Æ»¹ûÐû²¼½ôÆÈÇå¾²¸üУ¬ £¬£¬ÐÞ¸´iOS/iPadOS¸ßΣÎó²îCVE-2025-2420

Ðû²¼Ê±¼ä 2025-02-12

1. Æ»¹ûÐû²¼½ôÆÈÇå¾²¸üУ¬ £¬£¬ÐÞ¸´iOS/iPadOS¸ßΣÎó²îCVE-2025-24200


2ÔÂ11ÈÕ£¬ £¬£¬Æ»¹û¹«Ë¾ÖÜÒ»Ðû²¼ÁËÒ»ÏîÕë¶ÔiOSºÍiPadOSµÄÇå¾²¸üУ¬ £¬£¬Ö¼ÔÚÐÞ¸´CVE-2025-24200Îó²î£¬ £¬£¬¸ÃÎó²î¾Ý³ÆÒѱ»ÆÕ±éʹÓᣡ£¡£¡£¡£¡£´ËÎó²îΪÊÚȨÎÊÌ⣬ £¬£¬ÔÊÐí¶ñÒâÐÐΪÕßÔÚÎïÀí½Ó´¥×°±¸µÄÇéÐÎÏ£¬ £¬£¬Í¨¹ýÍøÂçÎïÀí¹¥»÷½ûÓÃUSBÏÞÖÆÄ£Ê½£¬ £¬£¬¸ÃģʽּÔÚ×èֹδÊÚȨÅä¼þ»á¼û×°±¸Êý¾Ý¡£¡£¡£¡£¡£¡£´Ë¹¦Ð§Ô­±¾ÓÃÓÚÌá·ÀÖ´·¨»ú¹¹Ê¹ÓõÄÊý×Öȡ֤¹¤¾ßδ¾­ÊÚȨ»á¼û×°±¸¡£¡£¡£¡£¡£¡£Æ»¹ûÌåÏÖ£¬ £¬£¬¸ÃÎó²îÒÑͨ¹ýË¢ÐÂ״̬ÖÎÀí»ñµÃÐÞ¸´£¬ £¬£¬µ«ÈÏ¿ÉÒÑÓб¨¸æÖ¸³ö¸ÃÎó²î¿ÉÄܱ»ÓÃÓÚÕë¶ÔÌØ¶¨Ä¿µÄÈËȺµÄÖØ´ó¹¥»÷¡£¡£¡£¡£¡£¡£¶àÂ×¶à´óѧÃÉ¿ËѧԺ¹«ÃñʵÑéÊÒµÄÇå¾²Ñо¿Ô±±È¶û¡¤Âí¶ûÔú¿ËÒò·¢Ã÷²¢±¨¸æ´ËÎó²î¶øÊܵ½ÔÞÓþ¡£¡£¡£¡£¡£¡£´Ë´Î¸üÐÂÊÊÓÃÓÚ¶à¿îiPhoneºÍiPad×°±¸¼°Æä¶ÔÓ¦µÄiOSºÍiPadOS°æ±¾¡£¡£¡£¡£¡£¡£±ðµÄ£¬ £¬£¬Æ»¹û½üÆÚ»¹ÐÞ¸´ÁËCore Media×é¼þÖеÄÁíÒ»¸öÇå¾²Îó²î£¬ £¬£¬¸ÃÎó²îÒѱ»ÓÃÓÚ¹¥»÷iOS 17.2֮ǰµÄ°æ±¾¡£¡£¡£¡£¡£¡£Æ»¹ûÈí¼þµÄÁãÈÕÎó²î³£±»ÉÌÒµ¼à¿ØÈí¼þ¹©Ó¦ÉÌʹÓ㬠£¬£¬°²ÅÅÖØ´ó³ÌÐò´ÓÊܺ¦×°±¸ÖÐÌáÈ¡Êý¾Ý£¬ £¬£¬Ö»¹ÜÕâЩ¹¤¾ß£¨ÀýÈç NSO ¼¯ÍŵÄPegasus£©ÓÐʱ±»Ðû´«ÎªÓÃÓÚ¹¥»÷ÑÏÖØ·¸·¨»î¶¯£¬ £¬£¬µ«Ò²±£´æÀÄÓÃΣº¦¡£¡£¡£¡£¡£¡£NSO¼¯ÍÅÖØÉ꣬ £¬£¬ÆäPegasusÈí¼þ²»ÊÇ´ó¹æÄ£¼à¿Ø¹¤¾ß£¬ £¬£¬²¢ÒÑ»ñµÃÕýµ±»ú¹¹µÄÊÚȨ¡£¡£¡£¡£¡£¡£


https://thehackernews.com/2025/02/apple-patches-actively-exploited-ios.html


2. OmniGPTÔâºÚ¿ÍÈëÇÖ£¬ £¬£¬3400ÍòÓû§¶Ô»°Êý¾Ýй¶


2ÔÂ11ÈÕ£¬ £¬£¬Ò»ÃûºÚ¿ÍÔÚBreach ForumsÉÏÉù³ÆÒѾ­ÈëÇÖÁËÊ¢ÐеÄÈ˹¤ÖÇÄÜ̸Ìì»úеÈ˺ÍÉú²úÁ¦Æ½Ì¨OmniGPT£¬ £¬£¬²¢Ð¹Â¶ÁË30,000¸öÓû§µÄµç×ÓÓʼþ¡¢µç»°ºÅÂëÒÔ¼°Áè¼Ý3400ÍòÐÐÓû§¶Ô»°¡£¡£¡£¡£¡£¡£´Ë´Îй¶µÄÄÚÈݰüÀ¨Óû§Óë̸Ìì»úеÈËÖ®¼äµÄÐÂÎŽ»Á÷¡¢ÉÏ´«ÎļþµÄÁ´½Ó£¬ £¬£¬ÆäÖÐһЩÎļþ°üÀ¨Æ¾Ö¤¡¢Õ˵¥ÐÅÏ¢ºÍAPIÃÜÔ¿¡£¡£¡£¡£¡£¡£ÈôÊÇÕâЩÐÅÏ¢»ñµÃ֤ʵ£¬ £¬£¬Õ⽫³ÉΪÈ˹¤ÖÇÄܶԻ°Êý¾Ý×î´óµÄй¶ÊÂÎñÖ®Ò»£¬ £¬£¬Ê¹Óû§ÃæÁÙÉí·Ý͵ÇÔ¡¢ÍøÂç´¹ÂÚÕ©Æ­ºÍ½ðÈÚڲƭµÄÍþв¡£¡£¡£¡£¡£¡£Ð¹Â¶µÄÊý¾Ý¼¯ÖаüÀ¨Óû§ÌÖÂÛÖÖÖÖÖ÷ÌâµÄ̸ÌìÐÅÏ¢£¬ £¬£¬ÒÔ¼°Ö¸Ïò´æ´¢ÔÚOmniGPTЧÀÍÆ÷ÉϵÄÃô¸ÐÎĵµµÄÁ´½Ó£¬ £¬£¬Èç°ì¹«ÊÒÏîÄ¿¡¢´óѧ×÷Òµ¡¢Êг¡ÆÊÎö±¨¸æµÈ¡£¡£¡£¡£¡£¡£´Ë´ÎйÃÜÊÂÎñ¿ÉÄÜ»á¸øOmniGPT´øÀ´ÑÏÖØµÄÖ´·¨ºÍî¿ÏµÌôÕ½£¬ £¬£¬ÓÈÆäÊÇÔÚÅ·ÖÞµÄGDPRºÏ¹æ·½Ãæ¡£¡£¡£¡£¡£¡£OmniGPTÉÐδ¾Í´ËʽÒÏþ¹Ù·½»ØÓ¦£¬ £¬£¬µ«Óû§Ó¦Á¬Ã¦½ÓÄÉÔ¤·À²½·¥±£»£»£»£»£»¤×Ô¼ºµÄÊý¾Ý£¬ £¬£¬Èç¸ü¸ÄÃÜÂë¡¢ÆôÓÃË«ÒòËØÉí·ÝÑéÖ¤£¬ £¬£¬²¢¼á³ÖСÐÄ¼à¿Øµç×ÓÓʼþºÍ½ðÈÚÕË»§¡£¡£¡£¡£¡£¡£


https://hackread.com/omnigpt-ai-chatbot-breach-hacker-leak-user-data-messages/


3. SandwormºÚ¿Í×é֯ʹÓöñÒâWindows¼¤»îÆ÷¹¥»÷ÎÚ¿ËÀ¼Óû§


2ÔÂ11ÈÕ£¬ £¬£¬¶íÂÞ˹¾üÊÂÍøÂçÌØ¹¤×éÖ¯SandwormʹÓÃľÂí²¡¶¾MicrosoftÃÜÔ¿ÖÎÀíЧÀÍ£¨KMS£©¼¤»î³ÌÐòºÍÐéαµÄWindows¸üУ¬ £¬£¬Õë¶ÔÎÚ¿ËÀ¼µÄWindowsÓû§ÌᳫÁËһϵÁй¥»÷¡£¡£¡£¡£¡£¡£¾ÝEclecticIQÍþвÆÊÎöʦָ³ö£¬ £¬£¬ÕâЩ¹¥»÷¿ÉÄÜʼÓÚ2023Äêµ×£¬ £¬£¬ËüÃÇÓëSandwormºÚ¿Í×éÖ¯¾ßÓÐÖØµþµÄ»ù´¡ÉèÊ©¡¢Ò»ÖµÄÕ½ÊõºÍÊÖÒÕ³ÌÐò£¬ £¬£¬²¢¾­³£Ê¹ÓÃProtonMailÕÊ»§×¢²á¹¥»÷ÓòÃû¡£¡£¡£¡£¡£¡£¹¥»÷Õß»¹Í¨¹ýBACKORDER¼ÓÔØÆ÷°²ÅÅÁËDarkCrystal RAT£¨DcRAT£©¶ñÒâÈí¼þ£¬ £¬£¬²¢ÒýÓöíÓï¹¹½¨ÇéÐΣ¬ £¬£¬½øÒ»²½ÔöÇ¿Á˶íÂÞ˹¾ü·½ºÚ¿ÍµÄÏÓÒÉ¡£¡£¡£¡£¡£¡£EclecticIQ·¢Ã÷ÁËÓëͳһ¶ñÒâ»î¶¯¼¯ÈºÏà¹ØµÄÆß¸öÈö²¥»î¶¯£¬ £¬£¬Ã¿¸ö»î¶¯¶¼Ê¹ÓÃÁËÀàËÆµÄÓÕ¶üºÍÕ½Êõ¡£¡£¡£¡£¡£¡£×î½üµÄÒ»´Î¹¥»÷±¬·¢ÔÚ2025Äê1ÔÂ12ÈÕ£¬ £¬£¬ÆÊÎöʦÊӲ쵽¹¥»÷ÕßʹÓÃDcRATÔ¶³Ì»á¼ûľÂí£¬ £¬£¬Í¨¹ýƴд¹ýʧµÄÓòÃûѬȾÊܺ¦Õß¡£¡£¡£¡£¡£¡£Ò»µ©°²Åŵ½Êܺ¦Õß×°±¸ÉÏ£¬ £¬£¬¼ÙµÄKMS¼¤»î¹¤¾ß¾Í»áÏÔʾ¼ÙµÄWindows¼¤»î½çÃæ£¬ £¬£¬×°ÖöñÒâÈí¼þ¼ÓÔØ³ÌÐò£¬ £¬£¬½ûÓÃWindows Defender£¬ £¬£¬²¢×ª´ï×îÖÕµÄRAT¸ºÔØ¡£¡£¡£¡£¡£¡£¹¥»÷µÄ×îÖÕÄ¿µÄÊÇÍøÂçÊÜѬȾÅÌËã»úÉϵÄÃô¸ÐÐÅÏ¢£¬ £¬£¬²¢½«Æä·¢Ë͵½¹¥»÷Õß¿ØÖƵÄЧÀÍÆ÷¡£¡£¡£¡£¡£¡£ÓÉÓÚÎÚ¿ËÀ¼´ó×ÚʹÓõÁ°æÈí¼þ£¬ £¬£¬µ¼Ö¹¥»÷ÃæÀ©´ó£¬ £¬£¬Õþ¸®²¿·ÖҲδÄÜÐÒÃâ¡£¡£¡£¡£¡£¡£


https://www.bleepingcomputer.com/news/security/russian-military-hackers-deploy-malicious-windows-activators-in-ukraine/


4. SystemBC RATбäÖÖÃé×¼Linuxƽ̨£¬ £¬£¬ÆóÒµÍøÂçÃæÁÙÐÂÍþв


2ÔÂ11ÈÕ£¬ £¬£¬Ð·ºÆðµÄSystemBC RAT±äÖÖÕýÕë¶ÔLinuxƽ̨Ìᳫ¹¥»÷£¬ £¬£¬ÕâÒ»Éú³¤Ê¹ÆóÒµÍøÂç¡¢ÔÆ»ù´¡ÉèÊ©ºÍÎïÁªÍø×°±¸ÃæÁÙÖØ´óΣº¦¡£¡£¡£¡£¡£¡£¸Ã±äÖÖÔ½·¢ÒþÃØ£¬ £¬£¬Ê¹ÓüÓÃÜͨѶÀ´¼á³ÖÒþ²Ø£¬ £¬£¬Í¬Ê±ÔÊÐí¹¥»÷ÕßÔÚÊÜѬȾϵͳÖÐ×ÔÓÉÒÆ¶¯¡£¡£¡£¡£¡£¡£SystemBCÔ­±¾Ö÷ÒªÕë¶ÔWindowsϵͳ£¬ £¬£¬µ«ÏÖÔÚÒÑÀ©Õ¹µ½Linux£¬ £¬£¬ÓÉÓÚÆäÆÕ±éÓ¦ÓÃÓÚÆóÒµÇéÐΣ¬ £¬£¬Òò´ËΣÏÕÐÔ¸ü´ó¡£¡£¡£¡£¡£¡£¸Ã¶ñÒâÈí¼þÒÔÊðÀíÖ²Èë·½·¨ÔËÐУ¬ £¬£¬ÄÜÔÚÊÜÑ¬È¾ÍøÂçÖÐʵÏÖºáÏòÒÆ¶¯£¬ £¬£¬³ÉΪ¹¥»÷ÕßÔÚÆóÒµ»ù´¡ÉèÊ©ÄÚ×·Ç󳤯ÚÐԺ͸üÉîÌõÀíÉøÍ¸µÄÓÐÁ¦ÎäÆ÷¡£¡£¡£¡£¡£¡£±ðµÄ£¬ £¬£¬Çå¾²¹©Ó¦É̺ÜÄѼì²âµ½´Ë°æ±¾ÊôÓÚSystemBC¼Ò×壬 £¬£¬Ê¹ÆäÄܹ»³¤Ê±¼ä²»±»·¢Ã÷¡£¡£¡£¡£¡£¡£SystemBC»¹Äܼì²âÐéÄ⻯ÇéÐÎÒÔµÖÓù¶¯Ì¬ÆÊÎö£¬ £¬£¬½øÒ»²½ÔöÌíÁËÆäÒþÃØÐÔ¡£¡£¡£¡£¡£¡£Ëæ×ÅSystemBC RAT½øÈëLinuxÁìÓò£¬ £¬£¬¹¥»÷ÕßÓÐÁËÐÂÒªÁìÒþ²ØC2Á÷Á¿¡¢ÔÚÍøÂçÖÐÒþÃØÒÆ¶¯ÒÔ¼°Í¶·Å¸ü¶à¶ñÒâÈí¼þ¡£¡£¡£¡£¡£¡£¹Å°åÇå¾²¹¤¾ß¿ÉÄÜÄÑÒÔÓ¦¶ÔÕâЩÒþÃØÕ½ÂÔ£¬ £¬£¬µ«Ê¹Óý»»¥Ê½É³Ï乤¾ß£¬ £¬£¬Çå¾²ÍŶӿÉÒÔÔÚÊÜ¿ØÇéÐÎÖÐÇå¾²ÆÊÎöÍþв£¬ £¬£¬¸ü¿ì×ö³ö·´Ó¦£¬ £¬£¬½ÒÆÆÍþв²¢ÔöǿԤ·ÀÕ½ÂÔ¡£¡£¡£¡£¡£¡£


https://hackread.com/systembc-rat-targets-linux-ransomware-infostealers/


5. ÍþвÕßʹÓà ClickFix ÔÚ×îÐÂÍøÂç¹¥»÷Öа²ÅÅ NetSupport RAT


2ÔÂ11ÈÕ£¬ £¬£¬×Ô2025Äê1Ô³õÒÔÀ´£¬ £¬£¬ÍþвÐÐΪÕ߯µÈÔʹÓÃClickFixÊÖÒÕÈö²¥ÃûΪNetSupport RATµÄÔ¶³Ì»á¼ûľÂí¡£¡£¡£¡£¡£¡£NetSupport RATͨ¹ýÐéÎ±ÍøÕ¾ºÍä¯ÀÀÆ÷¸üоÙÐÐÀ©É¢£¬ £¬£¬Ê¹¹¥»÷ÕßÄܹ»ÖÜÈ«¿ØÖÆÊܺ¦ÕßÖ÷»ú£¬ £¬£¬¾ÙÐÐʵʱ¼à¿Ø¡¢¼üÅÌÊó±ê¿ØÖÆ¡¢ÎļþÉÏ´«ÏÂÔØ¼°¶ñÒâÏÂÁîÖ´ÐеȲÙ×÷¡£¡£¡£¡£¡£¡£¸Ã³ÌÐòÔçÏÈÊÇ×÷ΪÕýµ±µÄÔ¶³ÌITÖ§³Ö³ÌÐòNetSupport Manager¿ª·¢µÄ£¬ £¬£¬µ«ºó±»¶ñÒâʹÓᣡ£¡£¡£¡£¡£ClickFixÊÖÒÕͨ¹ýÔÚÊÜÑ¬È¾ÍøÕ¾×¢ÈëÐéαCAPTCHAÍøÒ³£¬ £¬£¬ÓÕµ¼Óû§Ö´ÐжñÒâPowerShellÏÂÁ £¬£¬ÏÂÔØ²¢ÔËÐÐNetSupport RAT¿Í»§¶Ë¡£¡£¡£¡£¡£¡£ÕâÒ»¹¥»÷ÊÖ¶ÎÓëClickFixÈö²¥Lumma Stealer¶ñÒâÈí¼þµÄаæÄÚÇéºôÓ¦£¬ £¬£¬ºóÕßʹÓÃChaCha20ÃÜÂë½âÃÜC2ЧÀÍÆ÷ÁбíÉèÖÃÎļþ¡£¡£¡£¡£¡£¡£ÍøÂçÇå¾²¹«Ë¾eSentireÖ¸³ö£¬ £¬£¬ÕâЩת±äÕ¹ÏÖÁ˶ñÒâÈí¼þ¿ª·¢ÕßΪ¹æ±Üµ±Ìõ¼þÈ¡ºÍÆÊÎö¹¤¾ßËù½ÓÄɵÄÕ½ÂÔ£¬ £¬£¬¾¯Ê¾ÆóÒµºÍСÎÒ˽¼ÒÐèÔöÇ¿ÍøÂçÇå¾²·À»¤£¬ £¬£¬Ð¡ÐÄ´ËÀ๥»÷ÊֶΡ£¡£¡£¡£¡£¡£


https://thehackernews.com/2025/02/threat-actors-exploit-clickfix-to.html


6. Bishop FoxÐû²¼CVE-2024-53704Îó²îʹÓÃϸ½Ú£¬ £¬£¬±Þ²ß¾¡¿ì¸üÐÂSonicOS·À»ðǽ


2ÔÂ11ÈÕ£¬ £¬£¬Bishop FoxµÄÇå¾²Ñо¿Ö°Ô±Ðû²¼ÁËCVE-2024-53704Îó²îµÄÍêÕûʹÓÃϸ½Ú£¬ £¬£¬¸ÃÎó²î±£´æÓÚijЩ°æ±¾µÄSonicOS SSLVPNÓ¦ÓóÌÐòÖУ¬ £¬£¬ÔÊÐíÔ¶³Ì¹¥»÷ÕßÈÆ¹ýÉí·ÝÑéÖ¤»úÖÆ£¬ £¬£¬Ð®ÖƻµÄSSL VPN»á»°£¬ £¬£¬´Ó¶ø»ñµÃδ¾­ÊÚȨµÄ»á¼ûȨÏÞ¡£¡£¡£¡£¡£¡£¸ÃÎó²îÓÚ1ÔÂ7ÈÕÓɹ©Ó¦ÉÌÐû²¼ÖÒÑÔ£¬ £¬£¬²¢±Þ²ßÖÎÀíÔ±Éý¼¶¹Ì¼þÒÔ½â¾ö¸ÃÎÊÌâ¡£¡£¡£¡£¡£¡£¾­ÓÉBishop FoxµÄ´ó×ÚÄæÏò¹¤³ÌÆð¾¢£¬ £¬£¬ËûÃÇ֤ʵÁ˸ÃÎó²îµÄʹÓÃDZÁ¦£¬ £¬£¬²¢ÔÚÆÚ´ýϵͳÖÎÀíÔ±×°Öò¹¶¡Ò»¶Îʱ¼äºóÐû²¼ÁËÎó²îʹÓÃϸ½Ú¡£¡£¡£¡£¡£¡£Îó²îµÄÊÂÇéÔ­ÀíÊÇͨ¹ý·¢ËÍÌØÖÆµÄ»á»°cookieµ½SSL VPNÉí·ÝÑéÖ¤¶Ëµã£¬ £¬£¬´¥·¢¹ýʧµÄ»á»°ÑéÖ¤£¬ £¬£¬Ê¹¹¥»÷ÕßÄܹ»»á¼û»á»°£¬ £¬£¬¶ÁÈ¡Óû§ÊéÇ©¡¢»ñÈ¡ÉèÖÃÉèÖᢷ­¿ªµ½ÄÚ²¿ÍøÂçµÄËíµÀ²¢Ìṩ¶Ô˽ÓÐ×ÊÔ´µÄ»á¼ûȨÏÞ¡£¡£¡£¡£¡£¡£Ñо¿Ö°Ô±½¨ÉèÁË¿´·¨ÑéÖ¤Îó²î´úÂëÀ´Ä£Äâ¹¥»÷£¬ £¬£¬²¢·¢Ã÷Ô¼4,500̨̻¶ÔÚ»¥ÁªÍøÉϵÄSonicWall SSL VPNЧÀÍÆ÷δװÖÃÐÞ¸´¸ÃÎó²îµÄÇå¾²¸üС£¡£¡£¡£¡£¡£Òò´Ë£¬ £¬£¬ÖÎÀíÔ±Ó¦¾¡¿ìÓ¦ÓøüÐÂÒÔ½µµÍʹÓÃΣº¦¡£¡£¡£¡£¡£¡£


https://www.bleepingcomputer.com/news/security/sonicwall-firewall-exploit-lets-hackers-hijack-vpn-sessions-patch-now/