{"id":5248,"date":"2015-11-02T07:20:56","date_gmt":"2015-11-02T07:20:56","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=5248"},"modified":"2015-11-02T07:20:56","modified_gmt":"2015-11-02T07:20:56","slug":"joomladaki-acik-ortaya-ciktiktan-hemen-sonra-saldirilar-basladi","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/joomladaki-acik-ortaya-ciktiktan-hemen-sonra-saldirilar-basladi\/","title":{"rendered":"Joomla’daki a\u00e7\u0131k ortaya \u00e7\u0131kt\u0131ktan hemen sonra sald\u0131r\u0131lar ba\u015flad\u0131!"},"content":{"rendered":"

Ge\u00e7ti\u011fimiz g\u00fcnlerde a\u00e7\u0131klanan ve Joomla 3.4.5 s\u00fcr\u00fcm\u00fcyle kapat\u0131lan bir a\u00e7\u0131k<\/strong><\/a>, sald\u0131rganlar taraf\u0131ndan kullan\u0131lmaya ba\u015fland\u0131 bile.<\/span><\/p>\n

Ge\u00e7ti\u011fimiz per\u015fembe g\u00fcn\u00fc Joomla 3.4.5 g\u00fcncellemesi ile kapat\u0131lan ve SQL injection’a izin veren bir a\u00e7\u0131k<\/strong>, sald\u0131rganlar\u0131n oda\u011f\u0131na gelmi\u015f durumda. Hen\u00fcz Joomla 3.4.5 g\u00fcncellemesini yapmam\u0131\u015f olanlar\u0131 hedef alan sald\u0131rganlar bu a\u00e7\u0131k sayesinde admin haklar\u0131na eri\u015febiliyor ve web sayfalar\u0131n\u0131 istedikleri gibi y\u00f6netebiliyorlar<\/strong>.<\/span><\/p>\n

Trustwave’den yap\u0131lan a\u00e7\u0131klama sonras\u0131nda Sucuri, saatler i\u00e7erisinde sald\u0131r\u0131lar\u0131n ba\u015flad\u0131\u011f\u0131n\u0131<\/strong> ve kendi b\u00fcnyesindeki hen\u00fcz g\u00fcncelleme yap\u0131lmam\u0131\u015f sitelerin bu sald\u0131r\u0131lara maruz kald\u0131\u011f\u0131n\u0131 payla\u015ft\u0131.<\/span><\/p>\n

\u0130lk 24 saat i\u00e7erisinde ise Sucuri t\u00fcm sitelerinin bu sald\u0131r\u0131yla kar\u015f\u0131la\u015ft\u0131\u011f\u0131n\u0131<\/strong> payla\u015ft\u0131. Bu sald\u0131r\u0131lar, hem sunucular\u0131n Joomla ile \u00e7al\u0131\u015f\u0131p \u00e7al\u0131\u015fmad\u0131\u011f\u0131n\u0131 kontrol ederken, hem de SQL injection yapmay\u0131 deneyerek, admin kullan\u0131c\u0131s\u0131n\u0131 ele ge\u00e7irmeye \u00e7al\u0131\u015fan sald\u0131r\u0131lar<\/strong> olarak ger\u00e7ekle\u015fmi\u015f.<\/span><\/p>\n

\"joomla\"<\/a><\/span><\/p>\n

Ayr\u0131ca uzmanlar neredeyse t\u00fcm sald\u0131r\u0131lar\u0131n da anonim Tor network \u00fczerinden ger\u00e7ekle\u015fti\u011fi bilgisini<\/strong> payla\u015f\u0131yor.<\/span><\/p>\n

Sucuri’nin payla\u015ft\u0131\u011f\u0131 verilere g\u00f6re, Joomla’daki a\u00e7\u0131k duyurulduktan sonra sald\u0131r\u0131lar g\u00fcnde 12.000’e kadar ula\u015fm\u0131\u015f durumda<\/strong>. \u0130lk ba\u015fta t\u00fcm Joomla sitelerini hedefleyen sald\u0131rganlar, Joomla’daki a\u00e7\u0131k kapat\u0131lmaya ba\u015flad\u0131ktan sonra sadece 3.4.4 ve alt\u0131ndaki Joomla s\u00fcr\u00fcmlerine sahip olan siteleri adreslemeye ba\u015flam\u0131\u015flar<\/strong>.<\/span><\/p>\n

Bu bilgi ise site sahiplerine \u015f\u00f6yle bir kritik noktay\u0131 hat\u0131rlat\u0131yor: Bir g\u00fcvenlik g\u00fcncellemesi yay\u0131nland\u0131ktan sonra g\u00fcncellemenin en fazla 24 saat i\u00e7erisinde yap\u0131lmas\u0131 olduk\u00e7a \u00f6nemli<\/strong>. Her ge\u00e7en saat, bundan sonra sald\u0131r\u0131 ihtimalini artt\u0131r\u0131yor.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Ge\u00e7ti\u011fimiz g\u00fcnlerde a\u00e7\u0131klanan ve Joomla 3.4.5 s\u00fcr\u00fcm\u00fcyle kapat\u0131lan bir a\u00e7\u0131k, sald\u0131rganlar taraf\u0131ndan kullan\u0131lmaya ba\u015fland\u0131 bile. Ge\u00e7ti\u011fimiz per\u015fembe g\u00fcn\u00fc Joomla 3.4.5 g\u00fcncellemesi ile…<\/p>\n","protected":false},"author":3,"featured_media":5249,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5248","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5248","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=5248"}],"version-history":[{"count":3,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5248\/revisions"}],"predecessor-version":[{"id":5255,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/5248\/revisions\/5255"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/5249"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=5248"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=5248"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=5248"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}