Cybersecurity Spending Hits Temporary Pause | What Usability Means for Security

[TechWeb]( Follow Dark Reading: [RSS]( June 04, 2020 LATEST SECURITY NEWS & COMMENTARY [Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic]( For now, security teams face freezes in projects and hiring - and budget cuts, security industry analysts say. [Many Exchange Servers Are Still Vulnerable to Remote Exploit]( A privilege-escalation vulnerability patched in February by Microsoft continues to affect Exchange servers, with more than 80% of Internet-connected servers remaining vulnerable, one firm reports. [Abandoned Apps May Pose Security Risk to Mobile Devices]( Mobile providers don't often update users when applications are not supported by developers, security firm says. [Rare NSA Advisory About Russia-Based Cyberattacks Unlikely to Stop Them]( The Sandworm group -- behind disinformation and election-hacking campaigns and responsible for a 2016 power outage in the Ukraine -- is now targeting e-mail servers. [What Government Contractors Need to Know About NIST, DFARS Password Reqs]( Organizations that fail to comply with these rules can get hit with backbreaking fines and class-action lawsuits. [Risk Assessment & the Human Condition]( Five lessons the coronavirus pandemic can teach security professionals to better assess, monitor, manage, and mitigate organizational risk. [COVID-19: Latest Security News & Commentary]( Check out Dark Reading's updated, exclusive news and commentary surrounding the coronavirus pandemic. [MORE NEWS & COMMENTARY]( HOT TOPICS [Security 101: SQL Injection]( A carefully crafted attack can convince a database to reveal all its secrets. Understanding the basics of what the attack looks like and how to protect against it can go a long way toward limiting the threat. [Data on Indian Mobile Payments App Reportedly Exposed via Open S3 Bucket]( Over 7 million records exposed, according to vpnMentor, but app maker says there is no sign of malicious use. [A Rogues' Gallery of MacOS Malware]( MacOS isn't immune from malware. Being prepared means understanding the nature of the worst threats a security team is likely to see attacking Macs in the enterprise. [MORE]( EDITORS' CHOICE [What Usability Means to Security Pros]( The last thing cybersecurity executives and practitioners need are even more tools that are difficult to operate. Here's what they look for when assessing new tools. [Digital Distancing with Microsegmentation]( Physical distancing has blunted a virus's impact; the same idea can be applied to computers and networks to minimize breaches, attacks, and infections. NEW FROM THE EDGE [RATs 101: The Grimy Trojans That Scurry Through Remote Access Pipes]( Remote Access Trojans (RATs) can be the beginning of very bad things on your network or workstations. Tech Resources - [Securing IT & OT in Industrial Environments]( - [Ransomware Response Report: Trends & Outlook]( - [How Cybersecurity Incident Response Programs Work (and Why Some Don't)]( - [Security Effectiveness Report 2020]( - [The State of IT Operations and Cybersecurity Operations 2020]( - [Phishing: A Modern Guide to an Age-Old Problem]( - [Five Reasons to Protect your VPN with Multi-Factor Authentication]( [ACCESS TECH LIBRARY NOW]( - [The Threat From the Internet - and What Your Organization Can Do About It]( In this webinar, experts describe some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. - [Don't Miss this Dark Reading Virtual Event on Critical Data Breaches]( Join us for a free, online conference where editors of Dark Reading. will help you and your cybersecurity team lay down the groundwork for a mission-critical data breach. [MORE WEBINARS]( FEATURED REPORTS - [CyberSecurity Trends 2020]( - [State of Cybersecurity Incident Response]( [MORE REPORTS]( CURRENT ISSUE [How Cybersecurity Incident Response Programs Work (and Why Some Don't)]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Synack's $52 Million Investment Fuels Future of Remote Security Testing from World's Elite Hackers]( [Armor Upgrades Armor Anywhere Threat Detection and Response Technology]( [RedSeal Appoints Bryan Barney as New CEO]( [CISA Releases New Cyber Essentials Toolkit]( [Intrusion Inc. Appoints Jack Blount as President and Chief Executive Officer]( [MORE PRODUCTS & RELEASES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:customerservice_informationhub@techweb.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2020]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:customerservice_informationhub@techweb.com)