Wombat Security is a leader in security awareness and training. Our blog covers the latest cyber security news, insights, and best practices. We arm infosec professionals with the knowledge and tools they need to improve end-user behaviors and reduce organizational risk.


New Anti-Phishing Training Series Provides Targeted End-User Education

Posted by Gretel Egan on Jul 21, 2017 1:16:52 PM

We are excited to annouce the release of our new Securing Your Email – Fundamental anti-phishing training series. This latest addition to our library of more than 25 security awareness training modules targets fundamental cybersecurity best practices surrounding three key phishing threat vectors: malicious links, infected attachments, and requests for login credentials and other sensitive information.

The Securing Your Email – Fundamental series expands our already industry-leading anti-phishing employee training portfolio, and has been added as a featured option within our Anti-Phishing Training Suite. To enable targeted and timely security education, ThreatSim® customers can automatically auto-enroll employees in follow-up training assignments that match the type of phishing test sent to the end user (link-based, attachment-based, or data entry-based). As with the rest of our interactive training portfolio, this series directly addresses problematic behaviors to assist with end-user risk management.

Read More »

Phishing, Social Engineering Are Top Concerns for Black Hat Attendees

Posted by Gretel Egan on Jul 19, 2017 12:29:08 PM

Black Hat USA 2017 kicks off in Las Vegas on July 22, and this show attracts some of the savviest information security professionals in the world. Earlier this month, Black Hat organizers released the results of its third annual attendee survey in its Portrait of an Imminent Cybersecurity Threat report. Below, we highlight some of the key findings in this year's report and compare the results to those revealed by the 2016 survey. 

Read More »

Ransomware Roundup: July 2017

Posted by Kym Harper on Jul 6, 2017 8:00:00 AM

We bring you the latest in ransomware statistics and attacks from the wild.

Read More »

Anti-Phishing Training: Why ‘Set It and Forget It’ Is a Mistake

Posted by Gretel Egan on Jun 26, 2017 11:55:00 AM

Even though cybersecurity budgets are healthier now than they have been in past years, security talent is in short supply, which means infosec training teams are still facing the crunch of doing more with less. As such, the lure of automation is strong. If you find yourself tempted by the idea of a “set it and forget it” security awareness training program, we caution you to consider the negative side effects of a hands-off approach.

Read More »

User Risk Report Shows Marked Lack of Security Awareness Among Workers

Posted by Gretel Egan on Jun 15, 2017 1:40:36 PM

Earlier this week, we released our 2017 User Risk Report, which features the results of a survey of more than 2,000 working adults — 1,000 in the US and 1,000 in the UK — who were asked about cybersecurity topics and best practices that are fundamental to data and network security. What we found out about the personal habits of these individuals was sometimes heartening, occasionally perplexing, and frequently terrifying — but always enlightening.

An interesting note before you dive into the highlights below: Our survey concluded less than 24 hours before the first reports of the global WannaCry ransomware attack began to spread. As such, the responses of the participants were not influenced by the increased media exposure that resulted from WannaCry.

Read More »