{"id":1713,"date":"2025-07-26T12:20:58","date_gmt":"2025-07-26T12:20:58","guid":{"rendered":"https:\/\/digitalmecra.com\/?p=1713"},"modified":"2025-07-26T12:20:58","modified_gmt":"2025-07-26T12:20:58","slug":"microsofta-yonelik-siber-saldirilar-agirlasti-400un-uzerinde-sirket-buna-yakalandi","status":"publish","type":"post","link":"https:\/\/digitalmecra.com\/index.php\/2025\/07\/26\/microsofta-yonelik-siber-saldirilar-agirlasti-400un-uzerinde-sirket-buna-yakalandi\/","title":{"rendered":"Microsoft’a y\u00f6nelik siber sald\u0131r\u0131lar a\u011f\u0131rla\u015ft\u0131: 400’\u00fcn \u00fczerinde \u015firket buna yakaland\u0131."},"content":{"rendered":"

Teknoloji devi Microsoft, SharePoint yaz\u0131l\u0131m\u0131n\u0131n \u015firket i\u00e7i s\u00fcr\u00fcm\u00fcnde bulunan a\u00e7\u0131klar\u0131n devlet destekli \u00c7inli siber sald\u0131rganlar taraf\u0131ndan istismar edildi\u011fini duyurdu. \u015eirketin verdi\u011fi bilgiye g\u00f6re, Linen Typhoon, Violet Typhoon ve Storm-2603 adl\u0131 \u00fc\u00e7 tehdit akt\u00f6r\u00fc, internet eri\u015fimli SharePoint sunucular\u0131na sald\u0131rmak i\u00e7in bu a\u00e7\u0131klardan faydaland\u0131.<\/p>\n

Microsoft\u2019un yay\u0131mlad\u0131\u011f\u0131 blog yaz\u0131s\u0131nda, s\u00f6z konusu g\u00fcvenlik sorunlar\u0131n\u0131n sadece \u015firket i\u00e7i kullan\u0131lan SharePoint sunucular\u0131n\u0131 etkiledi\u011fi, bulut tabanl\u0131 SharePoint Online servisinin bu sald\u0131r\u0131lardan etkilenmedi\u011fi vurguland\u0131.<\/p>\n

Sald\u0131r\u0131lar 7 Temmuz’da <\/strong>ba\u015flad\u0131<\/strong><\/p>\n

Microsoft, sald\u0131r\u0131lar\u0131n 7 Temmuz itibar\u0131yla ba\u015flad\u0131\u011f\u0131n\u0131 belirtirken, ilk alarm\u0131 veren kurum ise Hollanda merkezli siber g\u00fcvenlik firmas\u0131 Eye Security oldu. Firma, yap\u0131lan taramalarda \u00e7ok say\u0131da dijital iz tespit ederek sald\u0131r\u0131ya u\u011frayan kurum say\u0131s\u0131n\u0131 \u00f6nce 100 olarak a\u00e7\u0131klam\u0131\u015ft\u0131. Yeni veriler bu say\u0131n\u0131n 400\u2019e ula\u015ft\u0131\u011f\u0131n\u0131 g\u00f6steriyor.<\/p>\n

Eye Security\u2019nin ba\u015f siber g\u00fcvenlik uzman\u0131 Vaisha Bernard, bu rakam\u0131n asl\u0131nda \u00e7ok daha y\u00fcksek olabilece\u011fine dikkat \u00e7ekerek, “T\u00fcm sald\u0131r\u0131lar dijital iz b\u0131rakm\u0131yor. Bu nedenle tespit edebildiklerimiz buzda\u011f\u0131n\u0131n g\u00f6r\u00fcnen k\u0131sm\u0131 olabilir” ifadelerini kulland\u0131.<\/p>\n

Sald\u0131rganlar ne yap\u0131yor?<\/strong><\/p>\n

Yay\u0131mlanan teknik analizde, sald\u0131rganlar\u0131n sunuculara kimlik do\u011frulama sistemini atlatarak k\u00f6t\u00fc ama\u00e7l\u0131 kod y\u00fckleyebildi\u011fi, ayr\u0131ca kriptografik anahtarlar\u0131 ele ge\u00e7irerek sistem \u00fczerinde uzun s\u00fcreli kontrol sa\u011flayabildi\u011fi belirtildi. Eye Security, g\u00fcvenlik yamas\u0131 uygulanmadan \u00f6nce ve sonra makine anahtarlar\u0131n\u0131n mutlaka de\u011fi\u015ftirilmesi gerekti\u011fi uyar\u0131s\u0131nda bulundu.<\/p>\n

ABD Siber G\u00fcvenlik ve Altyap\u0131 G\u00fcvenlik Ajans\u0131 da m\u00fc\u015fterilere, Antimalware Tarama Aray\u00fcz\u00fc\u2019n\u00fc do\u011fru yap\u0131land\u0131rmalar\u0131 ve Microsoft Defender Antivirus program\u0131n\u0131 aktif hale getirmeleri y\u00f6n\u00fcnde tavsiyede bulundu.<\/p>\n

Hedefte hangi gruplar var?<\/strong><\/p>\n

Microsoft\u2019un a\u00e7\u0131klamas\u0131nda sald\u0131r\u0131dan sorumlu oldu\u011fu belirtilen Linen Typhoon grubunun 2012\u2019den bu yana \u00f6zellikle h\u00fck\u00fcmet kurumlar\u0131, savunma sanayi, insan haklar\u0131 \u00f6rg\u00fctleri ve stratejik planlama kurulu\u015flar\u0131n\u0131 hedef ald\u0131\u011f\u0131 bilgisi yer ald\u0131. Violet Typhoon\u2019un ise 2015\u2019ten beri ABD, Avrupa ve Asya\u2019daki akademisyenler, sivil toplum \u00f6rg\u00fctleri ve medya temsilcilerine y\u00f6nelik casusluk faaliyetleri y\u00fcr\u00fctt\u00fc\u011f\u00fc belirtildi.<\/p>\n

Storm-2603 adl\u0131 grubun ise \u00c7in merkezli oldu\u011fu d\u00fc\u015f\u00fcn\u00fclse de, Microsoft bu konuda yaln\u0131zca “orta d\u00fczeyde emin<\/strong>” olduklar\u0131n\u0131 bildirdi ve do\u011frudan bir ba\u011flant\u0131 kan\u0131t\u0131 bulamad\u0131klar\u0131n\u0131 kaydetti.<\/p>\n

Ne yapmal\u0131?<\/strong><\/p>\n

Eye Security, SharePoint sunucular\u0131n\u0131n sald\u0131r\u0131ya u\u011frad\u0131\u011f\u0131n\u0131 fark eden kurumlara \u015fu tavsiyelerde bulunuyor: Etkilenen sunucular\u0131n kapat\u0131lmas\u0131, potansiyel olarak s\u0131zd\u0131r\u0131lm\u0131\u015f t\u00fcm kimlik bilgilerinin ve \u015fifrelerin yenilenmesi, ayr\u0131ca profesyonel bir siber g\u00fcvenlik ekibiyle temasa ge\u00e7ilmesi.<\/p>\n

Uzmanlara g\u00f6re bu t\u00fcr sald\u0131r\u0131lar h\u0131zla yay\u0131labilir ve ciddi sonu\u00e7lar do\u011furabilir. Bu nedenle \u015firketlerin, g\u00fcvenlik g\u00fcncellemelerini geciktirmeden uygulamalar\u0131 ve sistemlerini s\u00fcrekli olarak izlemeleri kritik \u00f6nem ta\u015f\u0131yor.<\/p>\n

\u00a0<\/strong><\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

Teknoloji devi Microsoft, SharePoint yaz\u0131l\u0131m\u0131n\u0131n \u015firket i\u00e7i s\u00fcr\u00fcm\u00fcnde bulunan a\u00e7\u0131klar\u0131n devlet destekli \u00c7inli siber sald\u0131rganlar taraf\u0131ndan istismar edildi\u011fini duyurdu. \u015eirketin verdi\u011fi bilgiye g\u00f6re, Linen Typhoon, Violet Typhoon ve Storm-2603 adl\u0131 \u00fc\u00e7 tehdit akt\u00f6r\u00fc, internet eri\u015fimli SharePoint sunucular\u0131na sald\u0131rmak i\u00e7in bu a\u00e7\u0131klardan faydaland\u0131. Microsoft\u2019un yay\u0131mlad\u0131\u011f\u0131 blog yaz\u0131s\u0131nda, s\u00f6z konusu g\u00fcvenlik sorunlar\u0131n\u0131n sadece \u015firket i\u00e7i kullan\u0131lan SharePoint […]<\/p>\n","protected":false},"author":12,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14],"tags":[1840],"class_list":["post-1713","post","type-post","status-publish","format-standard","hentry","category-teknoloji","tag-microsoft"],"views":370,"_links":{"self":[{"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/posts\/1713","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/comments?post=1713"}],"version-history":[{"count":1,"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/posts\/1713\/revisions"}],"predecessor-version":[{"id":1714,"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/posts\/1713\/revisions\/1714"}],"wp:attachment":[{"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/media?parent=1713"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/categories?post=1713"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/digitalmecra.com\/index.php\/wp-json\/wp\/v2\/tags?post=1713"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}