Dangane da bayanan da aka samu yayin binciken da PreciseSecurity albarkatun, a cikin kwata na uku na 2019, maharan galibi suna amfani da aikace-aikacen da aka haɗa a cikin babban ofishin Microsoft Office. Bugu da ƙari, masu aikata laifuka ta yanar gizo suna amfani da rayayye masu bincike da tsarin aiki.
Bayanan da aka tattara sun nuna cewa maharan sun yi amfani da nau'ikan lahani iri-iri a cikin aikace-aikacen MS Office a cikin kashi 72,85% na lokuta. An yi amfani da rashin ƙarfi a cikin masu bincike a cikin 13,47% na lokuta, kuma a cikin nau'ikan OS na wayar hannu daban-daban - a cikin 9,09% na lokuta. Manyan ukun suna biye da Java (2,36%), Adobe Flash (1,57%) da PDF (0,66%).
Wasu daga cikin rashin lahani na gama gari a cikin babban ɗakin MS Office suna da alaƙa da cikar buffer a cikin tarin Editan Equation. Bugu da kari, CVE-2017-8570, CVE-2017-8759 da CVE-2017-0199 sun kasance daga cikin raunin da aka yi amfani da su. Wani babban batu shi ne rashin lahani na kwana-kwana CVE-2019-1367, wanda ya haifar da ɓarna na ƙwaƙwalwar ajiya kuma ya ba da izinin aiwatar da lambar sabani akan tsarin manufa.
Dangane da bayanan da PreciseSecurity albarkatun ya bayar, manyan kasashe biyar da ke zama tushen mafi girman hare-haren hanyar sadarwa sune Amurka (79,16%), Netherlands (15,58%), Jamus (2,35%), Faransa (1,85%) da Rasha (1,05%). XNUMX%).
Masana sun lura cewa a halin yanzu ana gano adadi mai yawa na rauni a cikin masu bincike. Masu satar bayanai suna ci gaba da neman sabbin lahani da kwari da za a iya amfani da su don cimma burinsu. Yawancin raunin da aka gano a lokacin rahoton sun ba da damar haɓaka matakin gata a cikin tsarin.
source: 3dnews.ru