{"id":41271,"date":"2026-02-11T13:00:57","date_gmt":"2026-02-11T12:00:57","guid":{"rendered":"https:\/\/relnet.hu\/?p=41271"},"modified":"2026-02-11T13:00:57","modified_gmt":"2026-02-11T12:00:57","slug":"mit-kell-tudni-a-chrysalisrol-es-hogyan-segit-a-progress-flowmon-a-vedekezesben","status":"publish","type":"post","link":"https:\/\/relnet.hu\/en\/mit-kell-tudni-a-chrysalisrol-es-hogyan-segit-a-progress-flowmon-a-vedekezesben\/","title":{"rendered":"Mit kell tudni a Chrysalisr\u00f3l, \u00e9s hogyan seg\u00edt a Progress Flowmon a v\u00e9dekez\u00e9sben?"},"content":{"rendered":"<p>A Chrysalis aktiv\u00e1l\u00f3d\u00e1sa ut\u00e1n k\u00e9pess\u00e9 teszi a t\u00e1mad\u00f3kat a rendszer felt\u00e9rk\u00e9pez\u00e9s\u00e9re, adatlop\u00e1sra, t\u00e1voli parancsv\u00e9grehajt\u00e1sra, folyamatok manipul\u00e1l\u00e1s\u00e1ra, s\u0151t, ak\u00e1r \u00f6nmaga v\u00e9gleges t\u00f6rl\u00e9s\u00e9re is a nyomok elt\u00fcntet\u00e9se \u00e9rdek\u00e9ben.<\/p>\n<h5>A t\u00e1mad\u00e1s le\u00edr\u00e1sa<\/h5>\n<p>A t\u00e1mad\u00f3k egy ell\u00e1t\u00e1si l\u00e1nc elleni akci\u00f3 keret\u00e9ben a n\u00e9pszer\u0171 <strong>Notepad++<\/strong> szoftver terjeszt\u00e9si infrastrukt\u00far\u00e1j\u00e1t haszn\u00e1lt\u00e1k fel. A gyan\u00fatlan felhaszn\u00e1l\u00f3khoz rosszindulat\u00fa friss\u00edt\u00e9si f\u00e1jlokon kereszt\u00fcl jutott el a k\u00e1rtev\u0151, amely a \u201eDLL sideloading\u201d technik\u00e1t kihaszn\u00e1lva \u00e1gyaz\u00f3dott be a rendszerekbe. A t\u00e1mad\u00e1s siker\u00e9nek h\u00e1tter\u00e9ben a szoftverfriss\u00edt\u00e9sek el\u00e9gtelen ellen\u0151rz\u00e9se (hi\u00e1nyz\u00f3 k\u00f3dal\u00e1\u00edr\u00e1s- \u00e9s integrit\u00e1svizsg\u00e1lat) \u00e1llt, ami lehet\u0151v\u00e9 tette a tart\u00f3s, \u00e9szrev\u00e9tlen jelenl\u00e9tet.<\/p>\n<h5>Flowmon Threat Briefing: Detekt\u00e1l\u00e1s \u00e9s azonnali elh\u00e1r\u00edt\u00e1s<\/h5>\n<p>A Chrysalis elleni v\u00e9dekez\u00e9shez sz\u00fcks\u00e9ges inform\u00e1ci\u00f3kat a Progress Flowmon ADS 12.5-\u00f6s verzi\u00f3j\u00e1ban bevezetett <em>Threat Briefing<\/em> funkci\u00f3 szolg\u00e1ltatja. Ez a szolg\u00e1ltat\u00e1s t\u00f6bb szinten v\u00e9di a h\u00e1l\u00f3zatot:<\/p>\n<ol>\n<li><strong>MI-alap\u00fa fenyeget\u00e9selemz\u00e9s:<\/strong> A rendszer glob\u00e1lis jeleket gy\u0171jt \u00e9s szintetiz\u00e1l struktur\u00e1lt inform\u00e1ci\u00f3kk\u00e1.<\/li>\n<li><strong>Szak\u00e9rt\u0151i valid\u00e1l\u00e1s:<\/strong> Minden jelent\u00e9st biztons\u00e1gi elemz\u0151k vizsg\u00e1lnak fel\u00fcl a pontoss\u00e1g \u00e9rdek\u00e9ben.<\/li>\n<li><strong>Automatiz\u00e1lt detekt\u00e1l\u00e1s:<\/strong> Amint egy Threat Briefing megjelenik, a Flowmon ADS motorjai azonnal k\u00e9pesek felismerni az adott k\u00e1rtev\u0151h\u00f6z k\u00f6thet\u0151 indik\u00e1torokat \u00e9s viselked\u00e9smint\u00e1kat.<\/li>\n<li><strong>Javaslatok:<\/strong> A jelent\u00e9s konkr\u00e9t l\u00e9p\u00e9seket k\u00edn\u00e1l a kivizsg\u00e1l\u00e1shoz \u00e9s a k\u00e1relh\u00e1r\u00edt\u00e1shoz, jelent\u0151sen cs\u00f6kkentve a biztons\u00e1gi csapatok reakci\u00f3idej\u00e9t.<\/li>\n<\/ol>\n<p>A Threat Briefing publik\u00e1l\u00e1s\u00e1nak pillanat\u00e1t\u00f3l a rendszer val\u00f3s id\u0151ben \u00e9szleli a Chrysalis-t. Azonban a Flowmon enn\u00e9l t\u00f6bbet is k\u00edn\u00e1l: a retrospekt\u00edv anal\u00edzis seg\u00edts\u00e9g\u00e9vel a kor\u00e1bbi forgalmi adatok (telemetria) alapj\u00e1n visszamen\u0151leg is ellen\u0151rizhet\u0151, hogy t\u00f6rt\u00e9nt-e fert\u0151z\u00e9s a jelent\u00e9s ki\u00e1ll\u00edt\u00e1sa el\u0151tt. Ez a funkci\u00f3 kiemelten fontos a megfelel\u0151s\u00e9gi \u00e9s audit szempontokb\u00f3l: bizony\u00edthat\u00f3v\u00e1 teszi, hogy a szervezet mikor \u00e9s milyen m\u00e9rt\u00e9kben volt \u00e9rintett, dokument\u00e1lja a v\u00e1laszl\u00e9p\u00e9seket, \u00e9s seg\u00edti az incidensbejelent\u00e9si k\u00f6telezetts\u00e9gek teljes\u00edt\u00e9s\u00e9t.<\/p>\n<p>Keresse a RelNet munkat\u00e1rsait a Progress Flowmon minden megold\u00e1s\u00e1val kapcsolatban!<\/p>\n<p><strong>Tov\u00e1bbi r\u00e9szletek a Progress Flowmon angol nyelv\u0171 <\/strong><a href=\"https:\/\/www.progress.com\/blogs\/chrysalis-backdoor-progress-flowmon-threat-briefing-solution\" target=\"_blank\" rel=\"noopener\"><strong>szakmai anyag\u00e1ban<\/strong><\/a><strong> olvashat\u00f3k.<\/strong><\/p>\n<h5>Kapcsol\u00f3d\u00f3 tartalom<\/h5>\n<p><a href=\"https:\/\/relnet.hu\/kepzesek\/valaszthato-kepzeseink\/?catid=2485\" target=\"_blank\" rel=\"noopener\">Progress Flowmon k\u00e9pz\u00e9sek a RelNet eLearning programban<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Egy nemr\u00e9giben elemzett fenyeget\u00e9s, a Chrysalis tartja l\u00e1zban a kiberbiztons\u00e1gi szakm\u00e1t. Ez a kifinomult \u201ebackdoor\u201d fenyeget\u00e9s a k\u00ednai k\u00f6t\u0151d\u00e9s\u0171, Lotus Blossom n\u00e9ven ismert kiberb\u0171noz\u0151i csoporthoz k\u00f6thet\u0151. A k\u00e1rtev\u0151 fejlett rejt\u0151zk\u00f6d\u00e9si technik\u00e1kat \u2013 er\u0151s k\u00f3dzavar\u00e1st, egyedi titkos\u00edt\u00e1st \u2013 alkalmaz, valamint a vez\u00e9rl\u0151szerverrel (C2) val\u00f3 kommunik\u00e1ci\u00f3t legitim h\u00e1l\u00f3zati forgalomnak \u00e1lc\u00e1zza.<\/p>\n","protected":false},"author":2089,"featured_media":41275,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2582,2885],"tags":[5171,1029,2961],"yst_prominent_words":[],"class_list":["post-41271","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-flowmon-kemp-technologies","category-progress-gyarto","tag-chrysalis","tag-mi","tag-progress-flowmon"],"_links":{"self":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/41271","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/users\/2089"}],"replies":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/comments?post=41271"}],"version-history":[{"count":1,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/41271\/revisions"}],"predecessor-version":[{"id":41272,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/posts\/41271\/revisions\/41272"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media\/41275"}],"wp:attachment":[{"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/media?parent=41271"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/categories?post=41271"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/tags?post=41271"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https:\/\/relnet.hu\/en\/wp-json\/wp\/v2\/yst_prominent_words?post=41271"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}