Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

Content tagged with Compliance posted in August 2007
Oracle Buys Another ID Company
News  |  8/31/2007  | 
Oracle purchases Bridgestream, its fifth identity and access management acquisition, for $35 million
Storm Hits Blogger
News  |  8/30/2007  | 
The ubiquitous Storm Trojan has found a new home - on spam blog sites in Google's Blogger network
Enterprises Wrestle With Security Policies
News  |  8/28/2007  | 
Corporate security policies often are not enforced, according to newly-published survey by RSA and Forrester
New Intel Processor Fights Rootkits, Virtualization Threats
News  |  8/27/2007  | 
But experts say new features still aren't true anti-rootkit technologies
Eight Sure-Fire Ways to Beat a Security Audit
News  |  8/23/2007  | 
Experts share tips on how to avoid the most common pitfalls in an audit
UK Plans Big Spend on ID Management
News  |  8/22/2007  | 
Public-sector spending will increase 50 percent in the next year alone, new study says
Site Services Pay Damages for Bill-Doctoring
News  |  8/21/2007  | 
Website services put $24 million worth of unauthorized charges on customers' bills, FTC says
Medical IT Contractor Folds After Breaches
News  |  8/15/2007  | 
Blamed for privacy breaches at five different hospitals, Verus Inc. silently closes its doors
Back to School: Backpacks, Books & Bots
News  |  8/15/2007  | 
Universities brace for increase in security breach attempts as students - and profs - return to campus
Visa Eases PCI Compliance Penalties
News  |  8/14/2007  | 
Deadlines extended, some fines may be reimbursed if merchants act quickly
New Bank Practices Make Hacking Easier
News  |  8/8/2007  | 
New multifactor logon procedures actually improve attacker's chances of breaking in, expert says at DefCon
'Sidejacking' Tool Unleashed
News  |  8/2/2007  | 
Lets attackers sniff and access Web accounts over WiFi
FTC Questions Use of SSNs
News  |  8/1/2007  | 
Study aims to restrict unnecessary use of Social Security information


When It Comes To Security Tools, More Isn't More
Lamont Orange, Chief Information Security Officer at Netskope,  1/11/2021
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).
CVE-2021-25175
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). This is issue 1 of 3.
CVE-2021-25176
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). This is issue 2 of 3.
CVE-2021-25177
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.11. A NULL pointer dereference exists when rendering malformed .DXF and .DWG files. This can allow attackers to cause a crash, potentially enabling a denial of service attack (Crash, Exit, or Restart). This is issue 3 of 3.