Salesforce'un b\u00fcy\u00fcmesi onu veri h\u0131rs\u0131zl\u0131\u011f\u0131 i\u00e7in de b\u00fcy\u00fck bir hedef haline getirdi.<\/p>\n\n\n\n
Her \u015fey merkezile\u015ftirildi\u011finden, tek bir ihlal bir\u00e7ok farkl\u0131 \u015firketten milyonlarca m\u00fc\u015fteri kayd\u0131n\u0131 a\u00e7\u0131\u011fa \u00e7\u0131karabilir.<\/p>\n\n\n\n
WithSecure'un Tehdit \u0130stihbarat\u0131 Ba\u015fkan\u0131 Tim West'in belirtti\u011fi gibi:<\/p>\n\n\n\n
\"Scattered Spider gibi hack gruplar\u0131 SaaS ortamlar\u0131na eri\u015fim sa\u011flamak i\u00e7in sosyal m\u00fchendislik kullan\u0131yor. Sald\u0131r\u0131lar\u0131 teknik olarak basit g\u00f6r\u00fcnebilir, ancak bu onlar\u0131 daha az tehlikeli yapmaz.\"<\/p>\n\n\n
![\"\"](\"https:\/\/blog.truthscan.com\/wp-content\/uploads\/2025\/10\/Deepfake-target-salesforce-1024x344.jpg\" "\\"\\"")
<\/figure>\n<\/div>\n\n\nYeni WithSecure ara\u015ft\u0131rmas\u0131na g\u00f6re, Salesforce ortamlar\u0131ndaki k\u00f6t\u00fc niyetli faaliyetler 2025'in ilk \u00e7eyre\u011finde keskin bir art\u0131\u015f g\u00f6sterdi ve 2024'\u00fcn sonlar\u0131na k\u0131yasla tespitlerde yirmi kat art\u0131\u015f ya\u015fand\u0131.<\/p>\n\n\n\n
Deepfakes Salesforce \u0130hlalini Nas\u0131l Besledi?<\/strong><\/h2>\n\n\n\nSon sald\u0131r\u0131lar\u0131 \u00f6zellikle tehlikeli k\u0131lan \u015fey, deepfake teknolojisinin ni\u015f bir ara\u00e7tan herkesin silah olarak kullanabilece\u011fi bir \u015feye d\u00f6n\u00fc\u015fmesidir.<\/p>\n\n\n\n
Do\u011frudan veri tabanlar\u0131na giren geleneksel veri ihlallerinin aksine, siber su\u00e7lular art\u0131k ses tabanl\u0131 sosyal m\u00fchendislik veya \"vishing\" kullan\u0131yor. Deepfake'lerin ve yapay zeka ses klonlaman\u0131n y\u00fckseli\u015fiyle birlikte bu sald\u0131r\u0131lar\u0131 tespit etmek \u00e7ok daha zor hale geliyor.<\/p>\n\n\n
\n![\"\"](\"https:\/\/blog.truthscan.com\/wp-content\/uploads\/2025\/10\/Deepfake-creation-economics-1024x360.jpg\" "\\"\\"")
<\/figure>\n<\/div>\n\n\nShinyHunters'\u0131n Salesforce m\u00fc\u015fterilerine kar\u015f\u0131 y\u00fcr\u00fctt\u00fc\u011f\u00fc kampanya, geleneksel sosyal m\u00fchendislik ile son teknoloji yapay zeka aldatmacas\u0131n\u0131 birle\u015ftiren etkili bir oyun kitab\u0131n\u0131 takip ediyor:<\/p>\n\n\n\n
1. A\u015fama: Ses \u0130stihbarat\u0131 Toplama<\/strong><\/h3>\n\n\n\nSald\u0131rganlar, kamuya a\u00e7\u0131k kaynaklardan, y\u00f6netici sunumlar\u0131ndan, konferans g\u00f6r\u00fc\u015fmelerinden, \u015firket videolar\u0131ndan veya sosyal medya payla\u015f\u0131mlar\u0131ndan ses \u00f6rnekleri toplayarak i\u015fe ba\u015flar. <\/p>\n\n\n\n
20-30 saniye kadar net bir sesle, ikna edici ses klonlar\u0131 olu\u015fturabilirler.<\/p>\n\n\n\n
2. A\u015fama: Deepfake Vishing \u00c7a\u011fr\u0131s\u0131<\/strong><\/h3>\n\n\n\nBir oltalama \u00e7a\u011fr\u0131s\u0131 s\u0131ras\u0131nda sald\u0131rgan, kurban\u0131 Salesforce'un ba\u011fl\u0131 uygulama kurulum sayfas\u0131na gitmeye ve Data Loader uygulamas\u0131n\u0131n biraz de\u011fi\u015ftirilmi\u015f markayla gizlenmi\u015f sahte bir s\u00fcr\u00fcm\u00fcn\u00fc onaylamaya ikna eder.<\/p>\n\n\n\n
B\u00f6ylece kurban fark\u0131nda olmadan sald\u0131rganlar\u0131n Salesforce'tan hassas verileri \u00e7almas\u0131na izin vermi\u015f olur.<\/p>\n\n\n\n
Geli\u015fmi\u015flik dikkat \u00e7ekicidir. Baz\u0131 durumlarda sald\u0131rganlar, \u00e7al\u0131\u015fanlar\u0131n kimli\u011fine b\u00fcr\u00fcnmek ve yard\u0131m masas\u0131 personelini hileli eri\u015fime izin vermeye ikna etmek i\u00e7in deepfake ses kulland\u0131lar. <\/p>\n\n\n\n
Bu, sald\u0131rganlar\u0131n sadece otorite fig\u00fcrleri gibi davrand\u0131klar\u0131 geleneksel sesli kimlik av\u0131ndan, belirli ki\u015filer gibi ses \u00e7\u0131karabildikleri yapay zeka ile geli\u015ftirilmi\u015f taklit\u00e7ili\u011fe do\u011fru \u00f6nemli bir evrimi temsil ediyor.<\/p>\n\n\n\n
A\u015fama 3: OAuth \u0130stismar\u0131<\/strong><\/h3>\n\n\n\nK\u00f6t\u00fc ama\u00e7l\u0131 uygulama yetkilendirildi\u011finde, sald\u0131rganlar \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulamay\u0131 tamamen atlar. <\/p>\n\n\n\n
Sahte uygulama onayland\u0131ktan sonra sald\u0131rganlar, \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulamay\u0131 atlamalar\u0131na ve normal g\u00fcvenlik uyar\u0131lar\u0131n\u0131 tetiklemeden \u00e7al\u0131\u015fabilmelerine olanak tan\u0131yan uzun \u00f6m\u00fcrl\u00fc OAuth belirte\u00e7leri elde ediyor.<\/p>\n\n\n\n
A\u015fama 4: Sessiz Veri \u00c7\u0131karma<\/strong><\/h3>\n\n\n\nGoogle'\u0131n Tehdit \u0130stihbarat Grubu, bir tehdit akt\u00f6r\u00fcn\u00fcn hedeflenen her kurulu\u015f i\u00e7in veri h\u0131rs\u0131zl\u0131\u011f\u0131 s\u00fcrecini otomatikle\u015ftirmek \u00fczere bir Python arac\u0131 kulland\u0131\u011f\u0131 ve ara\u015ft\u0131rmac\u0131lar\u0131n potansiyel olarak etkilenen 700'den fazla kurulu\u015ftan haberdar oldu\u011fu konusunda uyard\u0131.<\/p>\n\n\n\n
Yapay Zeka Seslerine Kar\u015f\u0131 Neden Savunmas\u0131z\u0131z?<\/strong><\/h2>\n\n\n\nBu sald\u0131r\u0131lar\u0131n ba\u015far\u0131s\u0131 temel bir insan \u00f6zelli\u011finden faydalanmaktad\u0131r: duyduklar\u0131m\u0131za g\u00fcvenme e\u011filimimiz. <\/p>\n\n\n\n
Yak\u0131n zamanda yap\u0131lan k\u00fcresel bir ara\u015ft\u0131rmaya g\u00f6re, insanlar\u0131n y\u00fczde 70'i ger\u00e7ek bir ses ile klonlanm\u0131\u015f bir sesi ay\u0131rt edebileceklerinden emin olmad\u0131klar\u0131n\u0131 s\u00f6yl\u00fcyor.<\/p>\n\n\n\n
Yard\u0131m masas\u0131 personelinin yard\u0131msever ve uzla\u015fmac\u0131 olmak \u00fczere e\u011fitildi\u011fi ve uzaktan \u00e7al\u0131\u015fman\u0131n yaln\u0131zca sesli etkile\u015fimleri normalle\u015ftirdi\u011fi kurumsal ortamlarda bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 daha da artmaktad\u0131r.<\/p>\n\n\n\n
CrowdStrike'\u0131n 2025 K\u00fcresel Tehdit Raporu'na g\u00f6re, 2024'\u00fcn ilk ve ikinci yar\u0131s\u0131 aras\u0131nda sesli kimlik av\u0131 (vishing) sald\u0131r\u0131lar\u0131nda, yapay zeka taraf\u0131ndan \u00fcretilen kimlik av\u0131 ve taklit taktiklerinin etkisiyle 442%'lik bir art\u0131\u015f oldu.<\/p>\n\n\n\n
$25 Milyon Uyand\u0131rma \u00c7a\u011fr\u0131s\u0131<\/strong><\/h2>\n\n\n\n![\"\"](\"https:\/\/blog.truthscan.com\/wp-content\/uploads\/2025\/10\/deepfake-threat-image-1024x683.jpg\" "\\"\\"")
<\/figure>\n<\/div>\n\n\nDeepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lar\u0131n etkileri Salesforce'un \u00e7ok \u00f6tesine uzan\u0131yor. <\/p>\n\n\n\n
2024 y\u0131l\u0131n\u0131n ba\u015flar\u0131nda m\u00fchendislik firmas\u0131 Arup'ta ger\u00e7ekle\u015fen ve sald\u0131rganlar\u0131n bir video g\u00f6r\u00fc\u015fmesinde birden fazla y\u00f6neticinin kimli\u011fine b\u00fcr\u00fcnmek i\u00e7in yapay zeka kulland\u0131\u011f\u0131 $25 milyonluk deepfake soygunu, hi\u00e7bir kurulu\u015fun bu tehdide kar\u015f\u0131 ba\u011f\u0131\u015f\u0131k olmad\u0131\u011f\u0131n\u0131 g\u00f6sterdi. <\/p>\n\n\n\n
Benzer sald\u0131r\u0131lar, Ferrari CEO'su Benedetto Vigna'n\u0131n g\u00fcney \u0130talya aksan\u0131n\u0131 taklit eden yapay zeka ile klonlanm\u0131\u015f sesli aramalar kullan\u0131larak taklit edilmesi giri\u015fimi de dahil olmak \u00fczere farkl\u0131 sekt\u00f6rlerdeki y\u00f6neticileri de hedef ald\u0131.<\/p>\n\n\n\n
Bu olaylar, g\u00fcvenlik uzmanlar\u0131n\u0131n \"CEO doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 2.0\" olarak adland\u0131rd\u0131klar\u0131, deneyimli y\u00f6neticileri bile kand\u0131rabilecek \u00e7ok duyulu aldatmacalar yaratmak i\u00e7in basit e-posta taklitlerinin \u00f6tesine ge\u00e7en sald\u0131r\u0131lar\u0131 temsil ediyor.<\/p>\n\n\n\n
Platform G\u00fcvenli\u011fi ve \u0130nsan Zafiyeti<\/strong><\/h2>\n\n\n\nSalesforce, bu ihlallerin kendi platformlar\u0131ndaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 temsil etmedi\u011fini vurgulamakta gecikmedi. <\/p>\n\n\n\n
Salesforce, Mart 2025'te UNC6040'\u0131n kampanyas\u0131n\u0131 kabul ederek, sald\u0131rganlar\u0131n BT deste\u011fini taklit ederek \u00e7al\u0131\u015fanlar\u0131 kimlik bilgilerini vermeleri veya k\u00f6t\u00fc niyetli ba\u011flant\u0131l\u0131 uygulamalar\u0131 onaylamalar\u0131 i\u00e7in kand\u0131rd\u0131\u011f\u0131 uyar\u0131s\u0131nda bulundu. <\/p>\n\n\n\n
\u015eirket, bu olaylar\u0131n platformundaki herhangi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 i\u00e7ermedi\u011fini veya bu a\u00e7\u0131klardan kaynaklanmad\u0131\u011f\u0131n\u0131 vurgulad\u0131.<\/p>\n\n\n\n
Bu, t\u00fcm SaaS sa\u011flay\u0131c\u0131lar\u0131 i\u00e7in b\u00fcy\u00fck bir zorluk oldu\u011funu g\u00f6steriyor: teknik kusurlar yerine insan g\u00fcvenine oynayan sald\u0131r\u0131lar\u0131 nas\u0131l durduracaklar\u0131n\u0131 bulmak.<\/p>\n\n\n\n
Salesforce \u00e7e\u015fitli savunma \u00f6nlemlerini uygulamaya koymu\u015ftur:<\/p>\n\n\n\n
\n- Ba\u011fl\u0131 uygulama sa\u011flamla\u015ft\u0131rma: Yeni kullan\u0131c\u0131lar i\u00e7in y\u00fckl\u00fc olmayan ba\u011fl\u0131 uygulamalar\u0131 otomatik olarak devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- OAuth ak\u0131\u015f k\u0131s\u0131tlamalar\u0131: Belirli yetkilendirme s\u00fcre\u00e7leri kullan\u0131larak elde edilen ba\u011flant\u0131lar\u0131 devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- Geli\u015fmi\u015f izleme: \u015e\u00fcpheli uygulama yetkilendirme modellerinin geli\u015fmi\u015f tespiti<\/li>\n\n\n\n
- Kullan\u0131c\u0131 e\u011fitimi: Sosyal m\u00fchendislik giri\u015fimlerini tan\u0131ma konusunda rehber yay\u0131nlama<\/li>\n<\/ul>\n\n\n\n
A\u011fustos 2025'te Salesforce, ilgili sald\u0131r\u0131larda OAuth belirte\u00e7lerinin \u00e7al\u0131nd\u0131\u011f\u0131n\u0131 tespit ettikten sonra Drift uygulamas\u0131 da dahil olmak \u00fczere Salesloft teknolojileriyle t\u00fcm entegrasyonlar\u0131 kapatt\u0131. <\/p>\n\n\n\n
G\u00fcvenlik uzmanlar\u0131 art\u0131k ekiplerin, bir sesin yapay zeka taraf\u0131ndan \u00fcretildi\u011fini ortaya \u00e7\u0131karabilecek garip duraklamalar, arka plan g\u00fcr\u00fclt\u00fcs\u00fc veya ses hatalar\u0131 gibi ince ipu\u00e7lar\u0131n\u0131 dinlemeleri gerekti\u011fi konusunda uyar\u0131yor.<\/p>\n\n\n\n
Kurumsal Yan\u0131t: Teknoloji \u00c7\u00f6z\u00fcmlerinin \u00d6tesinde<\/strong><\/h2>\n\n\n\nKurulu\u015flar, deepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lara kar\u015f\u0131 savunman\u0131n teknolojik \u00e7\u00f6z\u00fcmlerden daha fazlas\u0131n\u0131 gerektirdi\u011fini anlamaya ba\u015fl\u0131yor; bu, g\u00fcven ve do\u011frulama s\u00fcre\u00e7lerinin temelden yeniden d\u00fc\u015f\u00fcn\u00fclmesini gerektiriyor.<\/p>\n\n\n\n
S\u0131f\u0131r G\u00fcven \u0130leti\u015fimi<\/strong><\/h3>\n\n\n\nBeyond Identity taraf\u0131ndan sunulan RealityCheck, her kat\u0131l\u0131mc\u0131ya kriptografik cihaz kimlik do\u011frulamas\u0131 ve s\u00fcrekli risk kontrolleri ile desteklenen, \u015fu anda Zoom ve Microsoft Teams i\u00e7in mevcut olan g\u00f6r\u00fcn\u00fcr, do\u011frulanm\u0131\u015f bir kimlik rozeti verir. <\/p>\n\n\n\n
Bu t\u00fcr \u00e7\u00f6z\u00fcmler, kurumsal ileti\u015fim i\u00e7in \"asla g\u00fcvenme, her zaman do\u011frula\" modellerine do\u011fru bir ge\u00e7i\u015fi temsil etmektedir.<\/p>\n\n\n\n
Geli\u015ftirilmi\u015f E\u011fitim Programlar\u0131<\/strong><\/h3>\n\n\n\nResemble AI'\u0131n deepfake sim\u00fclasyon platformunu kullanan kurulu\u015flar, deepfake sald\u0131r\u0131lar\u0131n\u0131n ger\u00e7ek d\u00fcnyada nas\u0131l ortaya \u00e7\u0131kt\u0131\u011f\u0131n\u0131 g\u00f6stermek i\u00e7in hiper-ger\u00e7ek\u00e7i sim\u00fclasyonlar kullanan platformu uygulad\u0131ktan sonra ba\u015far\u0131l\u0131 sald\u0131r\u0131larda 90%'ye kadar azalma oldu\u011funu bildiriyor.<\/p>\n\n\n\n
\u00c7ok Kanall\u0131 Do\u011frulama<\/strong><\/h3>\n\n\n\n\u00d6nde gelen kurulu\u015flar, ilk ileti\u015fimin ne kadar ger\u00e7ek\u00e7i g\u00f6r\u00fcnd\u00fc\u011f\u00fcne bak\u0131lmaks\u0131z\u0131n, y\u00fcksek riskli talepler i\u00e7in birden fazla kanaldan do\u011frulama gerektiren protokoller uygulamaktad\u0131r.<\/p>\n\n\n\n
Ses Art\u0131k Ger\u00e7ek Olmad\u0131\u011f\u0131nda<\/strong><\/h2>\n\n\n\nSalesforce ve di\u011fer kurumsal sistemlere y\u00f6nelik deepfake tehdidi, siber g\u00fcvenlik tarihinde bir d\u00f6n\u00fcm noktas\u0131n\u0131 temsil etmektedir. <\/p>\n\n\n\n
Sald\u0131rganlar ilk kez sadece otorite fig\u00fcrlerini taklit etmekle kalm\u0131yor; onlar gibi konu\u015fabiliyor, onlar gibi g\u00f6r\u00fcnebiliyor ve e\u011fitimli g\u00fcvenlik uzmanlar\u0131n\u0131 bile kurumsal g\u00fcvenli\u011fi tehlikeye atacak eylemlerde bulunmaya ikna edebiliyorlar.<\/p>\n\n\n\n
Yapay zeka taraf\u0131ndan \u00fcretilen aldatma \u00e7a\u011f\u0131nda g\u00fcven, a\u015final\u0131k yoluyla varsay\u0131lmamal\u0131, do\u011frulama yoluyla kazan\u0131lmal\u0131d\u0131r.<\/p>\n\n\n\n
Bunu anlayan ve do\u011fru ara\u00e7lara, s\u00fcre\u00e7lere ve k\u00fclt\u00fcre yat\u0131r\u0131m yapan \u015firketler, giderek daha belirsiz hale gelen dijital d\u00fcnyada hem g\u00fcvenli\u011fi hem de g\u00fcveni korumak i\u00e7in en iyi konumda olacaklard\u0131r.<\/p>\n\n\n\n
Bu yeni ger\u00e7eklikte, hatt\u0131n di\u011fer ucundaki ses g\u00f6r\u00fcnd\u00fc\u011f\u00fc gibi olmayabilir.<\/p>\n\n\n\n
Derin sahtekarl\u0131klar \u00e7a\u011f\u0131nda, s\u00fcrekli tetikte olmak g\u00fcvenli\u011fin bedelidir.<\/p>","protected":false},"excerpt":{"rendered":"
Haziran 2025'te, bir Google \u00e7al\u0131\u015fan\u0131 [...] taraf\u0131ndan rutin bir arama gibi g\u00f6r\u00fcnen bir telefon ald\u0131.<\/p>","protected":false},"author":15,"featured_media":5339,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[31],"tags":[],"class_list":["post-5335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-helpful-ai-content-tips"],"_links":{"self":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/comments?post=5335"}],"version-history":[{"count":3,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions"}],"predecessor-version":[{"id":5343,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions\/5343"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media\/5339"}],"wp:attachment":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media?parent=5335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/categories?post=5335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/tags?post=5335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\nShinyHunters'\u0131n Salesforce m\u00fc\u015fterilerine kar\u015f\u0131 y\u00fcr\u00fctt\u00fc\u011f\u00fc kampanya, geleneksel sosyal m\u00fchendislik ile son teknoloji yapay zeka aldatmacas\u0131n\u0131 birle\u015ftiren etkili bir oyun kitab\u0131n\u0131 takip ediyor:<\/p>\n\n\n\n
1. A\u015fama: Ses \u0130stihbarat\u0131 Toplama<\/strong><\/h3>\n\n\n\nSald\u0131rganlar, kamuya a\u00e7\u0131k kaynaklardan, y\u00f6netici sunumlar\u0131ndan, konferans g\u00f6r\u00fc\u015fmelerinden, \u015firket videolar\u0131ndan veya sosyal medya payla\u015f\u0131mlar\u0131ndan ses \u00f6rnekleri toplayarak i\u015fe ba\u015flar. <\/p>\n\n\n\n
20-30 saniye kadar net bir sesle, ikna edici ses klonlar\u0131 olu\u015fturabilirler.<\/p>\n\n\n\n
2. A\u015fama: Deepfake Vishing \u00c7a\u011fr\u0131s\u0131<\/strong><\/h3>\n\n\n\nBir oltalama \u00e7a\u011fr\u0131s\u0131 s\u0131ras\u0131nda sald\u0131rgan, kurban\u0131 Salesforce'un ba\u011fl\u0131 uygulama kurulum sayfas\u0131na gitmeye ve Data Loader uygulamas\u0131n\u0131n biraz de\u011fi\u015ftirilmi\u015f markayla gizlenmi\u015f sahte bir s\u00fcr\u00fcm\u00fcn\u00fc onaylamaya ikna eder.<\/p>\n\n\n\n
B\u00f6ylece kurban fark\u0131nda olmadan sald\u0131rganlar\u0131n Salesforce'tan hassas verileri \u00e7almas\u0131na izin vermi\u015f olur.<\/p>\n\n\n\n
Geli\u015fmi\u015flik dikkat \u00e7ekicidir. Baz\u0131 durumlarda sald\u0131rganlar, \u00e7al\u0131\u015fanlar\u0131n kimli\u011fine b\u00fcr\u00fcnmek ve yard\u0131m masas\u0131 personelini hileli eri\u015fime izin vermeye ikna etmek i\u00e7in deepfake ses kulland\u0131lar. <\/p>\n\n\n\n
Bu, sald\u0131rganlar\u0131n sadece otorite fig\u00fcrleri gibi davrand\u0131klar\u0131 geleneksel sesli kimlik av\u0131ndan, belirli ki\u015filer gibi ses \u00e7\u0131karabildikleri yapay zeka ile geli\u015ftirilmi\u015f taklit\u00e7ili\u011fe do\u011fru \u00f6nemli bir evrimi temsil ediyor.<\/p>\n\n\n\n
A\u015fama 3: OAuth \u0130stismar\u0131<\/strong><\/h3>\n\n\n\nK\u00f6t\u00fc ama\u00e7l\u0131 uygulama yetkilendirildi\u011finde, sald\u0131rganlar \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulamay\u0131 tamamen atlar. <\/p>\n\n\n\n
Sahte uygulama onayland\u0131ktan sonra sald\u0131rganlar, \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulamay\u0131 atlamalar\u0131na ve normal g\u00fcvenlik uyar\u0131lar\u0131n\u0131 tetiklemeden \u00e7al\u0131\u015fabilmelerine olanak tan\u0131yan uzun \u00f6m\u00fcrl\u00fc OAuth belirte\u00e7leri elde ediyor.<\/p>\n\n\n\n
A\u015fama 4: Sessiz Veri \u00c7\u0131karma<\/strong><\/h3>\n\n\n\nGoogle'\u0131n Tehdit \u0130stihbarat Grubu, bir tehdit akt\u00f6r\u00fcn\u00fcn hedeflenen her kurulu\u015f i\u00e7in veri h\u0131rs\u0131zl\u0131\u011f\u0131 s\u00fcrecini otomatikle\u015ftirmek \u00fczere bir Python arac\u0131 kulland\u0131\u011f\u0131 ve ara\u015ft\u0131rmac\u0131lar\u0131n potansiyel olarak etkilenen 700'den fazla kurulu\u015ftan haberdar oldu\u011fu konusunda uyard\u0131.<\/p>\n\n\n\n
Yapay Zeka Seslerine Kar\u015f\u0131 Neden Savunmas\u0131z\u0131z?<\/strong><\/h2>\n\n\n\nBu sald\u0131r\u0131lar\u0131n ba\u015far\u0131s\u0131 temel bir insan \u00f6zelli\u011finden faydalanmaktad\u0131r: duyduklar\u0131m\u0131za g\u00fcvenme e\u011filimimiz. <\/p>\n\n\n\n
Yak\u0131n zamanda yap\u0131lan k\u00fcresel bir ara\u015ft\u0131rmaya g\u00f6re, insanlar\u0131n y\u00fczde 70'i ger\u00e7ek bir ses ile klonlanm\u0131\u015f bir sesi ay\u0131rt edebileceklerinden emin olmad\u0131klar\u0131n\u0131 s\u00f6yl\u00fcyor.<\/p>\n\n\n\n
Yard\u0131m masas\u0131 personelinin yard\u0131msever ve uzla\u015fmac\u0131 olmak \u00fczere e\u011fitildi\u011fi ve uzaktan \u00e7al\u0131\u015fman\u0131n yaln\u0131zca sesli etkile\u015fimleri normalle\u015ftirdi\u011fi kurumsal ortamlarda bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 daha da artmaktad\u0131r.<\/p>\n\n\n\n
CrowdStrike'\u0131n 2025 K\u00fcresel Tehdit Raporu'na g\u00f6re, 2024'\u00fcn ilk ve ikinci yar\u0131s\u0131 aras\u0131nda sesli kimlik av\u0131 (vishing) sald\u0131r\u0131lar\u0131nda, yapay zeka taraf\u0131ndan \u00fcretilen kimlik av\u0131 ve taklit taktiklerinin etkisiyle 442%'lik bir art\u0131\u015f oldu.<\/p>\n\n\n\n
$25 Milyon Uyand\u0131rma \u00c7a\u011fr\u0131s\u0131<\/strong><\/h2>\n\n\n\n<\/figure>\n<\/div>\n\n\nDeepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lar\u0131n etkileri Salesforce'un \u00e7ok \u00f6tesine uzan\u0131yor. <\/p>\n\n\n\n
2024 y\u0131l\u0131n\u0131n ba\u015flar\u0131nda m\u00fchendislik firmas\u0131 Arup'ta ger\u00e7ekle\u015fen ve sald\u0131rganlar\u0131n bir video g\u00f6r\u00fc\u015fmesinde birden fazla y\u00f6neticinin kimli\u011fine b\u00fcr\u00fcnmek i\u00e7in yapay zeka kulland\u0131\u011f\u0131 $25 milyonluk deepfake soygunu, hi\u00e7bir kurulu\u015fun bu tehdide kar\u015f\u0131 ba\u011f\u0131\u015f\u0131k olmad\u0131\u011f\u0131n\u0131 g\u00f6sterdi. <\/p>\n\n\n\n
Benzer sald\u0131r\u0131lar, Ferrari CEO'su Benedetto Vigna'n\u0131n g\u00fcney \u0130talya aksan\u0131n\u0131 taklit eden yapay zeka ile klonlanm\u0131\u015f sesli aramalar kullan\u0131larak taklit edilmesi giri\u015fimi de dahil olmak \u00fczere farkl\u0131 sekt\u00f6rlerdeki y\u00f6neticileri de hedef ald\u0131.<\/p>\n\n\n\n
Bu olaylar, g\u00fcvenlik uzmanlar\u0131n\u0131n \"CEO doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 2.0\" olarak adland\u0131rd\u0131klar\u0131, deneyimli y\u00f6neticileri bile kand\u0131rabilecek \u00e7ok duyulu aldatmacalar yaratmak i\u00e7in basit e-posta taklitlerinin \u00f6tesine ge\u00e7en sald\u0131r\u0131lar\u0131 temsil ediyor.<\/p>\n\n\n\n
Platform G\u00fcvenli\u011fi ve \u0130nsan Zafiyeti<\/strong><\/h2>\n\n\n\nSalesforce, bu ihlallerin kendi platformlar\u0131ndaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 temsil etmedi\u011fini vurgulamakta gecikmedi. <\/p>\n\n\n\n
Salesforce, Mart 2025'te UNC6040'\u0131n kampanyas\u0131n\u0131 kabul ederek, sald\u0131rganlar\u0131n BT deste\u011fini taklit ederek \u00e7al\u0131\u015fanlar\u0131 kimlik bilgilerini vermeleri veya k\u00f6t\u00fc niyetli ba\u011flant\u0131l\u0131 uygulamalar\u0131 onaylamalar\u0131 i\u00e7in kand\u0131rd\u0131\u011f\u0131 uyar\u0131s\u0131nda bulundu. <\/p>\n\n\n\n
\u015eirket, bu olaylar\u0131n platformundaki herhangi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 i\u00e7ermedi\u011fini veya bu a\u00e7\u0131klardan kaynaklanmad\u0131\u011f\u0131n\u0131 vurgulad\u0131.<\/p>\n\n\n\n
Bu, t\u00fcm SaaS sa\u011flay\u0131c\u0131lar\u0131 i\u00e7in b\u00fcy\u00fck bir zorluk oldu\u011funu g\u00f6steriyor: teknik kusurlar yerine insan g\u00fcvenine oynayan sald\u0131r\u0131lar\u0131 nas\u0131l durduracaklar\u0131n\u0131 bulmak.<\/p>\n\n\n\n
Salesforce \u00e7e\u015fitli savunma \u00f6nlemlerini uygulamaya koymu\u015ftur:<\/p>\n\n\n\n
\n- Ba\u011fl\u0131 uygulama sa\u011flamla\u015ft\u0131rma: Yeni kullan\u0131c\u0131lar i\u00e7in y\u00fckl\u00fc olmayan ba\u011fl\u0131 uygulamalar\u0131 otomatik olarak devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- OAuth ak\u0131\u015f k\u0131s\u0131tlamalar\u0131: Belirli yetkilendirme s\u00fcre\u00e7leri kullan\u0131larak elde edilen ba\u011flant\u0131lar\u0131 devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- Geli\u015fmi\u015f izleme: \u015e\u00fcpheli uygulama yetkilendirme modellerinin geli\u015fmi\u015f tespiti<\/li>\n\n\n\n
- Kullan\u0131c\u0131 e\u011fitimi: Sosyal m\u00fchendislik giri\u015fimlerini tan\u0131ma konusunda rehber yay\u0131nlama<\/li>\n<\/ul>\n\n\n\n
A\u011fustos 2025'te Salesforce, ilgili sald\u0131r\u0131larda OAuth belirte\u00e7lerinin \u00e7al\u0131nd\u0131\u011f\u0131n\u0131 tespit ettikten sonra Drift uygulamas\u0131 da dahil olmak \u00fczere Salesloft teknolojileriyle t\u00fcm entegrasyonlar\u0131 kapatt\u0131. <\/p>\n\n\n\n
G\u00fcvenlik uzmanlar\u0131 art\u0131k ekiplerin, bir sesin yapay zeka taraf\u0131ndan \u00fcretildi\u011fini ortaya \u00e7\u0131karabilecek garip duraklamalar, arka plan g\u00fcr\u00fclt\u00fcs\u00fc veya ses hatalar\u0131 gibi ince ipu\u00e7lar\u0131n\u0131 dinlemeleri gerekti\u011fi konusunda uyar\u0131yor.<\/p>\n\n\n\n
Kurumsal Yan\u0131t: Teknoloji \u00c7\u00f6z\u00fcmlerinin \u00d6tesinde<\/strong><\/h2>\n\n\n\nKurulu\u015flar, deepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lara kar\u015f\u0131 savunman\u0131n teknolojik \u00e7\u00f6z\u00fcmlerden daha fazlas\u0131n\u0131 gerektirdi\u011fini anlamaya ba\u015fl\u0131yor; bu, g\u00fcven ve do\u011frulama s\u00fcre\u00e7lerinin temelden yeniden d\u00fc\u015f\u00fcn\u00fclmesini gerektiriyor.<\/p>\n\n\n\n
S\u0131f\u0131r G\u00fcven \u0130leti\u015fimi<\/strong><\/h3>\n\n\n\nBeyond Identity taraf\u0131ndan sunulan RealityCheck, her kat\u0131l\u0131mc\u0131ya kriptografik cihaz kimlik do\u011frulamas\u0131 ve s\u00fcrekli risk kontrolleri ile desteklenen, \u015fu anda Zoom ve Microsoft Teams i\u00e7in mevcut olan g\u00f6r\u00fcn\u00fcr, do\u011frulanm\u0131\u015f bir kimlik rozeti verir. <\/p>\n\n\n\n
Bu t\u00fcr \u00e7\u00f6z\u00fcmler, kurumsal ileti\u015fim i\u00e7in \"asla g\u00fcvenme, her zaman do\u011frula\" modellerine do\u011fru bir ge\u00e7i\u015fi temsil etmektedir.<\/p>\n\n\n\n
Geli\u015ftirilmi\u015f E\u011fitim Programlar\u0131<\/strong><\/h3>\n\n\n\nResemble AI'\u0131n deepfake sim\u00fclasyon platformunu kullanan kurulu\u015flar, deepfake sald\u0131r\u0131lar\u0131n\u0131n ger\u00e7ek d\u00fcnyada nas\u0131l ortaya \u00e7\u0131kt\u0131\u011f\u0131n\u0131 g\u00f6stermek i\u00e7in hiper-ger\u00e7ek\u00e7i sim\u00fclasyonlar kullanan platformu uygulad\u0131ktan sonra ba\u015far\u0131l\u0131 sald\u0131r\u0131larda 90%'ye kadar azalma oldu\u011funu bildiriyor.<\/p>\n\n\n\n
\u00c7ok Kanall\u0131 Do\u011frulama<\/strong><\/h3>\n\n\n\n\u00d6nde gelen kurulu\u015flar, ilk ileti\u015fimin ne kadar ger\u00e7ek\u00e7i g\u00f6r\u00fcnd\u00fc\u011f\u00fcne bak\u0131lmaks\u0131z\u0131n, y\u00fcksek riskli talepler i\u00e7in birden fazla kanaldan do\u011frulama gerektiren protokoller uygulamaktad\u0131r.<\/p>\n\n\n\n
Ses Art\u0131k Ger\u00e7ek Olmad\u0131\u011f\u0131nda<\/strong><\/h2>\n\n\n\nSalesforce ve di\u011fer kurumsal sistemlere y\u00f6nelik deepfake tehdidi, siber g\u00fcvenlik tarihinde bir d\u00f6n\u00fcm noktas\u0131n\u0131 temsil etmektedir. <\/p>\n\n\n\n
Sald\u0131rganlar ilk kez sadece otorite fig\u00fcrlerini taklit etmekle kalm\u0131yor; onlar gibi konu\u015fabiliyor, onlar gibi g\u00f6r\u00fcnebiliyor ve e\u011fitimli g\u00fcvenlik uzmanlar\u0131n\u0131 bile kurumsal g\u00fcvenli\u011fi tehlikeye atacak eylemlerde bulunmaya ikna edebiliyorlar.<\/p>\n\n\n\n
Yapay zeka taraf\u0131ndan \u00fcretilen aldatma \u00e7a\u011f\u0131nda g\u00fcven, a\u015final\u0131k yoluyla varsay\u0131lmamal\u0131, do\u011frulama yoluyla kazan\u0131lmal\u0131d\u0131r.<\/p>\n\n\n\n
Bunu anlayan ve do\u011fru ara\u00e7lara, s\u00fcre\u00e7lere ve k\u00fclt\u00fcre yat\u0131r\u0131m yapan \u015firketler, giderek daha belirsiz hale gelen dijital d\u00fcnyada hem g\u00fcvenli\u011fi hem de g\u00fcveni korumak i\u00e7in en iyi konumda olacaklard\u0131r.<\/p>\n\n\n\n
Bu yeni ger\u00e7eklikte, hatt\u0131n di\u011fer ucundaki ses g\u00f6r\u00fcnd\u00fc\u011f\u00fc gibi olmayabilir.<\/p>\n\n\n\n
Derin sahtekarl\u0131klar \u00e7a\u011f\u0131nda, s\u00fcrekli tetikte olmak g\u00fcvenli\u011fin bedelidir.<\/p>","protected":false},"excerpt":{"rendered":"
Haziran 2025'te, bir Google \u00e7al\u0131\u015fan\u0131 [...] taraf\u0131ndan rutin bir arama gibi g\u00f6r\u00fcnen bir telefon ald\u0131.<\/p>","protected":false},"author":15,"featured_media":5339,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[31],"tags":[],"class_list":["post-5335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-helpful-ai-content-tips"],"_links":{"self":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/comments?post=5335"}],"version-history":[{"count":3,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions"}],"predecessor-version":[{"id":5343,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions\/5343"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media\/5339"}],"wp:attachment":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media?parent=5335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/categories?post=5335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/tags?post=5335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Bir oltalama \u00e7a\u011fr\u0131s\u0131 s\u0131ras\u0131nda sald\u0131rgan, kurban\u0131 Salesforce'un ba\u011fl\u0131 uygulama kurulum sayfas\u0131na gitmeye ve Data Loader uygulamas\u0131n\u0131n biraz de\u011fi\u015ftirilmi\u015f markayla gizlenmi\u015f sahte bir s\u00fcr\u00fcm\u00fcn\u00fc onaylamaya ikna eder.<\/p>\n\n\n\n
B\u00f6ylece kurban fark\u0131nda olmadan sald\u0131rganlar\u0131n Salesforce'tan hassas verileri \u00e7almas\u0131na izin vermi\u015f olur.<\/p>\n\n\n\n
Geli\u015fmi\u015flik dikkat \u00e7ekicidir. Baz\u0131 durumlarda sald\u0131rganlar, \u00e7al\u0131\u015fanlar\u0131n kimli\u011fine b\u00fcr\u00fcnmek ve yard\u0131m masas\u0131 personelini hileli eri\u015fime izin vermeye ikna etmek i\u00e7in deepfake ses kulland\u0131lar. <\/p>\n\n\n\n
Bu, sald\u0131rganlar\u0131n sadece otorite fig\u00fcrleri gibi davrand\u0131klar\u0131 geleneksel sesli kimlik av\u0131ndan, belirli ki\u015filer gibi ses \u00e7\u0131karabildikleri yapay zeka ile geli\u015ftirilmi\u015f taklit\u00e7ili\u011fe do\u011fru \u00f6nemli bir evrimi temsil ediyor.<\/p>\n\n\n\n
A\u015fama 3: OAuth \u0130stismar\u0131<\/strong><\/h3>\n\n\n\nK\u00f6t\u00fc ama\u00e7l\u0131 uygulama yetkilendirildi\u011finde, sald\u0131rganlar \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulamay\u0131 tamamen atlar. <\/p>\n\n\n\n
Sahte uygulama onayland\u0131ktan sonra sald\u0131rganlar, \u00e7ok fakt\u00f6rl\u00fc kimlik do\u011frulamay\u0131 atlamalar\u0131na ve normal g\u00fcvenlik uyar\u0131lar\u0131n\u0131 tetiklemeden \u00e7al\u0131\u015fabilmelerine olanak tan\u0131yan uzun \u00f6m\u00fcrl\u00fc OAuth belirte\u00e7leri elde ediyor.<\/p>\n\n\n\n
A\u015fama 4: Sessiz Veri \u00c7\u0131karma<\/strong><\/h3>\n\n\n\nGoogle'\u0131n Tehdit \u0130stihbarat Grubu, bir tehdit akt\u00f6r\u00fcn\u00fcn hedeflenen her kurulu\u015f i\u00e7in veri h\u0131rs\u0131zl\u0131\u011f\u0131 s\u00fcrecini otomatikle\u015ftirmek \u00fczere bir Python arac\u0131 kulland\u0131\u011f\u0131 ve ara\u015ft\u0131rmac\u0131lar\u0131n potansiyel olarak etkilenen 700'den fazla kurulu\u015ftan haberdar oldu\u011fu konusunda uyard\u0131.<\/p>\n\n\n\n
Yapay Zeka Seslerine Kar\u015f\u0131 Neden Savunmas\u0131z\u0131z?<\/strong><\/h2>\n\n\n\nBu sald\u0131r\u0131lar\u0131n ba\u015far\u0131s\u0131 temel bir insan \u00f6zelli\u011finden faydalanmaktad\u0131r: duyduklar\u0131m\u0131za g\u00fcvenme e\u011filimimiz. <\/p>\n\n\n\n
Yak\u0131n zamanda yap\u0131lan k\u00fcresel bir ara\u015ft\u0131rmaya g\u00f6re, insanlar\u0131n y\u00fczde 70'i ger\u00e7ek bir ses ile klonlanm\u0131\u015f bir sesi ay\u0131rt edebileceklerinden emin olmad\u0131klar\u0131n\u0131 s\u00f6yl\u00fcyor.<\/p>\n\n\n\n
Yard\u0131m masas\u0131 personelinin yard\u0131msever ve uzla\u015fmac\u0131 olmak \u00fczere e\u011fitildi\u011fi ve uzaktan \u00e7al\u0131\u015fman\u0131n yaln\u0131zca sesli etkile\u015fimleri normalle\u015ftirdi\u011fi kurumsal ortamlarda bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 daha da artmaktad\u0131r.<\/p>\n\n\n\n
CrowdStrike'\u0131n 2025 K\u00fcresel Tehdit Raporu'na g\u00f6re, 2024'\u00fcn ilk ve ikinci yar\u0131s\u0131 aras\u0131nda sesli kimlik av\u0131 (vishing) sald\u0131r\u0131lar\u0131nda, yapay zeka taraf\u0131ndan \u00fcretilen kimlik av\u0131 ve taklit taktiklerinin etkisiyle 442%'lik bir art\u0131\u015f oldu.<\/p>\n\n\n\n
$25 Milyon Uyand\u0131rma \u00c7a\u011fr\u0131s\u0131<\/strong><\/h2>\n\n\n\n<\/figure>\n<\/div>\n\n\nDeepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lar\u0131n etkileri Salesforce'un \u00e7ok \u00f6tesine uzan\u0131yor. <\/p>\n\n\n\n
2024 y\u0131l\u0131n\u0131n ba\u015flar\u0131nda m\u00fchendislik firmas\u0131 Arup'ta ger\u00e7ekle\u015fen ve sald\u0131rganlar\u0131n bir video g\u00f6r\u00fc\u015fmesinde birden fazla y\u00f6neticinin kimli\u011fine b\u00fcr\u00fcnmek i\u00e7in yapay zeka kulland\u0131\u011f\u0131 $25 milyonluk deepfake soygunu, hi\u00e7bir kurulu\u015fun bu tehdide kar\u015f\u0131 ba\u011f\u0131\u015f\u0131k olmad\u0131\u011f\u0131n\u0131 g\u00f6sterdi. <\/p>\n\n\n\n
Benzer sald\u0131r\u0131lar, Ferrari CEO'su Benedetto Vigna'n\u0131n g\u00fcney \u0130talya aksan\u0131n\u0131 taklit eden yapay zeka ile klonlanm\u0131\u015f sesli aramalar kullan\u0131larak taklit edilmesi giri\u015fimi de dahil olmak \u00fczere farkl\u0131 sekt\u00f6rlerdeki y\u00f6neticileri de hedef ald\u0131.<\/p>\n\n\n\n
Bu olaylar, g\u00fcvenlik uzmanlar\u0131n\u0131n \"CEO doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 2.0\" olarak adland\u0131rd\u0131klar\u0131, deneyimli y\u00f6neticileri bile kand\u0131rabilecek \u00e7ok duyulu aldatmacalar yaratmak i\u00e7in basit e-posta taklitlerinin \u00f6tesine ge\u00e7en sald\u0131r\u0131lar\u0131 temsil ediyor.<\/p>\n\n\n\n
Platform G\u00fcvenli\u011fi ve \u0130nsan Zafiyeti<\/strong><\/h2>\n\n\n\nSalesforce, bu ihlallerin kendi platformlar\u0131ndaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 temsil etmedi\u011fini vurgulamakta gecikmedi. <\/p>\n\n\n\n
Salesforce, Mart 2025'te UNC6040'\u0131n kampanyas\u0131n\u0131 kabul ederek, sald\u0131rganlar\u0131n BT deste\u011fini taklit ederek \u00e7al\u0131\u015fanlar\u0131 kimlik bilgilerini vermeleri veya k\u00f6t\u00fc niyetli ba\u011flant\u0131l\u0131 uygulamalar\u0131 onaylamalar\u0131 i\u00e7in kand\u0131rd\u0131\u011f\u0131 uyar\u0131s\u0131nda bulundu. <\/p>\n\n\n\n
\u015eirket, bu olaylar\u0131n platformundaki herhangi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 i\u00e7ermedi\u011fini veya bu a\u00e7\u0131klardan kaynaklanmad\u0131\u011f\u0131n\u0131 vurgulad\u0131.<\/p>\n\n\n\n
Bu, t\u00fcm SaaS sa\u011flay\u0131c\u0131lar\u0131 i\u00e7in b\u00fcy\u00fck bir zorluk oldu\u011funu g\u00f6steriyor: teknik kusurlar yerine insan g\u00fcvenine oynayan sald\u0131r\u0131lar\u0131 nas\u0131l durduracaklar\u0131n\u0131 bulmak.<\/p>\n\n\n\n
Salesforce \u00e7e\u015fitli savunma \u00f6nlemlerini uygulamaya koymu\u015ftur:<\/p>\n\n\n\n
\n- Ba\u011fl\u0131 uygulama sa\u011flamla\u015ft\u0131rma: Yeni kullan\u0131c\u0131lar i\u00e7in y\u00fckl\u00fc olmayan ba\u011fl\u0131 uygulamalar\u0131 otomatik olarak devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- OAuth ak\u0131\u015f k\u0131s\u0131tlamalar\u0131: Belirli yetkilendirme s\u00fcre\u00e7leri kullan\u0131larak elde edilen ba\u011flant\u0131lar\u0131 devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- Geli\u015fmi\u015f izleme: \u015e\u00fcpheli uygulama yetkilendirme modellerinin geli\u015fmi\u015f tespiti<\/li>\n\n\n\n
- Kullan\u0131c\u0131 e\u011fitimi: Sosyal m\u00fchendislik giri\u015fimlerini tan\u0131ma konusunda rehber yay\u0131nlama<\/li>\n<\/ul>\n\n\n\n
A\u011fustos 2025'te Salesforce, ilgili sald\u0131r\u0131larda OAuth belirte\u00e7lerinin \u00e7al\u0131nd\u0131\u011f\u0131n\u0131 tespit ettikten sonra Drift uygulamas\u0131 da dahil olmak \u00fczere Salesloft teknolojileriyle t\u00fcm entegrasyonlar\u0131 kapatt\u0131. <\/p>\n\n\n\n
G\u00fcvenlik uzmanlar\u0131 art\u0131k ekiplerin, bir sesin yapay zeka taraf\u0131ndan \u00fcretildi\u011fini ortaya \u00e7\u0131karabilecek garip duraklamalar, arka plan g\u00fcr\u00fclt\u00fcs\u00fc veya ses hatalar\u0131 gibi ince ipu\u00e7lar\u0131n\u0131 dinlemeleri gerekti\u011fi konusunda uyar\u0131yor.<\/p>\n\n\n\n
Kurumsal Yan\u0131t: Teknoloji \u00c7\u00f6z\u00fcmlerinin \u00d6tesinde<\/strong><\/h2>\n\n\n\nKurulu\u015flar, deepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lara kar\u015f\u0131 savunman\u0131n teknolojik \u00e7\u00f6z\u00fcmlerden daha fazlas\u0131n\u0131 gerektirdi\u011fini anlamaya ba\u015fl\u0131yor; bu, g\u00fcven ve do\u011frulama s\u00fcre\u00e7lerinin temelden yeniden d\u00fc\u015f\u00fcn\u00fclmesini gerektiriyor.<\/p>\n\n\n\n
S\u0131f\u0131r G\u00fcven \u0130leti\u015fimi<\/strong><\/h3>\n\n\n\nBeyond Identity taraf\u0131ndan sunulan RealityCheck, her kat\u0131l\u0131mc\u0131ya kriptografik cihaz kimlik do\u011frulamas\u0131 ve s\u00fcrekli risk kontrolleri ile desteklenen, \u015fu anda Zoom ve Microsoft Teams i\u00e7in mevcut olan g\u00f6r\u00fcn\u00fcr, do\u011frulanm\u0131\u015f bir kimlik rozeti verir. <\/p>\n\n\n\n
Bu t\u00fcr \u00e7\u00f6z\u00fcmler, kurumsal ileti\u015fim i\u00e7in \"asla g\u00fcvenme, her zaman do\u011frula\" modellerine do\u011fru bir ge\u00e7i\u015fi temsil etmektedir.<\/p>\n\n\n\n
Geli\u015ftirilmi\u015f E\u011fitim Programlar\u0131<\/strong><\/h3>\n\n\n\nResemble AI'\u0131n deepfake sim\u00fclasyon platformunu kullanan kurulu\u015flar, deepfake sald\u0131r\u0131lar\u0131n\u0131n ger\u00e7ek d\u00fcnyada nas\u0131l ortaya \u00e7\u0131kt\u0131\u011f\u0131n\u0131 g\u00f6stermek i\u00e7in hiper-ger\u00e7ek\u00e7i sim\u00fclasyonlar kullanan platformu uygulad\u0131ktan sonra ba\u015far\u0131l\u0131 sald\u0131r\u0131larda 90%'ye kadar azalma oldu\u011funu bildiriyor.<\/p>\n\n\n\n
\u00c7ok Kanall\u0131 Do\u011frulama<\/strong><\/h3>\n\n\n\n\u00d6nde gelen kurulu\u015flar, ilk ileti\u015fimin ne kadar ger\u00e7ek\u00e7i g\u00f6r\u00fcnd\u00fc\u011f\u00fcne bak\u0131lmaks\u0131z\u0131n, y\u00fcksek riskli talepler i\u00e7in birden fazla kanaldan do\u011frulama gerektiren protokoller uygulamaktad\u0131r.<\/p>\n\n\n\n
Ses Art\u0131k Ger\u00e7ek Olmad\u0131\u011f\u0131nda<\/strong><\/h2>\n\n\n\nSalesforce ve di\u011fer kurumsal sistemlere y\u00f6nelik deepfake tehdidi, siber g\u00fcvenlik tarihinde bir d\u00f6n\u00fcm noktas\u0131n\u0131 temsil etmektedir. <\/p>\n\n\n\n
Sald\u0131rganlar ilk kez sadece otorite fig\u00fcrlerini taklit etmekle kalm\u0131yor; onlar gibi konu\u015fabiliyor, onlar gibi g\u00f6r\u00fcnebiliyor ve e\u011fitimli g\u00fcvenlik uzmanlar\u0131n\u0131 bile kurumsal g\u00fcvenli\u011fi tehlikeye atacak eylemlerde bulunmaya ikna edebiliyorlar.<\/p>\n\n\n\n
Yapay zeka taraf\u0131ndan \u00fcretilen aldatma \u00e7a\u011f\u0131nda g\u00fcven, a\u015final\u0131k yoluyla varsay\u0131lmamal\u0131, do\u011frulama yoluyla kazan\u0131lmal\u0131d\u0131r.<\/p>\n\n\n\n
Bunu anlayan ve do\u011fru ara\u00e7lara, s\u00fcre\u00e7lere ve k\u00fclt\u00fcre yat\u0131r\u0131m yapan \u015firketler, giderek daha belirsiz hale gelen dijital d\u00fcnyada hem g\u00fcvenli\u011fi hem de g\u00fcveni korumak i\u00e7in en iyi konumda olacaklard\u0131r.<\/p>\n\n\n\n
Bu yeni ger\u00e7eklikte, hatt\u0131n di\u011fer ucundaki ses g\u00f6r\u00fcnd\u00fc\u011f\u00fc gibi olmayabilir.<\/p>\n\n\n\n
Derin sahtekarl\u0131klar \u00e7a\u011f\u0131nda, s\u00fcrekli tetikte olmak g\u00fcvenli\u011fin bedelidir.<\/p>","protected":false},"excerpt":{"rendered":"
Haziran 2025'te, bir Google \u00e7al\u0131\u015fan\u0131 [...] taraf\u0131ndan rutin bir arama gibi g\u00f6r\u00fcnen bir telefon ald\u0131.<\/p>","protected":false},"author":15,"featured_media":5339,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[31],"tags":[],"class_list":["post-5335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-helpful-ai-content-tips"],"_links":{"self":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/comments?post=5335"}],"version-history":[{"count":3,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions"}],"predecessor-version":[{"id":5343,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions\/5343"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media\/5339"}],"wp:attachment":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media?parent=5335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/categories?post=5335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/tags?post=5335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Google'\u0131n Tehdit \u0130stihbarat Grubu, bir tehdit akt\u00f6r\u00fcn\u00fcn hedeflenen her kurulu\u015f i\u00e7in veri h\u0131rs\u0131zl\u0131\u011f\u0131 s\u00fcrecini otomatikle\u015ftirmek \u00fczere bir Python arac\u0131 kulland\u0131\u011f\u0131 ve ara\u015ft\u0131rmac\u0131lar\u0131n potansiyel olarak etkilenen 700'den fazla kurulu\u015ftan haberdar oldu\u011fu konusunda uyard\u0131.<\/p>\n\n\n\n
Yapay Zeka Seslerine Kar\u015f\u0131 Neden Savunmas\u0131z\u0131z?<\/strong><\/h2>\n\n\n\nBu sald\u0131r\u0131lar\u0131n ba\u015far\u0131s\u0131 temel bir insan \u00f6zelli\u011finden faydalanmaktad\u0131r: duyduklar\u0131m\u0131za g\u00fcvenme e\u011filimimiz. <\/p>\n\n\n\n
Yak\u0131n zamanda yap\u0131lan k\u00fcresel bir ara\u015ft\u0131rmaya g\u00f6re, insanlar\u0131n y\u00fczde 70'i ger\u00e7ek bir ses ile klonlanm\u0131\u015f bir sesi ay\u0131rt edebileceklerinden emin olmad\u0131klar\u0131n\u0131 s\u00f6yl\u00fcyor.<\/p>\n\n\n\n
Yard\u0131m masas\u0131 personelinin yard\u0131msever ve uzla\u015fmac\u0131 olmak \u00fczere e\u011fitildi\u011fi ve uzaktan \u00e7al\u0131\u015fman\u0131n yaln\u0131zca sesli etkile\u015fimleri normalle\u015ftirdi\u011fi kurumsal ortamlarda bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131 daha da artmaktad\u0131r.<\/p>\n\n\n\n
CrowdStrike'\u0131n 2025 K\u00fcresel Tehdit Raporu'na g\u00f6re, 2024'\u00fcn ilk ve ikinci yar\u0131s\u0131 aras\u0131nda sesli kimlik av\u0131 (vishing) sald\u0131r\u0131lar\u0131nda, yapay zeka taraf\u0131ndan \u00fcretilen kimlik av\u0131 ve taklit taktiklerinin etkisiyle 442%'lik bir art\u0131\u015f oldu.<\/p>\n\n\n\n
$25 Milyon Uyand\u0131rma \u00c7a\u011fr\u0131s\u0131<\/strong><\/h2>\n\n\n\n<\/figure>\n<\/div>\n\n\nDeepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lar\u0131n etkileri Salesforce'un \u00e7ok \u00f6tesine uzan\u0131yor. <\/p>\n\n\n\n
2024 y\u0131l\u0131n\u0131n ba\u015flar\u0131nda m\u00fchendislik firmas\u0131 Arup'ta ger\u00e7ekle\u015fen ve sald\u0131rganlar\u0131n bir video g\u00f6r\u00fc\u015fmesinde birden fazla y\u00f6neticinin kimli\u011fine b\u00fcr\u00fcnmek i\u00e7in yapay zeka kulland\u0131\u011f\u0131 $25 milyonluk deepfake soygunu, hi\u00e7bir kurulu\u015fun bu tehdide kar\u015f\u0131 ba\u011f\u0131\u015f\u0131k olmad\u0131\u011f\u0131n\u0131 g\u00f6sterdi. <\/p>\n\n\n\n
Benzer sald\u0131r\u0131lar, Ferrari CEO'su Benedetto Vigna'n\u0131n g\u00fcney \u0130talya aksan\u0131n\u0131 taklit eden yapay zeka ile klonlanm\u0131\u015f sesli aramalar kullan\u0131larak taklit edilmesi giri\u015fimi de dahil olmak \u00fczere farkl\u0131 sekt\u00f6rlerdeki y\u00f6neticileri de hedef ald\u0131.<\/p>\n\n\n\n
Bu olaylar, g\u00fcvenlik uzmanlar\u0131n\u0131n \"CEO doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 2.0\" olarak adland\u0131rd\u0131klar\u0131, deneyimli y\u00f6neticileri bile kand\u0131rabilecek \u00e7ok duyulu aldatmacalar yaratmak i\u00e7in basit e-posta taklitlerinin \u00f6tesine ge\u00e7en sald\u0131r\u0131lar\u0131 temsil ediyor.<\/p>\n\n\n\n
Platform G\u00fcvenli\u011fi ve \u0130nsan Zafiyeti<\/strong><\/h2>\n\n\n\nSalesforce, bu ihlallerin kendi platformlar\u0131ndaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 temsil etmedi\u011fini vurgulamakta gecikmedi. <\/p>\n\n\n\n
Salesforce, Mart 2025'te UNC6040'\u0131n kampanyas\u0131n\u0131 kabul ederek, sald\u0131rganlar\u0131n BT deste\u011fini taklit ederek \u00e7al\u0131\u015fanlar\u0131 kimlik bilgilerini vermeleri veya k\u00f6t\u00fc niyetli ba\u011flant\u0131l\u0131 uygulamalar\u0131 onaylamalar\u0131 i\u00e7in kand\u0131rd\u0131\u011f\u0131 uyar\u0131s\u0131nda bulundu. <\/p>\n\n\n\n
\u015eirket, bu olaylar\u0131n platformundaki herhangi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 i\u00e7ermedi\u011fini veya bu a\u00e7\u0131klardan kaynaklanmad\u0131\u011f\u0131n\u0131 vurgulad\u0131.<\/p>\n\n\n\n
Bu, t\u00fcm SaaS sa\u011flay\u0131c\u0131lar\u0131 i\u00e7in b\u00fcy\u00fck bir zorluk oldu\u011funu g\u00f6steriyor: teknik kusurlar yerine insan g\u00fcvenine oynayan sald\u0131r\u0131lar\u0131 nas\u0131l durduracaklar\u0131n\u0131 bulmak.<\/p>\n\n\n\n
Salesforce \u00e7e\u015fitli savunma \u00f6nlemlerini uygulamaya koymu\u015ftur:<\/p>\n\n\n\n
\n- Ba\u011fl\u0131 uygulama sa\u011flamla\u015ft\u0131rma: Yeni kullan\u0131c\u0131lar i\u00e7in y\u00fckl\u00fc olmayan ba\u011fl\u0131 uygulamalar\u0131 otomatik olarak devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- OAuth ak\u0131\u015f k\u0131s\u0131tlamalar\u0131: Belirli yetkilendirme s\u00fcre\u00e7leri kullan\u0131larak elde edilen ba\u011flant\u0131lar\u0131 devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- Geli\u015fmi\u015f izleme: \u015e\u00fcpheli uygulama yetkilendirme modellerinin geli\u015fmi\u015f tespiti<\/li>\n\n\n\n
- Kullan\u0131c\u0131 e\u011fitimi: Sosyal m\u00fchendislik giri\u015fimlerini tan\u0131ma konusunda rehber yay\u0131nlama<\/li>\n<\/ul>\n\n\n\n
A\u011fustos 2025'te Salesforce, ilgili sald\u0131r\u0131larda OAuth belirte\u00e7lerinin \u00e7al\u0131nd\u0131\u011f\u0131n\u0131 tespit ettikten sonra Drift uygulamas\u0131 da dahil olmak \u00fczere Salesloft teknolojileriyle t\u00fcm entegrasyonlar\u0131 kapatt\u0131. <\/p>\n\n\n\n
G\u00fcvenlik uzmanlar\u0131 art\u0131k ekiplerin, bir sesin yapay zeka taraf\u0131ndan \u00fcretildi\u011fini ortaya \u00e7\u0131karabilecek garip duraklamalar, arka plan g\u00fcr\u00fclt\u00fcs\u00fc veya ses hatalar\u0131 gibi ince ipu\u00e7lar\u0131n\u0131 dinlemeleri gerekti\u011fi konusunda uyar\u0131yor.<\/p>\n\n\n\n
Kurumsal Yan\u0131t: Teknoloji \u00c7\u00f6z\u00fcmlerinin \u00d6tesinde<\/strong><\/h2>\n\n\n\nKurulu\u015flar, deepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lara kar\u015f\u0131 savunman\u0131n teknolojik \u00e7\u00f6z\u00fcmlerden daha fazlas\u0131n\u0131 gerektirdi\u011fini anlamaya ba\u015fl\u0131yor; bu, g\u00fcven ve do\u011frulama s\u00fcre\u00e7lerinin temelden yeniden d\u00fc\u015f\u00fcn\u00fclmesini gerektiriyor.<\/p>\n\n\n\n
S\u0131f\u0131r G\u00fcven \u0130leti\u015fimi<\/strong><\/h3>\n\n\n\nBeyond Identity taraf\u0131ndan sunulan RealityCheck, her kat\u0131l\u0131mc\u0131ya kriptografik cihaz kimlik do\u011frulamas\u0131 ve s\u00fcrekli risk kontrolleri ile desteklenen, \u015fu anda Zoom ve Microsoft Teams i\u00e7in mevcut olan g\u00f6r\u00fcn\u00fcr, do\u011frulanm\u0131\u015f bir kimlik rozeti verir. <\/p>\n\n\n\n
Bu t\u00fcr \u00e7\u00f6z\u00fcmler, kurumsal ileti\u015fim i\u00e7in \"asla g\u00fcvenme, her zaman do\u011frula\" modellerine do\u011fru bir ge\u00e7i\u015fi temsil etmektedir.<\/p>\n\n\n\n
Geli\u015ftirilmi\u015f E\u011fitim Programlar\u0131<\/strong><\/h3>\n\n\n\nResemble AI'\u0131n deepfake sim\u00fclasyon platformunu kullanan kurulu\u015flar, deepfake sald\u0131r\u0131lar\u0131n\u0131n ger\u00e7ek d\u00fcnyada nas\u0131l ortaya \u00e7\u0131kt\u0131\u011f\u0131n\u0131 g\u00f6stermek i\u00e7in hiper-ger\u00e7ek\u00e7i sim\u00fclasyonlar kullanan platformu uygulad\u0131ktan sonra ba\u015far\u0131l\u0131 sald\u0131r\u0131larda 90%'ye kadar azalma oldu\u011funu bildiriyor.<\/p>\n\n\n\n
\u00c7ok Kanall\u0131 Do\u011frulama<\/strong><\/h3>\n\n\n\n\u00d6nde gelen kurulu\u015flar, ilk ileti\u015fimin ne kadar ger\u00e7ek\u00e7i g\u00f6r\u00fcnd\u00fc\u011f\u00fcne bak\u0131lmaks\u0131z\u0131n, y\u00fcksek riskli talepler i\u00e7in birden fazla kanaldan do\u011frulama gerektiren protokoller uygulamaktad\u0131r.<\/p>\n\n\n\n
Ses Art\u0131k Ger\u00e7ek Olmad\u0131\u011f\u0131nda<\/strong><\/h2>\n\n\n\nSalesforce ve di\u011fer kurumsal sistemlere y\u00f6nelik deepfake tehdidi, siber g\u00fcvenlik tarihinde bir d\u00f6n\u00fcm noktas\u0131n\u0131 temsil etmektedir. <\/p>\n\n\n\n
Sald\u0131rganlar ilk kez sadece otorite fig\u00fcrlerini taklit etmekle kalm\u0131yor; onlar gibi konu\u015fabiliyor, onlar gibi g\u00f6r\u00fcnebiliyor ve e\u011fitimli g\u00fcvenlik uzmanlar\u0131n\u0131 bile kurumsal g\u00fcvenli\u011fi tehlikeye atacak eylemlerde bulunmaya ikna edebiliyorlar.<\/p>\n\n\n\n
Yapay zeka taraf\u0131ndan \u00fcretilen aldatma \u00e7a\u011f\u0131nda g\u00fcven, a\u015final\u0131k yoluyla varsay\u0131lmamal\u0131, do\u011frulama yoluyla kazan\u0131lmal\u0131d\u0131r.<\/p>\n\n\n\n
Bunu anlayan ve do\u011fru ara\u00e7lara, s\u00fcre\u00e7lere ve k\u00fclt\u00fcre yat\u0131r\u0131m yapan \u015firketler, giderek daha belirsiz hale gelen dijital d\u00fcnyada hem g\u00fcvenli\u011fi hem de g\u00fcveni korumak i\u00e7in en iyi konumda olacaklard\u0131r.<\/p>\n\n\n\n
Bu yeni ger\u00e7eklikte, hatt\u0131n di\u011fer ucundaki ses g\u00f6r\u00fcnd\u00fc\u011f\u00fc gibi olmayabilir.<\/p>\n\n\n\n
Derin sahtekarl\u0131klar \u00e7a\u011f\u0131nda, s\u00fcrekli tetikte olmak g\u00fcvenli\u011fin bedelidir.<\/p>","protected":false},"excerpt":{"rendered":"
Haziran 2025'te, bir Google \u00e7al\u0131\u015fan\u0131 [...] taraf\u0131ndan rutin bir arama gibi g\u00f6r\u00fcnen bir telefon ald\u0131.<\/p>","protected":false},"author":15,"featured_media":5339,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[31],"tags":[],"class_list":["post-5335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-helpful-ai-content-tips"],"_links":{"self":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/comments?post=5335"}],"version-history":[{"count":3,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions"}],"predecessor-version":[{"id":5343,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions\/5343"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media\/5339"}],"wp:attachment":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media?parent=5335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/categories?post=5335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/tags?post=5335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/figure>\n<\/div>\n\n\nDeepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lar\u0131n etkileri Salesforce'un \u00e7ok \u00f6tesine uzan\u0131yor. <\/p>\n\n\n\n
2024 y\u0131l\u0131n\u0131n ba\u015flar\u0131nda m\u00fchendislik firmas\u0131 Arup'ta ger\u00e7ekle\u015fen ve sald\u0131rganlar\u0131n bir video g\u00f6r\u00fc\u015fmesinde birden fazla y\u00f6neticinin kimli\u011fine b\u00fcr\u00fcnmek i\u00e7in yapay zeka kulland\u0131\u011f\u0131 $25 milyonluk deepfake soygunu, hi\u00e7bir kurulu\u015fun bu tehdide kar\u015f\u0131 ba\u011f\u0131\u015f\u0131k olmad\u0131\u011f\u0131n\u0131 g\u00f6sterdi. <\/p>\n\n\n\n
Benzer sald\u0131r\u0131lar, Ferrari CEO'su Benedetto Vigna'n\u0131n g\u00fcney \u0130talya aksan\u0131n\u0131 taklit eden yapay zeka ile klonlanm\u0131\u015f sesli aramalar kullan\u0131larak taklit edilmesi giri\u015fimi de dahil olmak \u00fczere farkl\u0131 sekt\u00f6rlerdeki y\u00f6neticileri de hedef ald\u0131.<\/p>\n\n\n\n
Bu olaylar, g\u00fcvenlik uzmanlar\u0131n\u0131n \"CEO doland\u0131r\u0131c\u0131l\u0131\u011f\u0131 2.0\" olarak adland\u0131rd\u0131klar\u0131, deneyimli y\u00f6neticileri bile kand\u0131rabilecek \u00e7ok duyulu aldatmacalar yaratmak i\u00e7in basit e-posta taklitlerinin \u00f6tesine ge\u00e7en sald\u0131r\u0131lar\u0131 temsil ediyor.<\/p>\n\n\n\n
Platform G\u00fcvenli\u011fi ve \u0130nsan Zafiyeti<\/strong><\/h2>\n\n\n\nSalesforce, bu ihlallerin kendi platformlar\u0131ndaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 temsil etmedi\u011fini vurgulamakta gecikmedi. <\/p>\n\n\n\n
Salesforce, Mart 2025'te UNC6040'\u0131n kampanyas\u0131n\u0131 kabul ederek, sald\u0131rganlar\u0131n BT deste\u011fini taklit ederek \u00e7al\u0131\u015fanlar\u0131 kimlik bilgilerini vermeleri veya k\u00f6t\u00fc niyetli ba\u011flant\u0131l\u0131 uygulamalar\u0131 onaylamalar\u0131 i\u00e7in kand\u0131rd\u0131\u011f\u0131 uyar\u0131s\u0131nda bulundu. <\/p>\n\n\n\n
\u015eirket, bu olaylar\u0131n platformundaki herhangi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 i\u00e7ermedi\u011fini veya bu a\u00e7\u0131klardan kaynaklanmad\u0131\u011f\u0131n\u0131 vurgulad\u0131.<\/p>\n\n\n\n
Bu, t\u00fcm SaaS sa\u011flay\u0131c\u0131lar\u0131 i\u00e7in b\u00fcy\u00fck bir zorluk oldu\u011funu g\u00f6steriyor: teknik kusurlar yerine insan g\u00fcvenine oynayan sald\u0131r\u0131lar\u0131 nas\u0131l durduracaklar\u0131n\u0131 bulmak.<\/p>\n\n\n\n
Salesforce \u00e7e\u015fitli savunma \u00f6nlemlerini uygulamaya koymu\u015ftur:<\/p>\n\n\n\n
\n- Ba\u011fl\u0131 uygulama sa\u011flamla\u015ft\u0131rma: Yeni kullan\u0131c\u0131lar i\u00e7in y\u00fckl\u00fc olmayan ba\u011fl\u0131 uygulamalar\u0131 otomatik olarak devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- OAuth ak\u0131\u015f k\u0131s\u0131tlamalar\u0131: Belirli yetkilendirme s\u00fcre\u00e7leri kullan\u0131larak elde edilen ba\u011flant\u0131lar\u0131 devre d\u0131\u015f\u0131 b\u0131rakma<\/li>\n\n\n\n
- Geli\u015fmi\u015f izleme: \u015e\u00fcpheli uygulama yetkilendirme modellerinin geli\u015fmi\u015f tespiti<\/li>\n\n\n\n
- Kullan\u0131c\u0131 e\u011fitimi: Sosyal m\u00fchendislik giri\u015fimlerini tan\u0131ma konusunda rehber yay\u0131nlama<\/li>\n<\/ul>\n\n\n\n
A\u011fustos 2025'te Salesforce, ilgili sald\u0131r\u0131larda OAuth belirte\u00e7lerinin \u00e7al\u0131nd\u0131\u011f\u0131n\u0131 tespit ettikten sonra Drift uygulamas\u0131 da dahil olmak \u00fczere Salesloft teknolojileriyle t\u00fcm entegrasyonlar\u0131 kapatt\u0131. <\/p>\n\n\n\n
G\u00fcvenlik uzmanlar\u0131 art\u0131k ekiplerin, bir sesin yapay zeka taraf\u0131ndan \u00fcretildi\u011fini ortaya \u00e7\u0131karabilecek garip duraklamalar, arka plan g\u00fcr\u00fclt\u00fcs\u00fc veya ses hatalar\u0131 gibi ince ipu\u00e7lar\u0131n\u0131 dinlemeleri gerekti\u011fi konusunda uyar\u0131yor.<\/p>\n\n\n\n
Kurumsal Yan\u0131t: Teknoloji \u00c7\u00f6z\u00fcmlerinin \u00d6tesinde<\/strong><\/h2>\n\n\n\nKurulu\u015flar, deepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lara kar\u015f\u0131 savunman\u0131n teknolojik \u00e7\u00f6z\u00fcmlerden daha fazlas\u0131n\u0131 gerektirdi\u011fini anlamaya ba\u015fl\u0131yor; bu, g\u00fcven ve do\u011frulama s\u00fcre\u00e7lerinin temelden yeniden d\u00fc\u015f\u00fcn\u00fclmesini gerektiriyor.<\/p>\n\n\n\n
S\u0131f\u0131r G\u00fcven \u0130leti\u015fimi<\/strong><\/h3>\n\n\n\nBeyond Identity taraf\u0131ndan sunulan RealityCheck, her kat\u0131l\u0131mc\u0131ya kriptografik cihaz kimlik do\u011frulamas\u0131 ve s\u00fcrekli risk kontrolleri ile desteklenen, \u015fu anda Zoom ve Microsoft Teams i\u00e7in mevcut olan g\u00f6r\u00fcn\u00fcr, do\u011frulanm\u0131\u015f bir kimlik rozeti verir. <\/p>\n\n\n\n
Bu t\u00fcr \u00e7\u00f6z\u00fcmler, kurumsal ileti\u015fim i\u00e7in \"asla g\u00fcvenme, her zaman do\u011frula\" modellerine do\u011fru bir ge\u00e7i\u015fi temsil etmektedir.<\/p>\n\n\n\n
Geli\u015ftirilmi\u015f E\u011fitim Programlar\u0131<\/strong><\/h3>\n\n\n\nResemble AI'\u0131n deepfake sim\u00fclasyon platformunu kullanan kurulu\u015flar, deepfake sald\u0131r\u0131lar\u0131n\u0131n ger\u00e7ek d\u00fcnyada nas\u0131l ortaya \u00e7\u0131kt\u0131\u011f\u0131n\u0131 g\u00f6stermek i\u00e7in hiper-ger\u00e7ek\u00e7i sim\u00fclasyonlar kullanan platformu uygulad\u0131ktan sonra ba\u015far\u0131l\u0131 sald\u0131r\u0131larda 90%'ye kadar azalma oldu\u011funu bildiriyor.<\/p>\n\n\n\n
\u00c7ok Kanall\u0131 Do\u011frulama<\/strong><\/h3>\n\n\n\n\u00d6nde gelen kurulu\u015flar, ilk ileti\u015fimin ne kadar ger\u00e7ek\u00e7i g\u00f6r\u00fcnd\u00fc\u011f\u00fcne bak\u0131lmaks\u0131z\u0131n, y\u00fcksek riskli talepler i\u00e7in birden fazla kanaldan do\u011frulama gerektiren protokoller uygulamaktad\u0131r.<\/p>\n\n\n\n
Ses Art\u0131k Ger\u00e7ek Olmad\u0131\u011f\u0131nda<\/strong><\/h2>\n\n\n\nSalesforce ve di\u011fer kurumsal sistemlere y\u00f6nelik deepfake tehdidi, siber g\u00fcvenlik tarihinde bir d\u00f6n\u00fcm noktas\u0131n\u0131 temsil etmektedir. <\/p>\n\n\n\n
Sald\u0131rganlar ilk kez sadece otorite fig\u00fcrlerini taklit etmekle kalm\u0131yor; onlar gibi konu\u015fabiliyor, onlar gibi g\u00f6r\u00fcnebiliyor ve e\u011fitimli g\u00fcvenlik uzmanlar\u0131n\u0131 bile kurumsal g\u00fcvenli\u011fi tehlikeye atacak eylemlerde bulunmaya ikna edebiliyorlar.<\/p>\n\n\n\n
Yapay zeka taraf\u0131ndan \u00fcretilen aldatma \u00e7a\u011f\u0131nda g\u00fcven, a\u015final\u0131k yoluyla varsay\u0131lmamal\u0131, do\u011frulama yoluyla kazan\u0131lmal\u0131d\u0131r.<\/p>\n\n\n\n
Bunu anlayan ve do\u011fru ara\u00e7lara, s\u00fcre\u00e7lere ve k\u00fclt\u00fcre yat\u0131r\u0131m yapan \u015firketler, giderek daha belirsiz hale gelen dijital d\u00fcnyada hem g\u00fcvenli\u011fi hem de g\u00fcveni korumak i\u00e7in en iyi konumda olacaklard\u0131r.<\/p>\n\n\n\n
Bu yeni ger\u00e7eklikte, hatt\u0131n di\u011fer ucundaki ses g\u00f6r\u00fcnd\u00fc\u011f\u00fc gibi olmayabilir.<\/p>\n\n\n\n
Derin sahtekarl\u0131klar \u00e7a\u011f\u0131nda, s\u00fcrekli tetikte olmak g\u00fcvenli\u011fin bedelidir.<\/p>","protected":false},"excerpt":{"rendered":"
Haziran 2025'te, bir Google \u00e7al\u0131\u015fan\u0131 [...] taraf\u0131ndan rutin bir arama gibi g\u00f6r\u00fcnen bir telefon ald\u0131.<\/p>","protected":false},"author":15,"featured_media":5339,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[31],"tags":[],"class_list":["post-5335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-helpful-ai-content-tips"],"_links":{"self":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/comments?post=5335"}],"version-history":[{"count":3,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions"}],"predecessor-version":[{"id":5343,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions\/5343"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media\/5339"}],"wp:attachment":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media?parent=5335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/categories?post=5335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/tags?post=5335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
A\u011fustos 2025'te Salesforce, ilgili sald\u0131r\u0131larda OAuth belirte\u00e7lerinin \u00e7al\u0131nd\u0131\u011f\u0131n\u0131 tespit ettikten sonra Drift uygulamas\u0131 da dahil olmak \u00fczere Salesloft teknolojileriyle t\u00fcm entegrasyonlar\u0131 kapatt\u0131. <\/p>\n\n\n\n
G\u00fcvenlik uzmanlar\u0131 art\u0131k ekiplerin, bir sesin yapay zeka taraf\u0131ndan \u00fcretildi\u011fini ortaya \u00e7\u0131karabilecek garip duraklamalar, arka plan g\u00fcr\u00fclt\u00fcs\u00fc veya ses hatalar\u0131 gibi ince ipu\u00e7lar\u0131n\u0131 dinlemeleri gerekti\u011fi konusunda uyar\u0131yor.<\/p>\n\n\n\n
Kurumsal Yan\u0131t: Teknoloji \u00c7\u00f6z\u00fcmlerinin \u00d6tesinde<\/strong><\/h2>\n\n\n\nKurulu\u015flar, deepfake ile geli\u015ftirilmi\u015f sald\u0131r\u0131lara kar\u015f\u0131 savunman\u0131n teknolojik \u00e7\u00f6z\u00fcmlerden daha fazlas\u0131n\u0131 gerektirdi\u011fini anlamaya ba\u015fl\u0131yor; bu, g\u00fcven ve do\u011frulama s\u00fcre\u00e7lerinin temelden yeniden d\u00fc\u015f\u00fcn\u00fclmesini gerektiriyor.<\/p>\n\n\n\n
S\u0131f\u0131r G\u00fcven \u0130leti\u015fimi<\/strong><\/h3>\n\n\n\nBeyond Identity taraf\u0131ndan sunulan RealityCheck, her kat\u0131l\u0131mc\u0131ya kriptografik cihaz kimlik do\u011frulamas\u0131 ve s\u00fcrekli risk kontrolleri ile desteklenen, \u015fu anda Zoom ve Microsoft Teams i\u00e7in mevcut olan g\u00f6r\u00fcn\u00fcr, do\u011frulanm\u0131\u015f bir kimlik rozeti verir. <\/p>\n\n\n\n
Bu t\u00fcr \u00e7\u00f6z\u00fcmler, kurumsal ileti\u015fim i\u00e7in \"asla g\u00fcvenme, her zaman do\u011frula\" modellerine do\u011fru bir ge\u00e7i\u015fi temsil etmektedir.<\/p>\n\n\n\n
Geli\u015ftirilmi\u015f E\u011fitim Programlar\u0131<\/strong><\/h3>\n\n\n\nResemble AI'\u0131n deepfake sim\u00fclasyon platformunu kullanan kurulu\u015flar, deepfake sald\u0131r\u0131lar\u0131n\u0131n ger\u00e7ek d\u00fcnyada nas\u0131l ortaya \u00e7\u0131kt\u0131\u011f\u0131n\u0131 g\u00f6stermek i\u00e7in hiper-ger\u00e7ek\u00e7i sim\u00fclasyonlar kullanan platformu uygulad\u0131ktan sonra ba\u015far\u0131l\u0131 sald\u0131r\u0131larda 90%'ye kadar azalma oldu\u011funu bildiriyor.<\/p>\n\n\n\n
\u00c7ok Kanall\u0131 Do\u011frulama<\/strong><\/h3>\n\n\n\n\u00d6nde gelen kurulu\u015flar, ilk ileti\u015fimin ne kadar ger\u00e7ek\u00e7i g\u00f6r\u00fcnd\u00fc\u011f\u00fcne bak\u0131lmaks\u0131z\u0131n, y\u00fcksek riskli talepler i\u00e7in birden fazla kanaldan do\u011frulama gerektiren protokoller uygulamaktad\u0131r.<\/p>\n\n\n\n
Ses Art\u0131k Ger\u00e7ek Olmad\u0131\u011f\u0131nda<\/strong><\/h2>\n\n\n\nSalesforce ve di\u011fer kurumsal sistemlere y\u00f6nelik deepfake tehdidi, siber g\u00fcvenlik tarihinde bir d\u00f6n\u00fcm noktas\u0131n\u0131 temsil etmektedir. <\/p>\n\n\n\n
Sald\u0131rganlar ilk kez sadece otorite fig\u00fcrlerini taklit etmekle kalm\u0131yor; onlar gibi konu\u015fabiliyor, onlar gibi g\u00f6r\u00fcnebiliyor ve e\u011fitimli g\u00fcvenlik uzmanlar\u0131n\u0131 bile kurumsal g\u00fcvenli\u011fi tehlikeye atacak eylemlerde bulunmaya ikna edebiliyorlar.<\/p>\n\n\n\n
Yapay zeka taraf\u0131ndan \u00fcretilen aldatma \u00e7a\u011f\u0131nda g\u00fcven, a\u015final\u0131k yoluyla varsay\u0131lmamal\u0131, do\u011frulama yoluyla kazan\u0131lmal\u0131d\u0131r.<\/p>\n\n\n\n
Bunu anlayan ve do\u011fru ara\u00e7lara, s\u00fcre\u00e7lere ve k\u00fclt\u00fcre yat\u0131r\u0131m yapan \u015firketler, giderek daha belirsiz hale gelen dijital d\u00fcnyada hem g\u00fcvenli\u011fi hem de g\u00fcveni korumak i\u00e7in en iyi konumda olacaklard\u0131r.<\/p>\n\n\n\n
Bu yeni ger\u00e7eklikte, hatt\u0131n di\u011fer ucundaki ses g\u00f6r\u00fcnd\u00fc\u011f\u00fc gibi olmayabilir.<\/p>\n\n\n\n
Derin sahtekarl\u0131klar \u00e7a\u011f\u0131nda, s\u00fcrekli tetikte olmak g\u00fcvenli\u011fin bedelidir.<\/p>","protected":false},"excerpt":{"rendered":"
Haziran 2025'te, bir Google \u00e7al\u0131\u015fan\u0131 [...] taraf\u0131ndan rutin bir arama gibi g\u00f6r\u00fcnen bir telefon ald\u0131.<\/p>","protected":false},"author":15,"featured_media":5339,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[31],"tags":[],"class_list":["post-5335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-helpful-ai-content-tips"],"_links":{"self":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/comments?post=5335"}],"version-history":[{"count":3,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions"}],"predecessor-version":[{"id":5343,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions\/5343"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media\/5339"}],"wp:attachment":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media?parent=5335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/categories?post=5335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/tags?post=5335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Beyond Identity taraf\u0131ndan sunulan RealityCheck, her kat\u0131l\u0131mc\u0131ya kriptografik cihaz kimlik do\u011frulamas\u0131 ve s\u00fcrekli risk kontrolleri ile desteklenen, \u015fu anda Zoom ve Microsoft Teams i\u00e7in mevcut olan g\u00f6r\u00fcn\u00fcr, do\u011frulanm\u0131\u015f bir kimlik rozeti verir. <\/p>\n\n\n\n
Bu t\u00fcr \u00e7\u00f6z\u00fcmler, kurumsal ileti\u015fim i\u00e7in \"asla g\u00fcvenme, her zaman do\u011frula\" modellerine do\u011fru bir ge\u00e7i\u015fi temsil etmektedir.<\/p>\n\n\n\n
Geli\u015ftirilmi\u015f E\u011fitim Programlar\u0131<\/strong><\/h3>\n\n\n\nResemble AI'\u0131n deepfake sim\u00fclasyon platformunu kullanan kurulu\u015flar, deepfake sald\u0131r\u0131lar\u0131n\u0131n ger\u00e7ek d\u00fcnyada nas\u0131l ortaya \u00e7\u0131kt\u0131\u011f\u0131n\u0131 g\u00f6stermek i\u00e7in hiper-ger\u00e7ek\u00e7i sim\u00fclasyonlar kullanan platformu uygulad\u0131ktan sonra ba\u015far\u0131l\u0131 sald\u0131r\u0131larda 90%'ye kadar azalma oldu\u011funu bildiriyor.<\/p>\n\n\n\n
\u00c7ok Kanall\u0131 Do\u011frulama<\/strong><\/h3>\n\n\n\n\u00d6nde gelen kurulu\u015flar, ilk ileti\u015fimin ne kadar ger\u00e7ek\u00e7i g\u00f6r\u00fcnd\u00fc\u011f\u00fcne bak\u0131lmaks\u0131z\u0131n, y\u00fcksek riskli talepler i\u00e7in birden fazla kanaldan do\u011frulama gerektiren protokoller uygulamaktad\u0131r.<\/p>\n\n\n\n
Ses Art\u0131k Ger\u00e7ek Olmad\u0131\u011f\u0131nda<\/strong><\/h2>\n\n\n\nSalesforce ve di\u011fer kurumsal sistemlere y\u00f6nelik deepfake tehdidi, siber g\u00fcvenlik tarihinde bir d\u00f6n\u00fcm noktas\u0131n\u0131 temsil etmektedir. <\/p>\n\n\n\n
Sald\u0131rganlar ilk kez sadece otorite fig\u00fcrlerini taklit etmekle kalm\u0131yor; onlar gibi konu\u015fabiliyor, onlar gibi g\u00f6r\u00fcnebiliyor ve e\u011fitimli g\u00fcvenlik uzmanlar\u0131n\u0131 bile kurumsal g\u00fcvenli\u011fi tehlikeye atacak eylemlerde bulunmaya ikna edebiliyorlar.<\/p>\n\n\n\n
Yapay zeka taraf\u0131ndan \u00fcretilen aldatma \u00e7a\u011f\u0131nda g\u00fcven, a\u015final\u0131k yoluyla varsay\u0131lmamal\u0131, do\u011frulama yoluyla kazan\u0131lmal\u0131d\u0131r.<\/p>\n\n\n\n
Bunu anlayan ve do\u011fru ara\u00e7lara, s\u00fcre\u00e7lere ve k\u00fclt\u00fcre yat\u0131r\u0131m yapan \u015firketler, giderek daha belirsiz hale gelen dijital d\u00fcnyada hem g\u00fcvenli\u011fi hem de g\u00fcveni korumak i\u00e7in en iyi konumda olacaklard\u0131r.<\/p>\n\n\n\n
Bu yeni ger\u00e7eklikte, hatt\u0131n di\u011fer ucundaki ses g\u00f6r\u00fcnd\u00fc\u011f\u00fc gibi olmayabilir.<\/p>\n\n\n\n
Derin sahtekarl\u0131klar \u00e7a\u011f\u0131nda, s\u00fcrekli tetikte olmak g\u00fcvenli\u011fin bedelidir.<\/p>","protected":false},"excerpt":{"rendered":"
Haziran 2025'te, bir Google \u00e7al\u0131\u015fan\u0131 [...] taraf\u0131ndan rutin bir arama gibi g\u00f6r\u00fcnen bir telefon ald\u0131.<\/p>","protected":false},"author":15,"featured_media":5339,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[31],"tags":[],"class_list":["post-5335","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-helpful-ai-content-tips"],"_links":{"self":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/comments?post=5335"}],"version-history":[{"count":3,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions"}],"predecessor-version":[{"id":5343,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/posts\/5335\/revisions\/5343"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media\/5339"}],"wp:attachment":[{"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/media?parent=5335"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/categories?post=5335"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.truthscan.com\/tr\/wp-json\/wp\/v2\/tags?post=5335"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\u00d6nde gelen kurulu\u015flar, ilk ileti\u015fimin ne kadar ger\u00e7ek\u00e7i g\u00f6r\u00fcnd\u00fc\u011f\u00fcne bak\u0131lmaks\u0131z\u0131n, y\u00fcksek riskli talepler i\u00e7in birden fazla kanaldan do\u011frulama gerektiren protokoller uygulamaktad\u0131r.<\/p>\n\n\n\n