{"id":8640,"date":"2020-08-04T14:15:27","date_gmt":"2020-08-04T11:15:27","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=8640"},"modified":"2020-08-04T14:15:27","modified_gmt":"2020-08-04T11:15:27","slug":"black-hat-2020-preview","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/black-hat-2020-preview\/8640\/","title":{"rendered":"Sanal \u00d6nizleme: Black Hat 2020"},"content":{"rendered":"<p>D\u00fcr\u00fcst olal\u0131m. Hi\u00e7 kimse, 2020 y\u0131l\u0131n\u0131n zorluklar\u0131n\u0131 tahmin edemezdi. Olacaklar\u0131 tahmin etti\u011fini s\u00f6yleyen birilerini tan\u0131yorsan\u0131z l\u00fctfen onlar\u0131 benimle tan\u0131\u015ft\u0131r\u0131n. Onlar i\u00e7in \u00f6zel bir hediyem var.<\/p>\n<p>N\u00fcfusun b\u00fcy\u00fck \u00e7o\u011funlu\u011fu ya\u015fam ve \u00e7al\u0131\u015fma bi\u00e7imlerinde b\u00fcy\u00fck de\u011fi\u015fiklikler yapmak zorunda kald\u0131. \u00c7ok az insan bu kadar fazla insan\u0131n evden \u00e7al\u0131\u015facak ve evin d\u0131\u015f\u0131nda maske takmak gibi ihtiya\u00e7lar\u0131 olacak olmas\u0131na haz\u0131rl\u0131kl\u0131yd\u0131. Ancak, salg\u0131na ve salg\u0131n\u0131n getirdi\u011fi de\u011fi\u015fikliklere kar\u015f\u0131 yaln\u0131zca bir grup haz\u0131r gibi g\u00f6r\u00fcn\u00fcyor: Siber su\u00e7lular.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Cybercrims always follow the users. Users switched to remote work, so cybercrims switched to attacking their remote work.<br>During the <a href=\"https:\/\/twitter.com\/hashtag\/coronavirus?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#coronavirus<\/a> times we see bruteforce attacks against RDP<br>have rocketed across almost the entire planet.<br>Details \u21d2 <a href=\"https:\/\/t.co\/Fj0LtQ5UhO\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/Fj0LtQ5UhO<\/a> <a href=\"https:\/\/t.co\/IppsWAe9tT\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/IppsWAe9tT<\/a><\/p>\n<p>\u2014 Eugene Kaspersky (@e_kaspersky) <a href=\"https:\/\/twitter.com\/e_kaspersky\/status\/1255473308847558658?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">April 29, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>H\u0131rs\u0131zlar salg\u0131n\u0131 sadece hayatta kalmak i\u00e7in de\u011fil, b\u00fcy\u00fcmek i\u00e7in de bir f\u0131rsat olarak g\u00f6rd\u00fcler. Nisan ay\u0131nda siber faaliyetlerde <a href=\"https:\/\/securelist.com\/it-threat-evolution-q1-2020-statistics\/96959\/\" target=\"_blank\" rel=\"noopener\">b\u00fcy\u00fck bir art\u0131\u015f<\/a> ger\u00e7ekle\u015fti. Bu art\u0131\u015f, May\u0131s ay\u0131nda bir miktar azalsa da Haziran ve Temmuz aylar\u0131nda tekrar Nisan ay\u0131 seviyelerine ula\u015ft\u0131. Yak\u0131n zamanda Eugene Kaspersky ile \u00e7evrimi\u00e7i ger\u00e7ekle\u015ftirdi\u011fimiz bir toplant\u0131da bu art\u0131\u015f\u0131n neden ya\u015fand\u0131\u011f\u0131n\u0131 sorduk ve bize bu art\u0131\u015f\u0131 \u015fu \u015fekilde \u00f6zetledi, \u201cSiber su\u00e7lular yakalan\u0131p hapse girene kadar evden \u00e7al\u0131\u015f\u0131rlar.\u201d<\/p>\n<p>Kaspersky\u2019nin yay\u0131nlad\u0131\u011f\u0131 panel, 1-6 A\u011fustos tarihlerinde ger\u00e7ekle\u015ftirilecek olan Black Hat konferans\u0131na adanm\u0131\u015ft\u0131 ve Global Ara\u015ft\u0131rma ve Analiz Ekibi\u2019nden (GReAT) Costin Raiu ve Kurt Baumgartner da bu panelde yer al\u0131yordu. Y\u0131ll\u0131k hacker yaz kamp\u0131 da t\u0131pk\u0131 G\u00fcvenlik Analisti Zirvesi gibi sanal bir etkinli\u011fe d\u00f6n\u00fc\u015ft\u00fc.<\/p>\n<h2>Black Hat 2020\u2019de yer almas\u0131 \u00f6ng\u00f6r\u00fclen konular<\/h2>\n<p>Sanal olsun ya da olmas\u0131n, Black Hat\u2019in bu y\u0131l\u0131n en b\u00fcy\u00fck siber g\u00fcvenlik etkinliklerinden biri olmas\u0131n\u0131 bekliyoruz. Bu nedenle, Raiu ve Baumgartner\u2019a bu y\u0131l en \u00e7ok g\u00f6rmek istedikleri Black Hat sunumlar\u0131n\u0131 sorduk. Raui ve Baumgartner\u2019\u0131n listedi\u011fi sunumlar \u015fu \u015fekilde:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.blackhat.com\/us-20\/briefings\/schedule\/#reversing-the-root-identifying-the-exploited-vulnerability-in-0-days-used-in-the-wild-20308\" target=\"_blank\" rel=\"noopener nofollow\">K\u00f6k\u00fc Tersine D\u00f6nd\u00fcrme: S\u0131f\u0131r G\u00fcn G\u00fcvenlik A\u00e7\u0131\u011f\u0131 \u0130\u00e7erisinde G\u00fcvenlik A\u00e7\u0131\u011f\u0131n\u0131 Belirleme<\/a> \u2014 Maddie Stone<\/li>\n<li><a href=\"https:\/\/www.blackhat.com\/us-20\/briefings\/schedule\/index.html#iot-skimmer-energy-market-manipulation-through-high-wattage-iot-botnets-20280\" target=\"_blank\" rel=\"noopener nofollow\">IoT Skimmer: Y\u00fcksek Watt IoT Botnetler ile Enerji Piyasas\u0131 Manip\u00fclasyonu<\/a> \u2014 Tohid Shekari ve Raheem Beyah<\/li>\n<li><a href=\"https:\/\/www.blackhat.com\/us-20\/briefings\/schedule\/#spectra-breaking-separation-between-wireless-chips-20005\" target=\"_blank\" rel=\"noopener nofollow\">Spectra: Kablosuz \u00c7ipler Aras\u0131nda Ay\u0131r\u0131c\u0131y\u0131 K\u0131rma<\/a> \u2014 Jiska Classen ve Francesco Gringoli<\/li>\n<li><a href=\"https:\/\/www.blackhat.com\/us-20\/briefings\/schedule\/#fastcash-and-injx_pure-how-threat-actors-use-public-standards-for-financial-fraud-19371\" target=\"_blank\" rel=\"noopener nofollow\">FASTCash ve INJX_Pure: Tehdit Akt\u00f6rleri Finansal Doland\u0131r\u0131c\u0131l\u0131k i\u00e7in Kamu Standartlar\u0131n\u0131 Nas\u0131l Kullan\u0131yor<\/a> \u2014 Kevin Perlow<\/li>\n<li><a href=\"https:\/\/www.blackhat.com\/us-20\/briefings\/schedule\/#operation-chimera---apt-operation-targets-semiconductor-vendors-20699\" target=\"_blank\" rel=\"noopener nofollow\">Chimera Operasyonu: APT Operasyonu Yar\u0131 \u0130letken Sa\u011flay\u0131c\u0131lar\u0131 Hedefliyor<\/a> \u2014 Chung-Kuan Chen, Inndy Lin ve Shang-De Jiang<\/li>\n<\/ul>\n<h2>Bonus k\u0131s\u0131m: 2020 y\u0131l\u0131n\u0131n \u015fimdiye kadarki en ilgin\u00e7 APT\u2019leri<\/h2>\n<p>Panel s\u0131ras\u0131nda, kolektif grubumuza ge\u00e7en y\u0131lki \u201cfavori\u201d siber casusluk kampanyalar\u0131n\u0131n neler oldu\u011funu sorduk.<\/p>\n<p>Raiu\u2019ya g\u00f6re bu sorunun cevab\u0131 Kaspersky ekibinin 1,5 y\u0131ld\u0131r g\u00f6zlemledi\u011fi bir grup olan Wellmess grubu. Bu gruptan son <a href=\"https:\/\/zoom.us\/webinar\/register\/1315942903439\/WN_31aVVq-lSheiKPc5pDr7Ag\" target=\"_blank\" rel=\"noopener nofollow\">GReAT Ideas oturumunda<\/a> da bahsedilmi\u015fti. Raui ayn\u0131 zamanda, giri\u015f maliyetinin 500 dolar ile 500 bin dolar aras\u0131na d\u00fc\u015fmesiyle kiral\u0131k hacker operasyonlar\u0131n\u0131n da izlemek i\u00e7in ilgin\u00e7 bir alan oldu\u011funu ekledi.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">As of July 6, CISA had no actor attributed to WellMess. July 6. Remember that. In 11 days, they were able to go from not knowing, to publicly backing direct attribution to an APT actor who hasn't been seen in over a year? <a href=\"https:\/\/t.co\/h6udgjAPk8\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/h6udgjAPk8<\/a><\/p>\n<p>\u2014 Brian Bartholomew (@Mao_Ware) <a href=\"https:\/\/twitter.com\/Mao_Ware\/status\/1284137701688647681?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">July 17, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Baumgartner ise oda\u011f\u0131n Do\u011fu\u2019ya kayd\u0131\u011f\u0131n\u0131 belirtti ve ekledi, \u201cBu y\u0131la geri d\u00f6n\u00fcp bakt\u0131\u011f\u0131mda, benim i\u00e7in her zaman raporlamad\u0131\u011f\u0131m\u0131z kampanyalardan biri olan, Two Sail Junk ve bu grubun LightRiver ad\u0131ndaki k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m implantlar\u0131 \u00f6ne \u00e7\u0131k\u0131yor. Ocak ay\u0131nda baz\u0131 forumlar\u0131n watering hole olarak kullan\u0131ld\u0131\u011f\u0131n\u0131 ve bu forumlar\u0131n Hong Kong aktivistleri taraf\u0131ndan ziyaret edildi\u011fini g\u00f6rd\u00fck. Bu forumlar\u0131 ba\u015fka insanlar da ziyaret ediyor olabilir ancak \u00e7o\u011funlukla bu siteleri aktivistler kullan\u0131yor, ki biz de burada bir zincir g\u00f6rd\u00fck. Bu sald\u0131r\u0131lar\u0131 hedefleyen iOS, iPhone g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 ve k\u00f6t\u00fc ama\u00e7l\u0131 implantlar zincirini bir araya getirmeyi ba\u015fard\u0131k. Bu zinciri par\u00e7alara ay\u0131rd\u0131k ve hen\u00fcz geli\u015fme a\u015famas\u0131nda oldu\u011funu g\u00f6rd\u00fck. \u00d6n\u00fcm\u00fczdeki birka\u00e7 ay i\u00e7in bu implantlara modlar ve de\u011fi\u015fiklikler yap\u0131ld\u0131\u011f\u0131n\u0131 s\u00f6yleyebilirdiniz ancak \u015fimdi Hong Kong\u2019un \u00f6zellikle de bu aktivistler i\u00e7in \u00e7ok \u00f6nemli bir nokta oldu\u011fu ortaya \u00e7\u0131kt\u0131. Fakat iPhone\u2019lar\u0131n genellikle bu \u015fekilde hedef al\u0131nd\u0131\u011f\u0131n\u0131 ve aktif olarak kullan\u0131ld\u0131\u011f\u0131n\u0131 g\u00f6rmedi\u011fimiz i\u00e7in bu implant \u00e7ok ilgin\u00e7ti.\u201d<\/p>\n<p>Eugene Kaspersky ise hen\u00fcz bilmedi\u011fimiz ya da hala devam eden ve hen\u00fcz maruz kal\u0131nmam\u0131\u015f siber faaliyetleri \u201cen ilgin\u00e7\u201d faaliyetler olarak g\u00f6rd\u00fc\u011f\u00fcn\u00fc s\u00f6yledi. Belki de bu faaliyetler hakk\u0131nda yeni bilgileri Black Hat 2020 konferans\u0131nda \u00f6\u011frenebiliriz.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"earth2050\">\n","protected":false},"excerpt":{"rendered":"<p>Eugene Kaspersky, Kurt Baumgartner ve Costin Raiu ile Black Hat 2020 \u00d6nizlemesi<\/p>\n","protected":false},"author":636,"featured_media":8641,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1287,1351],"tags":[950,2244,72,627],"class_list":{"0":"post-8640","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-threats","9":"tag-black-hat","10":"tag-etkinlikler","11":"tag-eugene-kaspersky","12":"tag-great"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/black-hat-2020-preview\/8640\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/black-hat-2020-preview\/21625\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/black-hat-2020-preview\/17089\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/black-hat-2020-preview\/22897\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/black-hat-2020-preview\/21084\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/black-hat-2020-preview\/36492\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/black-hat-2020-preview\/13732\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/black-hat-2020-preview\/27915\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/black-hat-2020-preview\/27746\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/black-hat\/","name":"black hat"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8640","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/636"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=8640"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8640\/revisions"}],"predecessor-version":[{"id":8642,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8640\/revisions\/8642"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/8641"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=8640"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=8640"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=8640"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}