{"id":35708,"date":"2022-05-31T06:54:04","date_gmt":"2022-05-31T03:54:04","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=35708"},"modified":"2022-05-31T06:54:04","modified_gmt":"2022-05-31T03:54:04","slug":"zyxel-aygitlarda-batin-bir-hesap-bulundu","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=35708","title":{"rendered":"ZyXEL Ayg\u0131tlarda B\u00e2t\u0131n Bir Hesap Bulundu"},"content":{"rendered":"<p>G\u00fcn\u00fcm\u00fcz\u00fcn en b\u00fcy\u00fck a\u011f ayg\u0131tlar\u0131 \u00fcreticilerinden birisi olan Tayvan merkezli <strong>ZyXEL<\/strong>, bug\u00fcn kullan\u0131c\u0131lar\u0131n\u0131 korkutan bir haberle g\u00fcndeme geldi. <strong>100 binden fazla<\/strong> ZyXEL g\u00fcvenlik duvar\u0131n\u0131n, VPN a\u011f ge\u00e7idinin ve eri\u015fim noktas\u0131 denetimcisinin y\u00f6netici seviyesinde <strong>bilinmeyen bir hesap i\u00e7erdi\u011fi<\/strong> ortaya \u00e7\u0131kt\u0131.<\/p>\n<p>\u00dcstte sayd\u0131\u011f\u0131m\u0131z yerlere direkt g\u00f6m\u00fclen y\u00f6netici seviyesindeki b\u00e2t\u0131n hesap, <strong>hackerlar\u0131n bir\u00e7ok s\u00fcrecini yapmalar\u0131na m\u00fcsaade verebiliyor<\/strong>. Bu hesap sayesinde hackerlar, SSH aray\u00fcz\u00fc yahut taray\u0131c\u0131 \u00fczerindeki idare panelinden ayg\u0131tlara <strong>y\u00f6netici olarak<\/strong> eri\u015febiliyorlar.<\/p>\n<p><b>Bir\u00e7ok ata\u011fa kap\u0131 aral\u0131yor:<\/b><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/95\/8bd18f293b9e8f7e84c33218c540c93246e0c0ae.jpeg\"\/><\/p>\n<p>Eye Control&#8217;daki g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131 taraf\u0131ndan ke\u015ffedilen bu ziyadesiyle tehlikeli durum \u015fu anl\u0131k tahlile kavu\u015fturuldu. ZyXEL kullan\u0131c\u0131lar\u0131n\u0131n ayg\u0131tlar\u0131na en<strong> son s\u00fcr\u00fcm yaz\u0131l\u0131m yenile\u015ftirmesini y\u00fcklemeleri<\/strong> s\u00f6ylendi. \u00c7\u00fcnk\u00fc bu hesap, DDoS botnet operat\u00f6rlerinden ransomware k\u00fcmelerine kadar her \u00e7e\u015fit hacker taraf\u0131ndan maksatlar\u0131na y\u00f6nelik kullan\u0131lma riski ta\u015f\u0131yor.<\/p>\n<p>ZyXEL&#8217;in ba\u015f\u0131n\u0131 a\u011fr\u0131tacak bu sorun, \u015firketin piyasaya s\u00fcrd\u00fc\u011f\u00fc i\u015f seviyesindeki ayg\u0131tlar\u0131 d\u00e2hil <strong>pek \u00e7ok \u00fcst seviye ayg\u0131t\u0131n\u0131<\/strong> da i\u00e7eriyor. A\u015fa\u011f\u0131daki ZyXEL ayg\u0131tlara sahip herkesin ayg\u0131tlar\u0131n\u0131 g\u00fcncellemeleri gerekiyor (NXC serisi i\u00e7in g\u00fcncellemenin <strong>Nisan ay\u0131nda<\/strong> yay\u0131nlanmas\u0131 bekleniyor):<\/p>\n<ul>\n<li>Advanced Threat Protection (ATP) serisi<\/li>\n<li>Unified Security Gateway (USG) serisi<\/li>\n<li>USG FLEX serisi<\/li>\n<li>VPN serisi<\/li>\n<li>NXC serisi<\/li>\n<\/ul>\n<p><b>2016&#8217;da da b\u00fcy\u00fck bir olay ya\u015fanm\u0131\u015ft\u0131:<\/b><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0002\/95\/6ac9ab62c5295cf5b881cdddfb9f19491da9c5e2.jpeg\"\/><\/p>\n<p>ZyXEL, 2016 y\u0131l\u0131nda farkl\u0131 bir b\u00fcy\u00fck olayla daha g\u00fcndeme gelmi\u015fti. O vakitlerde ZyXEL ayg\u0131tlar\u0131n tek bir \u015fifreyle muhte\u015fem y\u00f6netici d\u00fczeyiyle y\u00f6netilmesine m\u00fcsaade verildi\u011fi ortaya \u00e7\u0131km\u0131\u015ft\u0131. &#8220;<strong>zyad5001<\/strong>&#8221; \u015fifresini kullanan herkes ZyXEL ayg\u0131tlar\u0131n <strong>k\u00f6k d\u00fczeyine inebilecek<\/strong> yetkiye sahip oluyordu. Uzmanlar, ZyXEL&#8217;in 2016&#8217;da ya\u015fad\u0131\u011f\u0131 bu olaydan \u015fimdiye kadar ders alm\u0131\u015f olmas\u0131 gerekti\u011fini belirtti.<\/p>\n<p>ZyXEL ayg\u0131tlarda ortaya \u00e7\u0131kan bu a\u00e7\u0131k, <strong>ransomware h\u00fccumlar\u0131<\/strong> <strong>ve siber casusluk operasyonlar\u0131<\/strong> i\u00e7in kap\u0131y\u0131 arkas\u0131na kadar a\u00e7\u0131yor. \u00c7\u00fcnk\u00fc bu t\u0131p taarruzlar ana olarak <strong>g\u00fcvenlik duvar\u0131 ve<\/strong> <strong>VPN a\u011f ge\u00e7itlerindeki<\/strong> <strong>a\u00e7\u0131klar sayesinde<\/strong> ger\u00e7ekle\u015ftiriliyor. Bu da ZyXEL&#8217;deki yeni a\u00e7\u0131\u011f\u0131n \u015firketleri ve devlet kurumlar\u0131n\u0131 tehdit alt\u0131na alm\u0131\u015f oldu\u011funu g\u00f6steriyor.<\/p>\n<div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>G\u00fcn\u00fcm\u00fcz\u00fcn en b\u00fcy\u00fck a\u011f ayg\u0131tlar\u0131 \u00fcreticilerinden birisi olan Tayvan merkezli ZyXEL, bug\u00fcn kullan\u0131c\u0131lar\u0131n\u0131 korkutan bir haberle g\u00fcndeme geldi. 100 &#8230;<\/p>\n","protected":false},"author":1,"featured_media":35709,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[15],"tags":[5479],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/35708"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=35708"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/35708\/revisions"}],"predecessor-version":[{"id":35710,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/35708\/revisions\/35710"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/35709"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=35708"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=35708"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=35708"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}