blog-logo.png

A BLOG ABOUT CYBER SECURITY

Wombat Security is a leader in security awareness and training. Our blog covers the latest cyber security news, insights, and best practices. We arm infosec professionals with the knowledge and tools they need to improve end-user behaviors and reduce organizational risk.

Ransomware

Rethinking Patch Management Strategies to Balance Security and Uptime

Posted by Kurt Wescoe on Jun 21, 2017 12:42:04 PM

Recently I was part of a panel discussion on combatting ransomware at the SecureWorld Atlanta event. An interesting conversation developed around the old stalwart of patching computers and systems. A solid patching process is one of the most elementary parts of an organization’s security program — or at least it should be.

Read More »

User Risk Report Shows Marked Lack of Security Awareness Among Workers

Posted by Gretel Egan on Jun 15, 2017 1:40:36 PM

Earlier this week, we released our 2017 User Risk Report, which features the results of a survey of more than 2,000 working adults — 1,000 in the US and 1,000 in the UK — who were asked about cybersecurity topics and best practices that are fundamental to data and network security. What we found out about the personal habits of these individuals was sometimes heartening, occasionally perplexing, and frequently terrifying — but always enlightening.

An interesting note before you dive into the highlights below: Our survey concluded less than 24 hours before the first reports of the global WannaCry ransomware attack began to spread. As such, the responses of the participants were not influenced by the increased media exposure that resulted from WannaCry.

Read More »

Ransomware and Phishing Attacks: Why Anti-Virus Software Can't Save You

Posted by Gretel Egan on Jun 13, 2017 2:50:53 PM

Installing and keeping anti-virus software up to date on computers and mobile devices has become a de facto cybersecurity best practice — and for good reason. Like other technical safeguards, anti-virus software has come a long way in its sophistication since its early days in the late 1980s and early 1990s. There are many reliable and reputable options for anti-virus and anti-malware protection for corporate organizations and personal devices, and they provide an important layer of security for data, devices, and systems.

But you cannot count on them to stop ransomware infections, and they absolutely cannot prevent phishing emails from reaching your inbox.

Read More »

Was WannaCry the Harbinger of a Black Swan Cyberattack?

Posted by Kurt Wescoe on Jun 6, 2017 1:00:56 PM

Now that we’re almost a month past the WannaCry ransomware attack, it seems like a good time to reflect on it and examine some of the bigger-picture takeaways this attack may be signaling. I want to say upfront this is not meant to be a conspiracy theory or doomsday post. But with that said, WannaCry and some of the other more recent attacks show that the ingenuity and resourcefulness of cybercriminals continue to grow. And as far as ransomware goes, the WannaCry attack is the King of the Hill (at least for now); it will be fingered as the harbinger should a larger, more damaging attack be waiting in the wings.

Read More »

The Latest on the WannaCry Ransomware Attack

Posted by Gretel Egan on Jun 2, 2017 3:03:46 PM

Three weeks post-attack, and WannaCry is still top-of-mind for infosec professionals worldwide. This was very much in evidence during this week’s SecureWorld Atlanta, which I had the privilege of attending. Multiple sessions — including a panel discussion that featured Wombat Chief Architect Kurt Wescoe — covered ransomware attacks in general, but the conversations all spent a fair amount of time focusing on WannaCry and its impact.

Read More »