{"id":38673,"date":"2022-06-07T04:18:04","date_gmt":"2022-06-07T01:18:04","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=38673"},"modified":"2022-06-07T04:18:04","modified_gmt":"2022-06-07T01:18:04","slug":"microsoft-exchange-hucumlari-icin-bir-arac-yayinladi","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=38673","title":{"rendered":"Microsoft, Exchange H\u00fccumlar\u0131 \u0130\u00e7in Bir Ara\u00e7 Yay\u0131nlad\u0131"},"content":{"rendered":"<p>ABD merkezli teknoloji devi <strong>Microsoft<\/strong>, ge\u00e7ti\u011fimiz g\u00fcn b\u00fcy\u00fck bir olayla g\u00fcndeme geldi. \u015eirketin e-posta sunucusu <strong>Exchange&#8217;de<\/strong> ortaya \u00e7\u0131kan bir kusur, hackerlar taraf\u0131ndan gaye al\u0131nd\u0131. \u00c7inli Hafnium hacker k\u00fcmesi taraf\u0131ndan yap\u0131lan ataklar, kurbanlar\u0131n e-postalar\u0131n\u0131 ele ge\u00e7irmeye odaklan\u0131yordu.<\/p>\n<p>KrebsonSecurity taraf\u0131ndan aktar\u0131lanlara nazaran Microsoft Exchange sunucular\u0131na yap\u0131lan bu ak\u0131nlardan <strong>en az 30.000 ABD&#8217;li kurulu\u015f<\/strong> etkilendi. K\u00fc\u00e7\u00fck i\u015fletmelerden kentlere ve lokal idareye kadar bir\u00e7ok yeri etkileyen bu h\u00fccumun akabinde Microsoft, bug\u00fcn sunucu y\u00f6neticileri i\u00e7in tehdidi <strong>tespit etmeleri ve azaltabilmeleri i\u00e7in<\/strong> bir ara\u00e7lar\u0131n\u0131 kullan\u0131ma sundu.<\/p>\n<p><b>Microsoft, ak\u0131nlara kar\u015f\u0131 ara\u00e7lar\u0131n\u0131 yay\u0131nlad\u0131:<\/b><\/p>\n<p><img decoding=\"async\" src=\"https:\/\/www.webtekno.com\/images\/editor\/default\/0003\/03\/faca3e1af09a57ab64dcb79a2c59c1ebcc94b806.jpeg\"\/><\/p>\n<p>\u015eirket, fiyats\u0131z olarak sundu\u011fu ve tehlikeyi belirlemek i\u00e7in g\u00fcnl\u00fck log belgelerini taramak i\u00e7in kullan\u0131labilecek &#8216;<strong>Indicators of Compromise<\/strong>&#8216; <strong>arac\u0131n\u0131 <\/strong>g\u00fcncelledi. Bununla birlikte 2 Mart&#8217;ta yay\u0131nlanan bant d\u0131\u015f\u0131 g\u00fcncelle\u015ftirmeleri uygulayamayan y\u00f6neticiler i\u00e7in acil durum alternatif tehlike azaltma <strong>k\u0131lavuzunu <\/strong>da yay\u0131nlad\u0131.<\/p>\n<p>Exchange y\u00f6neticilerinin sunucular\u0131n\u0131 g\u00fcncelle\u015ftirmeleri, taarruzlara kar\u015f\u0131 b\u00fcy\u00fck bir ehemmiyet ta\u015f\u0131yor. Zira Hafnium hacker k\u00fcmesi, taarruzun akabinde sunucuda daha fazla denetime sahip olabilmek i\u00e7in gerilerinde bir de <strong>web shell<\/strong> b\u0131rakt\u0131lar. Bu sayede <strong>site \u00fczerinden sunucuda<\/strong> kod \u00e7al\u0131\u015ft\u0131rma, belge olu\u015fturma, silme, okuma ve daha bir\u00e7ok \u015feyi yapmaya imk\u00e2n kazand\u0131lar.<\/p>\n<p>Sunucular\u0131n mevcut durumuysa biraz i\u00e7 karart\u0131c\u0131 diyebiliriz. Sald\u0131r\u0131y\u0131 ke\u015ffeden Volexity Lideri Steven Adair, y\u00f6neticilerin Microsoft&#8217;un g\u00fcncellemelerini yay\u0131nlan\u0131r yay\u0131nlanmaz indirmi\u015f olmalar\u0131na kar\u015f\u0131n <strong>y\u00fcksek olas\u0131l\u0131kla hala web shell&#8217;e mesken sahipli\u011fi yapt\u0131klar\u0131n\u0131<\/strong> belirtti. \u015eimdi g\u00fcncelleme yapmayan y\u00f6neticilereyse kurulu\u015flar\u0131n\u0131n \u00e7oktan ele ge\u00e7irilmi\u015f olabilece\u011fini s\u00f6yledi.<\/p>\n<div> <\/div>\n","protected":false},"excerpt":{"rendered":"<p>ABD merkezli teknoloji devi Microsoft, ge\u00e7ti\u011fimiz g\u00fcn b\u00fcy\u00fck bir olayla g\u00fcndeme geldi. \u015eirketin e-posta sunucusu Exchange&#8217;de ortaya \u00e7\u0131kan bir &#8230;<\/p>\n","protected":false},"author":1,"featured_media":38674,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[854],"tags":[1251,1527],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/38673"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=38673"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/38673\/revisions"}],"predecessor-version":[{"id":38675,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/38673\/revisions\/38675"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/38674"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=38673"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=38673"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=38673"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}