LUCY 4.8.6

Lucy 4.8.6 is available for automated update! Please make sure you have no active campaigns running before updating!

New features

  • SCORM Player. Now any SCORM package can be used as an awareness template.

Improvements

  • Additional information for recipient statistics via API
  • Disabling automatic re-sending deferred messages

Bugs fixed

  • Possible duplication of awareness emails in case of sending error
  • Incorrect anonymizing export data

LUCY 4.8.5

Lucy 4.8.5 is available for automated update! Please make sure you have no active campaigns running before updating!

New features

  • Accessibility compliance for the whole UI
  • New attack type – iCalendar
  • New language for templates: Macedonian
  • Multitenant capabilities for Settings

Improvements

  • Ability to send multiple awareness emails for the campaigns containing multiple phishing scenarios
  • Ability to export data from several campaigns at one action into a single file. The export file contains additional columns for Campaign Name, Client and Branch
  • Ability to select user groups for importing recipients from Azure Active Directory
  • Additional information for campaign statistics via API
  • Ability to search in Recipient Groups by Custom Fields
  • Significant improvements of filtering automatic link clicks made by bots and robots
  • Additional confirmation for deletion of recipients from the groups participating in running campaigns
  • Configurable value for statistics visibility for small groups in anonymous mode
  • Tooltip with the description for the file attachment templates
  • Multi-selection for deleting export files
  • Password length limit increase in Password Policy
  • Automatic selection of the default client on Recipient group creation
  • Ability to export filtered events from Support – Status
  • Improved Swagger API documentation
  • Training status for trainings in the End User Portal

Bugs fixed

  • Deletion of reported emails in O365 plugin
  • Web Server start failure after SSL auto-renew
  • Update to the latest version of PDF generator library
  • Wrong timing in video templates
  • Incorrect information in the campaign deletion in the log

LUCY 4.8.4

Lucy 4.8.4 is available for automated update! Please make sure you have no active campaigns running before updating!

New Features

  • PDF file-based Attack that allows to send PDF files with an attack simulation link. PDF files can be prepared within Lucy as HTML and they will be automatically converted to PDF just before sending out attack simulations.
  • New Burmese, Chinese Cantonese and Vietnamese languages for templates
  • Ability to view and export all clicks on the attack simulation link

Improvements

  • Sort order in Overall Recipient Statistics tables
  • New “Quiz Passed At” field in Recipient statistics
  • Additional columns in Export – All file to differentiate between quiz and non-quiz trainings
  • Diploma generation immediately after successful training
  • Automatic refresh of the End-User Portal and Statistics
  • Automatic selection of the language in the End-User Portal based on Recipient’s language, it can be configured manually from the UI
  • Training status in the list of available trainings in the End-User Portal.

Bugs fixed

  • Statistics calculation in the End-User Portal
  • Global Link availability in stopped campaigns
  • Let’s Encrypt autorenewal for sub-domains
  • Unnecessary statistics by Comment field
  • Risk distribution by Location
  • Template download issues
  • Let’s Encrypt SSL certificates for Docker installations
  • Per cent of completed trainings for awareness-only campaigns

LUCY 4.8.3

Lucy 4.8.3 is available for automated update! Please make sure you have no active campaigns running before updating!

New Features

  • Multiple LDAP integrations. Introduced a possibility to configure multiple LDAP servers that are bound to Client and/or Branch to provide independent simultaneous synchronizations of recipient groups with different LDAP servers
  • Interactive API documentation available directly from Lucy menu Settings → API Whitelist → API Documentation
  • New Euskera language for templates
  • Customizable campaign reminder templates
  • New API End-points for Campaign Scheduler

 Improvements

  • Improved API End-points: Custom fields, Campaign Statistics
  • Extended character set for Recipient Import
  • Extended set of Antivirus/Firewall protection intervals
  • Ability to report phishing Incidents as an EML attachments via O365 Plugin
  • Ability to report phishing incidents to multiple emails via O365 Plugin

Bugs fixed

  • Erasing statistics of all recipients in case of removing a single recipient
  • Incorrect statistics caused by Antivirus interval for File-based attack
  • Running campaign status in the campaign backup
  • Template attributes visibility
  • Unsupported symbols in recipients import files
  • Too many redirects with OAuth SSO
  • Incorrect statistics in Awareness-only campaigns

IMPORTANT NOTIFICATION

In case if a strict network policy is in place, please consider this message as critical.
LUCY centralized server is being moved to new IPv4.

We migrate it from 176.9.154.150 to 162.55.130.83, 16th of October 2021 23:00 Central European Time.

Please add the new IPv4 to the list of allowed hosts for inbound and outbound HTTPS traffic.

The server is responsible for such things as:

  • Templates
  • Software updates
  • License verification

No running campaigns will be affected.

In case of any questions, please email to support@lucysecurity.com

LUCY 4.8.2

Lucy 4.8.2 is available for automated update! Please make sure you have no active campaigns running before updating!

New Features

  • Flexible template attributes. There is a global list of template attributes automatically uploaded by all Lucy instances and available for template editing and creation. The list is managed by Lucy team
  • Template filter that allows to filter templates by any template attribute including template Languages
  • Ability to create On-boarding campaigns via new Scheduler Rule Type “Yearly Campaign”. It is possible to schedule sending multiple attack or awareness scenarios within 12 months from adding a recipient to the campaign aiming to organize an onboarding security course for new employees
  • New file-based templates: HTML and SVG attachments
  • New API End-points:
  • Campaign Report
  • Campaign Errors
  • Campaign Status
  • Campaign Exports
  • Diplomas
  • Export Incident Reports to Jira
  • Creation of a campaign based on Campaign Template

Improvements

  • End User Portal can be located at any domain that differs from the domain of the Admin Panel
  • Serbian language for templates
  • Handling disabled LDAP users
  • Visibility of long Campaign names on the Dashboard

Bugs fixed

  • Upper/Lower case names in recipient import files
  • Awareness-only statistics
  • Awareness sub-domain for End User Portal
  • User/Supervisor ability to bind awareness to an attack simulation
  • Resend button appearance for scheduled campaigns
  • Incorrect Statistics in End User Portal
  • LHFC scanner download from Wizard
  • Mail Manager: email contents incorrect display
  • Incorrect permissions for Client and Branch
  • Incorrect filtering from Azure AD server
  • Excessive write access to Azure AD
  • Insufficient search filters for Azure AD import
  • LDAP access with no SSL
  • Confirmation for deactivation recipients
  • Possible crash of the web server in Master and Slave configuration
  • Overall recipient statistics in Anonymous mode
  • Let’s Encrypt certificate issue/renew
  • Server test fail for OAUTH2
  • File-based scenarios bugs
  • Out Of Office delay for tracking responses
  • SOO/SAML incorrect initial configuration
  • Mail Manager performance improvement to avoid lost emails
  • UTF8 characters in CSV files for recipient import

LUCY 4.8.1

Lucy 4.8.1 is available for automated update! Please make sure you have no active campaigns running before updating!

New Features

  • Synchronization of user accounts from Azure AD to Lucy’s recipients and users

Improvements

  • lucyQuizResults() function returns “Trained At” value
  • Track Responses function is able to track emails sent to multiple addresses
  • Ability to use multiple email addresses in O365 plugin
  • SMTP delivery support for Gmail plugin

Bugs fixed

  • Import recipients from CSV with non-UTF encoding
  • Empty list of available trainings on the End User portal
  • Website preview for multi-language training
  • Scheduler for awareness only campaign
  • End User Portal statistics inconsistency
  • Empty recipient columns in export

Lucy 4.8

Lucy 4.8 is available for automated update! Please make sure you have no active campaigns running before updating!

New Features

  • Multiple awareness for awareness only campaigns. It is possible to assign different awareness scenarios for different recipient groups in awareness only campaigns. Risk level differentiation is also supported
  • Ability of separate scheduling different awareness scenarios. It is possible now to separately schedule training scenarios in awareness only campaigns
  • New Branch attribute for campaigns, users and templates. A new Branch attribute for Clients is introduced. Campaigns, recipient groups and templates can now be restricted for administrative users within the same Client based on the Branch attribute of the user
  • New API endpoint for removing a recipient group from campaigns
  • New Mail Manager. Mail Manager was completely re-designed to increase its performance, stability and usability especially for the campaigns with a huge number of recipients
  • End User statistics export. It is possible to export end-user list filtered by Campaign or Recipient Group with general statistics. Export data can also be grouped by Recipient Group or Campaign
  • Overall Recipient Statistics. It is possible to view general Recipient statistics under Campaign Statistics menu. Data can be viewed and exported using filter by Campaign, Recipient Group or time period

Improvements

  • LDAP Sync Tool: ability to work without administration rights
  • LDAP Sync Tool: ability to connect to Lucy via proxy
  • SMTP connection test console output
  • Ability to use %gender% variable when no gender attribute defined for a recipient

Bugs fixed

  • Inaccurate statistics in report variables %charts.awareness%, %victim.table.trainingstats% and %awareness.completed%
  • Incorrect awareness website language with Direct Login for recipients with different languages
  • Comma in Fake Recipient Name
  • Anonymization for Divisions with less than 10 recipients
  • Anonymization in Compare function
  • Detection of the OS and Browser versions in awareness only campaign
  • Logs rotation for Docker installation
  • Chronology of events in Timeline
  • Geolocation in Master/Slave environment
  • Quiz score attribute in API
  • Authorization via LDAP with SSL
  • Custom name for PDF file-based scenarios
  • Metadata in SCORM export
  • Training overview chart stats
  • Visits accounting
  • Campaign visibility for administrative users
  • License options
  • Inaccurate average scenario time in campaign exports
  • “Only successfully phished” option of the scheduler
  • Incorrect statistics if Success Action is set to Clicked
  • Ability to stop campaign on Slave in Reflective Master&Slave configuration
  • Export to SCORM wrong metadata
  • Training overview chart incorrect stats
  • Bugs in visits accounting
  • Bugs in campaign visibility for administrative users
  • Minor bugs in license options

Lucy 4.7.8

Lucy 4.7.8 is available for automated update! Please make sure you have no active campaigns running before updating!

New Features

  • SMTP OAuth2 authentication mechanism. OAuth2 protocol for SMTP servers makes Office 365 (Exchange Online) more secure. Gmail support is coming out next year. Other providers will be added depending on the need and applicability
  • O365 mobile support. Phishing button for Office 365 can now be used in Outlook mobile app in the same way as on desktop computers. Reinstallation of the plugin is required
  • Single Sign-on: Azure AD OAuth2 authorization. Azure AD OAuth2 authorization. It is possible to configure SSO for Lucy users using Azure AD OAuth2 authorization
  • End Users: send password reset link instead of plain text password. It is possible to send a password reset link in awareness email instead of attachment to access the End User Portal
  • External ID for recipients in API. This feature is important for those users who would like to develop custom mechanism of synchronization of recipients using Lucy’s REST API

Improvements

  • German translation of the UI
  • Whitelabel: all Lucy references can be replaced

Bugs fixed

  • Track Responses: case sensitive
  • Incorrect schedule plan
  • SSL certificates: Certbot won’t update