Ukuhlaselwa ngeekhowudi zeQR: Nazi iingcebiso ezivela kuCisco Talos

Mangaphi amaxesha esiye sasebenzisa ikhowudi ye-QR ukubhalisa kwincwadana yeendaba, ukufunda inkqubo ye-cinema okanye mhlawumbi ukufikelela kwimenyu yendawo yokutyela?

Ukusukela ekufikeni kobhubhane, amathuba okusebenzisa iikhowudi ze-QR anda, enkosi apho kunokwenzeka ukuba ufumane ulwazi ngaphandle kokunxibelelana ngokwasemzimbeni; kodwa kungenxa yolu sasazeka ukuba abaphuli-mthetho be-cyber bafumene isixhobo esongezelelweyo, esisebenzayo kunye nesoyikeka kakhulu sokuqalisa uhlaselo lwabo.

Ixesha lokufunda eliqikelelweyo: 5 imizuzu

Ngokutsho kweyokugqibela Cisco Talos ingxelo yekota, umbutho wezobuntlola omkhulu kwihlabathi ozinikele kwi-cybersecurity, urekhode a Ukonyuka okubonakalayo kuhlaselo lobuqhetseba ngokuskena ikhowudi yeQR. UCisco Talos kwafuneka alawule iphulo lokurhwaphiliza elikhohlisa amaxhoba ukuba askene iikhowudi ze-QR eziyingozi ezifakwe kwii-imeyile, ezikhokelela ekwenziweni ngokungazi kwe-malware.

Olunye uhlobo lohlaselo kukuthunyelwa kwe ii-imeyile zokukhohlisa kumntu omnye okanye umbutho, ii-imeyile eziqulathe Iikhowudi ze-QR ezibhekiselele kumaphepha okungena e-Microsoft Office 365 omgunyathi ukuze ube iinkcazi zokungena zomsebenzisi. Kubaluleke kakhulu kunangaphambili ukugxininisa ukuba uhlaselo lwekhowudi ye-QR luyingozi kakhulu, kuba basebenzisa isixhobo esiphathwayo sexhoba, esihlala sinokhuseleko oluncinci, njengesixhobo sohlaselo.

Lusebenza njani uhlaselo lwekhowudi yeQR?

Uhlaselo lwemveli lwe-phishing lubandakanya ixhoba elivula ikhonkco okanye i-attachment ukuze bahlale kwiphepha elilawulwa ngumhlaseli. Ngokuqhelekileyo yimiyalezo elungiselelwe abantu abaqhelene nokusebenzisa i-imeyile kwaye abaqhele ukuvula izinamathiselo okanye ukucofa ikhonkco. Kwimeko yokuhlaselwa kwekhowudi ye-QR, i-hacker ifaka ikhowudi emzimbeni we-imeyile ngenjongo yokuba ihlolwe ngesicelo okanye ngekhamera yefowuni yefowuni. Nje ukuba ucofe ikhonkco elibi, iphepha lokungena eliphuhliswe ngokukodwa ukuze libe iziqinisekiso liyavuleka, okanye uncamathiselo olufaka i-malware kwisixhobo sakho.

Kutheni ziyingozi kangaka nje?

Iikhompyuter ezininzi zeshishini kunye nezixhobo ziza kunye nezixhobo zokhuseleko ezakhelwe ngaphakathi ezenzelwe ukubona ubuqhetseba kunye nokuthintela abasebenzisi ekuvuleni amakhonkco angalunganga. Nangona kunjalo, xa umsebenzisi esebenzisa isixhobo somntu, ezi zixhobo zokukhusela azisasebenzi. Oku kungenxa yokuba ukhuseleko lweshishini kunye neenkqubo zokubeka iliso zinolawulo oluncinci kunye nokubonakala kwezixhobo zomntu. Ukongeza, ayizizo zonke izisombululo zokhuseleko lwe-imeyile ezinokubona iikhowudi ze-QR ezingalunganga.

Kodwa kukho okungakumbi. Ngokunyuka kokusebenza kude, abasebenzi abaninzi ngakumbi bafikelela kulwazi lwenkampani ngezixhobo eziphathwayo. Ngokwengxelo yamva nje ye-Not (Cyber) eKhuselekileyo kuMsebenzi ka-2023, uphando lobungakanani olwenziwa yinkampani yokhuseleko lwe-cybersecurity, I-97% yabaphenduli bafikelela kwii-akhawunti zomsebenzi besebenzisa izixhobo zabo.

Indlela yokuzikhusela 

Ewe ezinye iingcebiso Cisco Talos ukukhusela kuhlaselo olusekwe kwikhowudi ye-QR:

• Sebenzisa iqonga lolawulo lwesixhobo esiphathwayo (MDM) okanye isixhobo sokhuseleko esifana neCisco Umbrella kuzo zonke izixhobo eziphathwayo ezingalawulwayo ezinokufikelela kulwazi lwenkampani. Cisco Umbrella DNS-level yokhuseleko iyafumaneka Android kunye iOS izixhobo zobuqu.
• Isisombululo sokhuseleko esiphuhliswe ngokukodwa kwi-imeyile, njengeCisco Secure Email, inokubona ezi ntlobo zohlaselo. I-imeyile ye-Cisco ekhuselekileyo kutshanje yongeze amandla amatsha okubona ikhowudi ye-QR, apho ii-URL zikhutshwa kwaye zihlalutywe njengayo nayiphi na enye i-URL efakwe kwi-imeyile.
• Uqeqesho lomsebenzisi lungundoqo ekuthinteleni uhlaselo lwekhowudi ye-QR esekwe kwikhowudi. Iinkampani kufuneka ziqinisekise ukuba bonke abasebenzi bafundiswe malunga neengozi zohlaselo lobuqhetseba kunye nokusetyenziswa okukhulayo kweekhowudi ze-QR:
  
  
  • Iikhowudi ze-QR ezinobungozi zihlala zisebenzisa umfanekiso okumgangatho ophantsi okanye zinokubonakala zimfiliba kancinci.
  • Izikena zekhowudi ze-QR zihlala zibonelela ngokujonga ikhonkco amanqaku ekhowudi, kubaluleke kakhulu ukuba ubeke ingqalelo kwaye undwendwele kuphela amaphepha ewebhu athembekileyo anee-URL ezibonwayo.
  • I-imeyile ze-Phishing zihlala zine-typos okanye iimpazamo zegrama.
    
• Ukusebenzisa izixhobo zokuqinisekisa izinto ezininzi, ezifana neCisco Duo, kunokuthintela ukubiwa kweziqinisekiso, ezihlala ziyindawo yokungena kwiinkqubo zamashishini.

Ufundo olunxulumeneyo

• Inkampani yaseMilanese iZenyth isungula "i-GP-Check", inkqubo yokuqala yokufunda yeGreen Pass (QR) yokuqala ngaphandle komqhubi.
• I-Yanluowang Gang ransomware yaphule inethiwekhi ye-Cisco corporate
• I-Cybersecurity: imingcipheko kunye nezisombululo zokukhusela i-eCommerce yakho
• Uhlaselo lweCyber: yintoni, lusebenza njani, injongo kunye nendlela yokuthintela: Phishing kunye neSpear Phishing
• Iziphumo zovavanyo lwe-KnowBe4 zityhila utyekelo lokuthumela ii-imeyile ezinxulumene neshishini

BlogInnovazione.it