Lucy 4.7.7

Lucy 4.7.7 is available for automated update! Please make sure you have no active campaigns running before updating!

New features

  • Mapping of multiple awareness scenarios. It is possible to bind several awareness scenarios to each attack simulation scenario in the campaign. So it will be possible to send different attack simulations and bound awareness scenarios to different recipient groups within a campaign. The risk level of the recipients will be taken into account for the awareness emails
  • LDAP Synchronization Tool multiple groups. It is possible to synchronize several LDAP groups using the tool
  • Export by Recipient group. Campaign – Exports – Recipients – All by Recipient Group. A new item for export all campaign data including Recipient group.
  • Excel macros that allow determining if it has been executed. Lucy has a new Success action attribute named “File Open”. This is triggered by a GET request that can be sent from a macro
  • Outlook plugin line breakers. Outlook Plugin allows multi-line text in the user configured messages

Improvements

  • Old protocols of web-server except TLSv1.1, TLSv1.2 and newer are disabled
  • Old temporary files from temporary folder are cleared once a day
  • Performance test results became more accurate
  • Awareness Tracking Functions are expanded with several new functions to make awareness templates more flexible. The compatibility with the existing templates is kept
  • New attribute “Client” for Lucy administrative users
  • Password policy – minimum password length is increased to 16
  • File names validation before uploading improvement for better security
  • XSS and RCE handling improvements

Bugs fixed

  • File renaming after upload using File Browser
  • LDAP sync tool: missing ldap_based attribute for LDAP users
  • Incorrect stats in the Awareness only End-user Portal
  • Unsolicited emails to the recipients
  • apt-get update && apt-get upgrade issue in OS update procedure
  • Quiz results disappearing after campaign restore
  • %success% variable rounding out
  • Notification on failed backups
  • Mail Manager: diacritic chars in the campaign name
  • No Recipients Menu for Administrative Users