Here’s an overview of some of last week’s most interesting news, articles and interviews:
A new zero-day is being exploited to compromise Macs (CVE-2021-30869)
Another zero-day in Apple’s software (CVE-2021-30869) is being actively exploited by attackers, forcing the company to push out security updates for macOS Catalina and iOS 12.
Plug critical VMware vCenter Server flaw before ransomware gangs start exploiting it (CVE-2021-22005)
VMware has fixed 19 vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation, the most critical of which is CVE-2021-22005.
A malicious document could lead to RCE in Apache OpenOffice (CVE-2021-33035)
Apache OpenOffice, one of the most popular open-source office productivity software suites, sports a RCE vulnerability (CVE-2021-33035) that could be triggered via a specially crafted document.
Nagios XI vulnerabilities open enterprise IT infrastructure to attack
Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to allow remote code execution with root privileges on the underlying system.
US agricultural…
