Bir\u00e7ok i\u015fletme hem \u015firket i\u00e7i \u00f6zel bulut hem de herkese a\u00e7\u0131k bulut kaynaklar\u0131ndan olu\u015fan hibrit bir bulut ortam\u0131 kullanmaya ba\u015flad\u0131. Ancak konu siber g\u00fcvenlik oldu\u011funda \u015firketler, fiziksel ve sanalla\u015ft\u0131r\u0131lm\u0131\u015f ortamlar\u0131n g\u00fcvenli\u011fine daha fazla odaklan\u0131p altyap\u0131lar\u0131n\u0131n herkese a\u00e7\u0131k bulutlardaki k\u0131sm\u0131na daha az dikkat etme e\u011filiminde oluyor. Bu \u015firketlerden bir k\u0131sm\u0131, korumadan bulut sa\u011flay\u0131c\u0131lar\u0131n sorumlu oldu\u011funu d\u00fc\u015f\u00fcn\u00fcrken, bir k\u0131sm\u0131 da herkese a\u00e7\u0131k bulutlar\u0131n tasar\u0131mlar\u0131 gere\u011fi g\u00fcvenli oldu\u011funa ve ilave koruma gerektirmedi\u011fine inan\u0131yor.
\nFakat her iki varsay\u0131m da hatal\u0131: Herkese a\u00e7\u0131k bulutlar; yaz\u0131l\u0131mlardaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n k\u00f6t\u00fcye kullan\u0131m\u0131na, g\u00fcncelleme sat\u0131n al\u0131mlar\u0131na, a\u011f ba\u011flant\u0131lar\u0131n\u0131n k\u00f6t\u00fcye kullan\u0131m\u0131na ve hesap bilgilerinin ele ge\u00e7irilmesine altyap\u0131n\u0131z\u0131n geri kalan\u0131 kadar a\u00e7\u0131kt\u0131r. Peki, neden?<\/p>\n
Benzer kaba kuvvet giri\u015fimleri, SSH hizmetlerini s\u00fcrekli hedef al\u0131r. SSH, RDP\u2019den \u00e7ok daha fazla koruma sa\u011flasa da (\u00f6rne\u011fin, iki a\u015famal\u0131 kimlik do\u011frulama), dikkatsizce yap\u0131land\u0131r\u0131lm\u0131\u015f bir hizmet, inat\u00e7\u0131 k\u00f6t\u00fc niyetli akt\u00f6relere eri\u015fim sa\u011flayabilir. 2019\u2019un ilk yar\u0131s\u0131nda<\/a> Kaspersky\u2019nin IoT \u201cbal kovanlar\u0131na\u201d d\u00fczenlenen sald\u0131r\u0131lar\u0131n %12\u2019sini, SSH ve RDP\u2019ye y\u00f6nelik ger\u00e7ekle\u015ftirilen kaba kuvvet sald\u0131r\u0131lar\u0131 olu\u015fturdu.<\/p>\n Herkese a\u00e7\u0131k bulutlar, sizi g\u00fcvenlik a\u00e7\u0131klar\u0131na maruz b\u0131rakabilir ve b\u0131rak\u0131rlar da. \u00dc\u00e7\u00fcnc\u00fc taraf yaz\u0131l\u0131mlardaki bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n sald\u0131rganlara nas\u0131l \u00f6rne\u011fin kendisi \u00fczerinde kod y\u00fcr\u00fctme olana\u011f\u0131 sa\u011flad\u0131\u011f\u0131na dair birka\u00e7 \u00f6rne\u011fi a\u015fa\u011f\u0131da bulabilirsiniz:<\/p>\n 3 Haziran 2019\u2019da, herkese a\u00e7\u0131k bulutlarda yayg\u0131n olarak kullan\u0131lan pop\u00fcler bir e-posta sunucusu olan Exim\u2019de bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ke\u015ffedildi<\/a>. Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131, uzaktan kod y\u00fcr\u00fct\u00fclebilmesine olanak sa\u011fl\u0131yordu. Sunucu, s\u0131kl\u0131kla yap\u0131ld\u0131\u011f\u0131 \u015fekilde k\u00f6k dizini alt\u0131nda \u00e7al\u0131\u015ft\u0131r\u0131l\u0131rsa, sunucuya sokulan k\u00f6t\u00fc ama\u00e7l\u0131 kod, k\u00f6k dizini ayr\u0131cal\u0131klar\u0131yla y\u00fcr\u00fct\u00fcl\u00fcyordu. Temmuz 2019\u2019da Exim\u2019de yine uzaktan kod y\u00fcr\u00fctmeye olanak sa\u011flayan bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 daha tespit edildi.<\/p>\n Bir di\u011fer \u00f6rnek ise 2016\u2019da resmi Linux Mint web sitesinin hack\u2019lenmesiydi. Bu, da\u011f\u0131t\u0131lan i\u015fletim sisteminin DDOS i\u015flevine sahip bir IRC arka kap\u0131s\u0131 i\u00e7eren k\u00f6t\u00fc ama\u00e7l\u0131 bir yaz\u0131l\u0131m ta\u015f\u0131yacak \u015fekilde de\u011fi\u015ftirilmesiyle sonu\u00e7land\u0131. Truva At\u0131, vir\u00fcs bula\u015fan bilgisayarlara k\u00f6t\u00fc ama\u00e7l\u0131 y\u00fckler b\u0131rakmak i\u00e7in de kullan\u0131labiliyordu. \u0130lgili k\u00f6t\u00fc ama\u00e7l\u0131 node.js mod\u00fclleri, Docker Hub\u2019da vir\u00fcs bula\u015fan kapsay\u0131c\u0131lar<\/a> ve \u00e7ok daha fazlas\u0131 hakk\u0131nda farkl\u0131 vakalar da bildirildi.<\/p>\n Siber su\u00e7lular, \u00f6zellikle hedefte birbirine \u00e7ok benzeyen, benzer sorunlara sahip ve tasar\u0131mlar\u0131 gere\u011fi \u00fcst d\u00fczey g\u00fcvenli\u011fe sahip oldu\u011fu d\u00fc\u015f\u00fcn\u00fclen bir\u00e7ok altyap\u0131 oldu\u011funda, bu altyap\u0131lara giri\u015f noktas\u0131 bulmak konusunda \u00e7ok yarat\u0131c\u0131 olabilir. Riski \u00e7ok daha etkili bi\u00e7imde azaltmak ve y\u00f6netmek i\u00e7in bulut \u00f6rneklerinizde ve sanal makinelerinizdeki i\u015fletim sistemlerini korumal\u0131s\u0131n\u0131z. Bunun i\u00e7in, vir\u00fcslere ve k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131mlara kar\u015f\u0131 temel koruman\u0131n yetersiz kald\u0131\u011f\u0131 g\u00f6r\u00fcl\u00fcyor. Sekt\u00f6rdeki en iyi \u00f6rnekler, bir altyap\u0131da yer alan her i\u015fletim sisteminin kapsaml\u0131, \u00e7ok katmanl\u0131 korumaya ihtiya\u00e7 duydu\u011funu ortaya koyuyor; herkese a\u00e7\u0131k bulut sa\u011flay\u0131c\u0131lar\u0131 da benzer \u00f6nerilerde bulunuyor.<\/p>\n Kaspersky Hybrid Cloud Security gibi bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc de i\u015fte bu noktada devreye giriyor. \u00c7\u00f6z\u00fcm\u00fcm\u00fcz, sistem g\u00fc\u00e7lendirme, k\u00f6t\u00fcye kullan\u0131m \u00f6nleme, dosya b\u00fct\u00fcnl\u00fc\u011f\u00fc g\u00f6zlemleme, a\u011f sald\u0131r\u0131s\u0131 engelleyici, statik ve davran\u0131\u015fla k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m \u00f6nleme arac\u0131 ve \u00e7ok daha fazlas\u0131n\u0131 i\u00e7eren \u00e7ok katmanl\u0131 g\u00fcvenlik teknolojileri kullanarak farkl\u0131 platformlarda \u00e7al\u0131\u015fan farkl\u0131 t\u00fcrlerde i\u015f y\u00fcklerini korur. \u00c7\u00f6z\u00fcm\u00fcm\u00fcz hakk\u0131nda daha fazla bilgiye buradan<\/a> ula\u015fabilirsiniz.<\/p>\n","protected":false},"excerpt":{"rendered":" Yayg\u0131n inan\u0131\u015f\u0131n aksine, herkese a\u00e7\u0131k bulutlar tasar\u0131mlar\u0131 gere\u011fi \u00fcst d\u00fczey g\u00fcvenli\u011fe sahip de\u011fildir, dolay\u0131s\u0131yla ilave koruma gerektirirler<\/p>\n","protected":false},"author":1475,"featured_media":6543,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[790,2037,2038],"class_list":{"0":"post-6542","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-guvenlik-aciklari","10":"tag-hibrit-bulut","11":"tag-sanallastirma"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/vulnerabilities-in-public-clouds\/6542\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/vulnerabilities-in-public-clouds\/16771\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/vulnerabilities-in-public-clouds\/14160\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/vulnerabilities-in-public-clouds\/18758\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/vulnerabilities-in-public-clouds\/16805\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/vulnerabilities-in-public-clouds\/15548\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/vulnerabilities-in-public-clouds\/19449\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/vulnerabilities-in-public-clouds\/18112\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/vulnerabilities-in-public-clouds\/23761\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/vulnerabilities-in-public-clouds\/28905\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/vulnerabilities-in-public-clouds\/12401\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/vulnerabilities-in-public-clouds\/12508\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/vulnerabilities-in-public-clouds\/11299\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/vulnerabilities-in-public-clouds\/20401\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/vulnerabilities-in-public-clouds\/24338\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/vulnerabilities-in-public-clouds\/24707\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/vulnerabilities-in-public-clouds\/19224\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/vulnerabilities-in-public-clouds\/23540\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/vulnerabilities-in-public-clouds\/23390\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/hibrit-bulut\/","name":"hibrit bulut"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6542","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/1475"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=6542"}],"version-history":[{"count":3,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6542\/revisions"}],"predecessor-version":[{"id":6713,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/6542\/revisions\/6713"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/6543"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=6542"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=6542"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=6542"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\u00dc\u00e7\u00fcnc\u00fc taraf yaz\u0131l\u0131mlardaki g\u00fcvenlik a\u00e7\u0131klar\u0131<\/h2>\n
Risk nas\u0131l azalt\u0131l\u0131r<\/h2>\n