{"id":7582,"date":"2020-01-28T14:23:51","date_gmt":"2020-01-28T11:23:51","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=7582"},"modified":"2020-01-28T14:23:51","modified_gmt":"2020-01-28T11:23:51","slug":"kwts-enterprise-6-1","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/kwts-enterprise-6-1\/7582\/","title":{"rendered":"Web tehdidi korumas\u0131 ve hedefli sald\u0131r\u0131lar"},"content":{"rendered":"<p>Siber su\u00e7lular kurumsal altyap\u0131ya nas\u0131l giriyor? Filmlerde herkesin eri\u015febilece\u011fi bir yere b\u0131rak\u0131lan vir\u00fcsl\u00fc bir flash s\u00fcr\u00fcc\u00fcyle ger\u00e7ekle\u015ftirilen komplolar ger\u00e7ek hayatta da kar\u015f\u0131m\u0131za \u00e7\u0131ksa da, bunlara \u00e7ok s\u0131k rastlanmaz. Son on y\u0131lda ana tehdit da\u011f\u0131t\u0131m kanallar\u0131 genellikle e-posta ve k\u00f6t\u00fc ama\u00e7l\u0131 web sayfalar\u0131 oldu. E-posta a\u00e7\u0131s\u0131ndan her \u015fey olduk\u00e7a a\u00e7\u0131k: Posta sunucusunda iyi bir kimlik av\u0131 \u00f6nleme ve vir\u00fcsten koruma motoru bulunan bir g\u00fcvenlik \u00e7\u00f6z\u00fcm\u00fc, \u00e7o\u011fu tehdidi ortadan kald\u0131r\u0131r. Buna k\u0131yasla web tehditleri genellikle \u00e7ok daha az dikkat \u00e7ekiyor.<\/p>\n<p>Siber su\u00e7lular uzun zamand\u0131r web\u2019i her t\u00fcrl\u00fc sald\u0131r\u0131 i\u00e7in kullan\u0131yor. \u00dcstelik yaln\u0131zca kullan\u0131c\u0131lar\u0131n \u00e7evrimi\u00e7i hizmetler i\u00e7in kimlik bilgilerini \u00e7alan kimlik av\u0131 sayfalar\u0131n\u0131 veya taray\u0131c\u0131 g\u00fcvenlik a\u00e7\u0131klar\u0131ndan yararlanan k\u00f6t\u00fc ama\u00e7l\u0131 siteleri kastetmiyoruz. Belirli hedeflere y\u00f6nelik geli\u015fmi\u015f sald\u0131r\u0131lar da web tehditlerini de kullan\u0131yor.<\/p>\n<h2>Hedefli sald\u0131r\u0131lardaki web tehditleri<\/h2>\n<p><a href=\"https:\/\/securelist.com\/ksb-2019-review-of-the-year\/95394\/\" target=\"_blank\" rel=\"noopener\">Securelist\u2019in 2019 APT incelemesinde<\/a> uzmanlar\u0131m\u0131z, \u201cwatering hole\u201d y\u00f6ntemini kullanan bir APT sald\u0131r\u0131s\u0131n\u0131 \u00f6rnek verdi. Siber su\u00e7lular Hindistan\u2019\u0131n Kara Harp Ara\u015ft\u0131rmalar\u0131 Merkezi\u2019nin (CLAWS) web sitesine sald\u0131rarak sisteme uzaktan eri\u015fim sa\u011flamak amac\u0131yla siteyi Truva At\u0131 da\u011f\u0131tan k\u00f6t\u00fc ama\u00e7l\u0131 bir belgeyi bar\u0131nd\u0131rmak i\u00e7in kullanm\u0131\u015ft\u0131.<\/p>\n<p>Birka\u00e7 y\u0131l \u00f6nce ise ba\u015fka bir grup, pop\u00fcler bir uygulaman\u0131n geli\u015ftiricisinin derleme ortam\u0131na saldr\u0131rarak k\u00f6t\u00fc niyetli bir mod\u00fcl\u00fc \u00fcr\u00fcne g\u00f6men bir <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/ccleaner-supply-chain\/4819\/\" target=\"_blank\" rel=\"noopener\">tedarik zinciri sald\u0131r\u0131s\u0131<\/a> ba\u015flatm\u0131\u015ft\u0131. Etkilenen uygulama, ge\u00e7erli dijital imzas\u0131 ile geli\u015ftiricinin resmi web sitesinde bir ay boyunca da\u011f\u0131t\u0131ld\u0131.<\/p>\n<p>Yukar\u0131dakiler, APT sald\u0131r\u0131lar\u0131nda Web tehdidi mekanizmalar\u0131n\u0131n kullan\u0131ld\u0131\u011f\u0131 istisnai durumlar de\u011fil. Siber su\u00e7lular\u0131n, \u00e7al\u0131\u015fanlar\u0131n ilgi alanlar\u0131n\u0131 inceledikleri ve mesajla\u015fma uygulamalar\u0131 veya sosyal a\u011flar \u00fczerinden bu ilgi alanlar\u0131na hitap edecek web sitelerine benzeyen k\u00f6t\u00fc ama\u00e7l\u0131 ba\u011flant\u0131lar g\u00f6nderdikleri biliniyor. Sosyal m\u00fchendislik \u00e7al\u0131\u015fmalar\u0131, g\u00fcven duyan ki\u015filer \u00fczerinde harikalar yaratabiliyor.<\/p>\n<h2>Entegre koruma<\/h2>\n<p>Hedefli sald\u0131r\u0131lara kar\u015f\u0131 korumay\u0131 iyile\u015ftirmek i\u00e7in, Web tehditlerini \u015firket a\u011f\u0131ndaki di\u011fer olaylar ba\u011flam\u0131nda dikkate almam\u0131z gerekti\u011fi a\u00e7\u0131kt\u0131. Bu nedenle, yeni y\u0131lda piyasaya s\u00fcr\u00fclen Kaspersky Web Traffic Security 6.1, Kaspersky Anti-Targeted Attack Platform ile entegre edilebiliyor. A\u011f\u0131n genel savunmas\u0131n\u0131 g\u00fc\u00e7lendirmek i\u00e7in birlikte \u00e7al\u0131\u015farak birbirlerini tamaml\u0131yorlar.<\/p>\n<p>Web a\u011f ge\u00e7idini koruyan \u00e7\u00f6z\u00fcm ile hedefli tehditlere kar\u015f\u0131 koruma sa\u011flayan \u00e7\u00f6z\u00fcm aras\u0131nda \u00e7ift y\u00f6nl\u00fc ileti\u015fim kurmak art\u0131k m\u00fcmk\u00fcn. Bu, \u00f6ncelikle a\u011f ge\u00e7idi tabanl\u0131 uygulaman\u0131n derinlemesine dinamik analiz i\u00e7in \u015f\u00fcpheli i\u00e7erik g\u00f6ndermesine izin veriyor. \u0130kincisi, Kaspersky Anti-Targeted Attack de art\u0131k a\u011f ge\u00e7idinden ek bir bilgi kayna\u011f\u0131na sahip oldu\u011fu i\u00e7in karma\u015f\u0131k bir sald\u0131r\u0131n\u0131n dosya bile\u015fenlerinin daha erken tespit edilmesini ve k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m\u0131n C&amp;C sunucular\u0131yla ileti\u015fiminin engellenmesini sa\u011fl\u0131yor.<\/p>\n<p>Entegre koruma, ideal olarak her seviyede uygulanabilir. Bu; i\u015f istasyonlar\u0131ndan, fiziksel veya sanal sunuculardan ve posta sunucusundan veri almak ve analiz etmek i\u00e7in hedefli bir tehdit savunma platformu kurmay\u0131 i\u00e7erir. Bir tehdit alg\u0131land\u0131\u011f\u0131 takdirde analizinin sonu\u00e7lar\u0131 Kaspersky Web Traffic Security\u2019ye iletilerek benzer nesneleri (ve C&amp;C sunucular\u0131yla ileti\u015fim kurma giri\u015fimlerini) a\u011f ge\u00e7idi d\u00fczeyinde otomatik olarak engellemek i\u00e7in kullan\u0131labilir.<\/p>\n<p>A\u011f ge\u00e7idi koruma uygulamam\u0131z hakk\u0131nda daha fazla bilgi edinmek i\u00e7in <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/proxy-web-traffic\" target=\"_blank\" rel=\"noopener\">Kaspersky Web Traffic Security<\/a> sayfas\u0131na g\u00f6z at\u0131n.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Web tehditleri hedefli sald\u0131r\u0131larda aktif olarak kullan\u0131l\u0131yor, bu nedenle etkisiz hale getirilmeleri APT savunma stratejisinin ayr\u0131lmaz bir par\u00e7as\u0131 olmal\u0131.<\/p>\n","protected":false},"author":610,"featured_media":7583,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[493,1074,673],"class_list":{"0":"post-7582","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-apt","11":"tag-kimlik-avi","12":"tag-web"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/kwts-enterprise-6-1\/7582\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/kwts-enterprise-6-1\/18426\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/kwts-enterprise-6-1\/15299\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/kwts-enterprise-6-1\/20184\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/kwts-enterprise-6-1\/18496\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/kwts-enterprise-6-1\/20950\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/kwts-enterprise-6-1\/19738\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/kwts-enterprise-6-1\/32128\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/kwts-enterprise-6-1\/13653\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/kwts-enterprise-6-1\/13916\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/kwts-enterprise-6-1\/12682\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/kwts-enterprise-6-1\/21976\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/kwts-enterprise-6-1\/26813\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/kwts-enterprise-6-1\/24874\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/kwts-enterprise-6-1\/25709\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/kwts-enterprise-6-1\/25540\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/apt\/","name":"APT"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/7582","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/610"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=7582"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/7582\/revisions"}],"predecessor-version":[{"id":7584,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/7582\/revisions\/7584"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/7583"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=7582"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=7582"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=7582"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}