korursunuz<\/h2>\n<p>S\u0131z\u0131nt\u0131 riskini en aza indirgemek i\u00e7in, \u00e7al\u0131\u015fanlar\u0131n\u0131za herhangi bir taray\u0131c\u0131 eklentisi y\u00fcklemeden \u00f6nce \u00e7ok ihtiyatl\u0131 davranmalar\u0131n\u0131 ve kulland\u0131klar\u0131 online hizmetin izin vermesi halinde, payla\u015fmadan \u00f6nce dok\u00fcmana eri\u015fimi k\u0131s\u0131tlamalar\u0131 gerekti\u011fini hat\u0131rlat\u0131n. Do\u011frulanm\u0131\u015f taray\u0131c\u0131 eklentilerinin yer ald\u0131\u011f\u0131 onayl\u0131 bir liste verip, geri kalanlar\u0131 potansiyel tehlike g\u00f6r\u00fcp yasaklamak y\u00f6netim a\u00e7\u0131s\u0131ndan en iyi uygulama olacakt\u0131r. <\/p>\n<p>Ayr\u0131ca, \u015firketin kulland\u0131\u011f\u0131 online hizmetleri analiz edin ve kimlik do\u011frulamas\u0131 istemeden sadece ba\u011flant\u0131yla eri\u015fime izin verenleri belirleyin. \u015eayet bir hizmet eline ba\u011flant\u0131 ge\u00e7en herkese eri\u015fim sa\u011fl\u0131yorsa, daha g\u00fcvenli bir alternatife y\u00f6nelin. <\/p>\n<p>Son olarak, her \u015firket bilgisayar\u0131na di\u011fer siber tehditlerin yan\u0131 s\u0131ra k\u00f6t\u00fc ama\u00e7l\u0131 eklentileri y\u00fckleme giri\u015fimlerini \u00f6nleyecek <a href=\"https:\/\/kas.pr\/kdkesbtr\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">g\u00fcvenilir bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc<\/a> kurulmas\u0131 \u015fartt\u0131r.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>Chrome ve Firefox eklentileri taray\u0131c\u0131 ge\u00e7mi\u015finizi alabilir. Bunun neden tehlikeli oldu\u011funu ve kendinizi bundan nas\u0131l koruyaca\u011f\u0131n\u0131z\u0131 \u00f6\u011frenin.<\/p>\n","protected":false},"author":2509,"featured_media":6417,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[1164,744,851,2007,537],"class_list":{"0":"post-6416","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-eklentiler","11":"tag-guvenlik","12":"tag-sizinti","13":"tag-sizintilar","14":"tag-tehditler"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/browser-history-leak\/6416\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/browser-history-leak\/16624\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/browser-history-leak\/14016\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/browser-history-leak\/6516\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/browser-history-leak\/18588\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/browser-history-leak\/16659\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/browser-history-leak\/15390\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/browser-history-leak\/19260\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/browser-history-leak\/17965\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/browser-history-leak\/23608\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/browser-history-leak\/28543\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/browser-history-leak\/12451\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/browser-history-leak\/11169\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/browser-history-leak\/20179\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/browser-history-leak\/24115\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/browser-history-leak\/24658\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/browser-history-leak\/19061\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/browser-history-leak\/23345\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/browser-history-leak\/23256\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/sizinti\/","name":"s\u0131z\u0131nt\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6416","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2509"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=6416"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6416\/revisions"}],"predecessor-version":[{"id":6730,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6416\/revisions\/6730"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/6417"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=6416"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=6416"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=6416"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}