{"id":17353,"date":"2026-02-05T20:57:04","date_gmt":"2026-02-05T20:57:04","guid":{"rendered":"https:\/\/bihavadis.com\/?p=17353"},"modified":"2026-02-05T20:57:04","modified_gmt":"2026-02-05T20:57:04","slug":"eskiden-yeniye-kaspersky-oltalama-tehditlerinin-donusumunu-mercek-altina-aliyor","status":"publish","type":"post","link":"https:\/\/bihavadis.com\/index.php\/2026\/02\/05\/eskiden-yeniye-kaspersky-oltalama-tehditlerinin-donusumunu-mercek-altina-aliyor\/","title":{"rendered":"Eskiden Yeniye: Kaspersky Oltalama Tehditlerinin D\u00f6n\u00fc\u015f\u00fcm\u00fcn\u00fc Mercek Alt\u0131na Al\u0131yor"},"content":{"rendered":"<p>Kaspersky\u2019nin yay\u0131mlad\u0131\u011f\u0131 yeni inceleme, siber su\u00e7lular\u0131n takvim tabanl\u0131 sald\u0131r\u0131lar, sesli mesaj aldatmacalar\u0131 ve geli\u015fmi\u015f \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulama (MFA) atlatma y\u00f6ntemleri gibi teknikleri modernize ederek, 2025 y\u0131l\u0131nda bireyleri ve i\u015fletmeleri nas\u0131l hedef ald\u0131\u011f\u0131n\u0131 g\u00f6zler \u00f6n\u00fcne seriyor. Bulgular; bu \u0131srarc\u0131 tehditlere kar\u015f\u0131 kullan\u0131c\u0131 dikkati, \u00e7al\u0131\u015fan e\u011fitimleri ve geli\u015fmi\u015f e-posta koruma \u00e7\u00f6z\u00fcmlerinin kritik bir ihtiya\u00e7 haline geldi\u011fini vurguluyor.<\/p>\n<p><strong>Takvim Tabanl\u0131 Oltalama: Ofis \u00c7al\u0131\u015fanlar\u0131 Hedefte<\/strong><\/p>\n<p>\u0130lk olarak 2010\u2019lu y\u0131llar\u0131n sonunda ortaya \u00e7\u0131kan takvim tabanl\u0131 oltalama (calendar phishing) taktikleri, bug\u00fcn rotas\u0131n\u0131 B2B d\u00fcnyas\u0131na \u00e7evirerek yeniden sahneye \u00e7\u0131kt\u0131. Sald\u0131rganlar, g\u00f6vde metni i\u00e7ermeyen ancak etkinlik a\u00e7\u0131klamas\u0131nda zararl\u0131 ba\u011flant\u0131lar gizlenmi\u015f takvim davetleri g\u00f6nderiyor. Davet a\u00e7\u0131ld\u0131\u011f\u0131nda etkinlik kullan\u0131c\u0131n\u0131n takvimine otomatik olarak ekleniyor; ard\u0131ndan gelen bildirimler, kullan\u0131c\u0131y\u0131 Microsoft gibi platformlar\u0131 taklit eden sahte giri\u015f sayfalar\u0131na y\u00f6nlendiriyor. Ge\u00e7mi\u015fte Google Takvim kullan\u0131c\u0131lar\u0131n\u0131 hedef alan kitlesel kampanyalar, art\u0131k do\u011frudan kurumsal \u00e7al\u0131\u015fanlar\u0131 odak noktas\u0131na al\u0131yor. Kurulu\u015flar\u0131n, \u00e7al\u0131\u015fanlar\u0131na beklenmedik takvim davetlerini do\u011frulamay\u0131 \u00f6\u011fretmek i\u00e7in sim\u00fcle edilmi\u015f sald\u0131r\u0131 at\u00f6lyeleri gibi d\u00fczenli fark\u0131ndal\u0131k e\u011fitimleri d\u00fczenlemesi \u00f6neriliyor.<\/p>\n<p><strong>CAPTCHA Korumal\u0131 Sesli Mesaj Aldatmacas\u0131<\/strong><\/p>\n<p>Siber sald\u0131rganlar, az miktarda metin ve basit bir ba\u011flant\u0131 i\u00e7eren, sesli mesaj bildirimi s\u00fcs\u00fc verilmi\u015f minimalist e-postalar kullan\u0131yor. Ba\u011flant\u0131ya t\u0131kland\u0131\u011f\u0131nda, g\u00fcvenlik botlar\u0131n\u0131 atlatmak i\u00e7in bir dizi CAPTCHA do\u011frulamas\u0131 tetikleniyor. S\u00fcre\u00e7, sonunda e-posta adreslerini do\u011frulayan ve kimlik bilgilerini ele ge\u00e7iren sahte bir Google giri\u015f sayfas\u0131nda noktalan\u0131yor. Bu \u00e7ok katmanl\u0131 aldatmaca, \u015f\u00fcpheli ba\u011flant\u0131lar\u0131 tan\u0131maya y\u00f6nelik etkile\u015fimli e\u011fitim mod\u00fclleri ile bu t\u00fcr sinsi taktikleri tespit edip engelleyen Kaspersky SecureMail gibi geli\u015fmi\u015f e-posta sunucusu koruma \u00e7\u00f6z\u00fcmlerinin \u00f6nemini bir \u00a0kez daha ortaya koyuyor.<\/p>\n<p><strong>Sahte Bulut Servisleriyle MFA\u2019y\u0131 A\u015fan Sald\u0131r\u0131lar<\/strong><\/p>\n<p>Geli\u015fmi\u015f oltalama kampanyalar\u0131, pCloud (\u015fifreli dosya depolama ve payla\u015f\u0131m hizmeti) gibi servisleri taklit ederek \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulama (MFA) sistemlerini hedef al\u0131yor. Tarafs\u0131z bir destek takibi gibi g\u00f6r\u00fcnen bu e-postalar, kullan\u0131c\u0131y\u0131 benzer isimli (\u00f6rne\u011fin: pcloud.online) sahte alan adlar\u0131na y\u00f6nlendiriyor. Bu sayfalar, API arac\u0131l\u0131\u011f\u0131yla ger\u00e7ek pCloud servisiyle etkile\u015fime girerek e-postalar\u0131 do\u011fruluyor ve kullan\u0131c\u0131dan OTP (tek kullan\u0131ml\u0131k \u015fifre) kodlar\u0131 ile parolalar\u0131 talep ediyor. Giri\u015f ba\u015far\u0131l\u0131 oldu\u011funda sald\u0131rganlar hesaba tam eri\u015fim sa\u011fl\u0131yor. Kurulu\u015flar\u0131n bu tehdide kar\u015f\u0131 zorunlu siber g\u00fcvenlik e\u011fitimleri uygulamas\u0131 ve hileli alan adlar\u0131n\u0131 ve API tabanl\u0131 sald\u0131r\u0131lar\u0131 i\u015faretleyen Kaspersky Security for Mail Servers gibi \u00e7\u00f6z\u00fcmleri devreye almas\u0131 gerekiyor.<\/p>\n<p><strong>Kaspersky Anti-Spam Uzman\u0131 Roman Dedenok:<\/strong>\u00a0\u201c<em>Oltalama y\u00f6ntemleri giderek daha yan\u0131lt\u0131c\u0131 h\u00e2le gelirken,<\/em>\u00a0<em>Kaspersky kullan\u0131c\u0131lar\u0131 parola korumal\u0131 PDF\u2019ler veya QR kodlar gibi al\u0131\u015f\u0131lmad\u0131k e-posta eklerine kar\u015f\u0131 temkinli olmaya ve herhangi bir kimlik bilgisi girmeden \u00f6nce web sitesi adreslerini mutlaka do\u011frulamaya \u00e7a\u011f\u0131r\u0131yor. Kurumlar\u0131n, ger\u00e7ek hayattan senaryolar i\u00e7eren kapsaml\u0131 e\u011fitim programlar\u0131n\u0131 hayata ge\u00e7irmesi ve ileri seviye e-posta koruma sistemlerini kullanmas\u0131, ileri d\u00fczey oltalama sald\u0131r\u0131lar\u0131n\u0131n ger\u00e7ek zamanl\u0131 olarak tespit edilmesini ve engellenmesini sa\u011fl\u0131yor<\/em>.\u201d ifadelerini kulland\u0131.<\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>\n<p>Kaynak: (BYZHA) Beyaz Haber Ajans\u0131<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Kaspersky\u2019nin yay\u0131mlad\u0131\u011f\u0131 yeni inceleme, siber su\u00e7lular\u0131n takvim tabanl\u0131 sald\u0131r\u0131lar, sesli mesaj aldatmacalar\u0131 ve geli\u015fmi\u015f \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulama (MFA) atlatma y\u00f6ntemleri gibi teknikleri modernize ederek, 2025 y\u0131l\u0131nda bireyleri ve i\u015fletmeleri nas\u0131l hedef ald\u0131\u011f\u0131n\u0131 g\u00f6zler \u00f6n\u00fcne seriyor.<\/p>\n","protected":false},"author":1,"featured_media":17354,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[1597,233,462,794,3305],"class_list":["post-17353","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-teknoloji","tag-e-posta","tag-egitim","tag-kullanici","tag-saldiri","tag-takvim"],"_links":{"self":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts\/17353","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/comments?post=17353"}],"version-history":[{"count":1,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts\/17353\/revisions"}],"predecessor-version":[{"id":17355,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/posts\/17353\/revisions\/17355"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/media\/17354"}],"wp:attachment":[{"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/media?parent=17353"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/categories?post=17353"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bihavadis.com\/index.php\/wp-json\/wp\/v2\/tags?post=17353"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}