Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

10/4/2012
02:08 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Wombat Launches Simulated Attack Service To Reduce Use Of Rogue USBs

SaaS product enables security officers to assess and train employees not to use removable memory devices of unknown origin

Wombat Security Technologies (Wombat), a leading provider of cyber security awareness and training solutions, today announced it is launching the industry's first simulated USB attack service to address the growing threat of fraud due to rogue memory devices loaded with malicious malware and spyware. Wombat's USBGuru&trade is a software-as-a-service product that enables security officers toassess and train employees not to use removable memory devices of unknown origin. An expansion of Wombat's family of Social Engineering Assessment products, USBGuru improves upon traditional penetration testing, allowing organizations to assess and mitigate risk at the same time by teaching employees to defend against attack. USBGuru follows in the footsteps of PhishGuru, Wombat's award winning email phishing simulation service, recognized for its ease-of-use and proven effectiveness.

"Advanced persistent threats continue to target the human element within organizations with the malicious use of memory devices as one of the most recent attack vectors to threaten businesses, said Joe Ferrara, President and CEO of Wombat Security Technologies. "Performing mock attacks on end users and providing just-in-time training has already been scientifically proven to be effective at reducing user susceptibility to attack. Wombat's new service will extend this training to the use of memory devices to help companies protect against the latest breeds of malware and spyware used to infect corporate networks and steal valuable data."

How it Works

Security officers use Wombat's cloud-based interface to easily create a custom executable file with brief training embedded in the file. The executable file is saved onto removable memory devices which can be distributed to any location in and around their organization. When an employee plugs the rogue USB drive into their computer they will be presented with just-in-time training. The training message will explain the risks associated with removable memory devices and provide practical advice to the employee. The USBGuru administrator interface provides detailed reports for security officers to know who is most susceptible to memory device attack, track training completion, and group susceptible individuals together for targeted follow up.

By assessing and training employees throughout the year, Wombat's new USBGuru attack simulation service enables security officers to:

· Determine the risk their organization faces due to the use of rogue memory devices by employees

· Understand which employees are most susceptible to these attacks and who should receive additional training

· Provide a teachable moment that ensures employees will follow company policy and only use USB drives they acquired personally, or through their IT department

· Increase acceptance of security awareness training

· Protect corporate networks from Malware, Spyware and other malicious software

Wombat also provides complementary software training modules that can be used in conjunction with mock or simulated attacks to reinforce learned concepts. The combination of simulated attacks and interactive training modules provides the capacity for continuous improvement so security officers can improve their company's security posture by changing employee behavior.

Ferrara continued, "The USBGuru simulated attack service is yet another tool in Wombat's comprehensive arsenal of security awareness and training solutions that empower security officers to tackle today's most pressing cyber security issues including e-mail security, password management, social networking, web browsing, smartphone/BYOD vulnerabilities, phishing and social engineering.

Wombat's USBGuru simulated attack service is available now, just in time for Cyber Security Awareness month in October. For pricing and/or more information, please visit http://www.wombatsecurity.com.

About Wombat Security Technologies

Wombat Security Technologies helps organizations combat cyber security threats with uniquely effective software-based training solutions. Wombat offers fully automated, highly scalable software-based training solutions, built on learning science principles. They offer mock attacks with brief embedded training, as well as a full complement of 10-minute software training modules. Wombat's training solutions have been shown to reduce employee susceptibility to attack by up to 70%. Wombat is helping Fortune 500 customers, large government agencies and small to medium businesses in segments such as finance, banking, higher education, retail, technology, energy, insurance, and consumer packaged goods strengthen their cyber security defenses. For more information visithttp://www.wombatsecurity.com or contact Lorraine Kauffman-Hall at 704-882-0443 or lhall(at)attainmarketing(dot)com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24259
PUBLISHED: 2021-05-05
The “Elementor Addon Elements� WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24260
PUBLISHED: 2021-05-05
The “Livemesh Addons for Elementor� WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24261
PUBLISHED: 2021-05-05
The “HT Mega – Absolute Addons for Elementor Page Builder� WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by ...
CVE-2021-24262
PUBLISHED: 2021-05-05
The “WooLentor – WooCommerce Elementor Addons + Builder� WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-priv...
CVE-2021-24263
PUBLISHED: 2021-05-05
The “Elementor Addons – PowerPack Addons for Elementor� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scriptin...