LUCY the only truly GDPR compliant security awareness and phishing simulation solution!

Our evaluation process has shown that LUCY Security Awereness software is the only solution that meets our data protection and GDPR needs. Moreover, the LUCY people have shown that they are always looking for a solution to our problems! – Statement of a new corporate customer 2018

Anonymous Data in the Phishing Simulation Dashboard

Masked Victim Data of a phishing simulation campaign using LUCY Software

Full GDPR compliance in the LUCY Security Awareness Suite – In Switzerland, the same data protection standards apply as in the European Union. For this reason, the LUCY Suite was already geared towards data protection, anonymization and pseudomization at the concept stage in 2014. This means that employees can receive targeted training, even if the system administrator is unable to view employee data. Depending on the reputation level, employees can be provided with special training courses adapted to their know-how, while privacy and anonymity are assured.

 

LUCY is the only anti-phishing and employee sensitization suite that complies with the GDPR, whether as a local installation or a cloud solution!

Learn more about Data Protection, GRPR and LUCY Phishing / Employee Sensitization here (LUCY Wiki).

 

DSGVO konforme Phishing Simulationen und Mitarbeitersensibilisierungen sind nur mit der LUCY Software möglich

The Marriott Databreach Podcast - What are the impacts going to be? And started it with a phishing attack?

The Marriott Data Breach: What impact will this incident have on industry and consumers? Listen to the podcast!

01.12.2018 – Did it start with a Phishing Attack? Jean Martin’s podcast on ITSP Radio investigates the theft of 500 million records at the Marriott Group. The Marriott Data Breach led to the data of half a billion Marriott guests leaving the company.

Jean speaks with his guests Colin Bastable of LUCY Security and Matt Mosley of Tevora about the Incident:

  1. What has happened
  2. Why the hotel industry is a regular target of such attacks
  3. What impact will this incident have on industry and consumers?
  4. What penalties will be imposed? (GDPR)

Although the incident was discovered in September 2018, the Marriott Group acted quickly and announced in a statement on 30 November 2018 that the Starwood Hotel reservation systems had been hacked. The internal investigation then revealed that unauthorised access could be traced back to 2014! From more than 327 million guests, data such as name, mailing address, phone number, email address, passport number, Starwood account information, date of birth, gender, communication preferences and overnight information flowed out. For some of the guests also credit card information was stolen, but this was encrypted (Advanced Encryption Standard encryption AES-128).

It started with a Phishing Attack – The discussion partners assume that the attack most likely began with a phishing attack. The interesting fact was also noted that the attacks apparently continued during and after the merger between Starwood and Marriott.

Why this is a treasure? The hacker was able to capture an incredible amount of data with the attack. They are now in possession of intimate, personal identification data from half a billion tourists, businessmen and government employees.

“None of these companies are able to protect your customer data” – The 25 minute podcast gives food for thought. We are all customers and we should consider how to share our intimate data. The Mariott case will probably now be a GDPR / DSGVO preference case, with probably very high penalties, but the damage is there!

Listen in and think about it! Do you surf public unprotected networks? Do you store your credit card details? Do you share your real birthday?

New Major Release is out - LUCY V4.4 is available for download

Brand new: LUCY V4.4 and why you should upgrade to the new version!

The second release using Debian 9.5 brings significant improvements to users of the Phishing Incident button. Further the GDPR compliance is now on the highest level!

The Office 365 (c) Incident Button is now matured and the Mail and Web Filter Test feature has been polished. Further improvements and bug fixes see below.

What is the Mail and Web Filter Test?

This Email and Internet malware protection test gives you an insight at how your mail server and web proxy handles different variations of files and file types. You can thus see whether potential malicious code, such as Java files, backdoors, scripts, embedded Office Objects are detected and blocked by the filter infrastructure. Based on these results, you can then carry out targeted phishing campaign. And you know which files „go through“.

Why is the new Debian Linux version so important?

The Linux Version that we used until Lucy V4.2 stopped receiving security upgrades from the vendor, so by moving to the new version you will continue getting security updates for all software for the Operating System level until 2022. In addition, Lucy will run on more recent versions of software, and this may speed some things up.

New Major Features in Version 4.4

What improvements and new features are particularly worth mentioning? (Some with links to the LUCY Wiki)

 

 

VmWare / VirtualBox / AWS / Native Linux available

 

Other Improvements and Bug Fixes

Other Improvements / New Features

  • Improvement – Improve template menu (awareness + scenario templates)
  • Improvement – SE: Catch email replies
  • Improvement – SE: Embedded email client
  • Improvement – Recipient Statistic Improvements
  • Improvement – O365: implement features from MSI plugin (Plugin)
  • New Feature  – Campaigns and CampaignScenario tables refactoring
  • New Feature  – SE: Time tracking for landing page

 

Fixed Bugs

  1. Server – Awareness Delay bug
  2. Server – End User Portal: incorrect redirection
  3. Server – Downloaded Files: incorrect calculation
  4. Server – Test Run: Awareness email isn’t sent if delay>0
  5. Server – Pinned Campaign checkbox: UI changes
  6. Server – Resend Button (Errors): MessageJob does not start
  7. Server – Risk Assessment: highlight recommended scenarios
  8. Server – Invert-Train: trained_at isn’t updated
  9. Server – Campaign name should be unique
  10. Server – Campaign Restore: User Id cannot be blank
  11. Server – Statistic charts are displayed as “in progress” in stopped campaigns
  12. Server – Quiz stops counting answers when get 10th question
  13. Server – Campaigns: backup is displayed when apply search
  14. Server – Campaign Recipients: Distribute users over selected scenarios
  15. Server – Mail & web filter test – 500
  16. Server – Users: Admin account is changed to end user
  17. Server – Update bug 4.3 => 4.4
  18. Server – No default reputation level is displayed after successful submission
  19. Server – Users: Certificate-based login
  20. Server – PHP error
  21. Server – 500 error during import recipients
  22. Server – Invalid awareness_id when restoring awareness only company
  23. Server – 2FA: second password is sent
  24. Server – Missed column names for recipient
  25. Server – Remove `Reports`,`Campaigns` from New Client
  26. Server – X-headers are not set in forwarded emails in O365
  27. Server – Scenario Templates: download instead of release date
  28. Server – Awareness website click stats is not anonimized
  29. Server – Landing Page Editor: Close Handler nor working
  30. Server – Advanced data not anonimized
  31. Server – Incorrect training score
  32. Server – Benchmark Sector settings: top-border overlapping
  33. Server – Text after quotes will disappear after apply search
  34. Server – Quiz Scores Distribution
  35. Server – Recepients: User see `null` text in alert during deletion recipients
  36. Server – Correct text placement in ‘Awareness website’ graph
  37. Server – Incidents: the Email domain is parsed incorrectly
  38. Server – Reports: remove extra tags
  39. Server – End Users: correct succeeded users count
  40. Server – Recipients import: custom fields aren’t imported
  41. Server – Users info is not anonymized
  42. Server – Hide anonimized user data on server side
  43. Server – Campaign Wizard: error creating campaign wizard with ‘Mail & Web Filter Test’, ‘Technical Malware Test’ types
  44. Server – New scenario cannot be added
  45. Server – Portable Media Attack: Failed AJAX requests
  46. Server – LHFC: Tool is not attached
  47. Server – Data in report template is not anonymized
  48. Server – Collected data is not Anonymized
  49. Server – Hide statistic info for company with anonymous scenario
  50. Server – CampaignGroupRecipientEditJob: recipient_count isn’t updated
  51. Server – PHP notice
  52. Server – awareness website – fake anonymity statistic
  53. Server – Adapt template: Website is disabled after saving basic settings
  54. Server – Can not close BenchmarkSettingsForm
  55. Server – 404 on “opened” item
  56. Server – Attaching renamed image
  57. Server – Unable to restore from backup
  58. Server – Campaign recipient link bug
  59. Server – End users not created for the phishing campaign
  60. Server – Data in export drop down is duplicated
  61. Server – PHP notice on time/top worst
  62. Server – Reputations Level bug
  63. Server – Campaigns: Unable to delete all campaigns
  64. Server – Error creating recipient without email
  65. Server – Error saving in “Base Settings” section
  66. Server – Campaign Wizard: 500 error on create campaign ‘Training’ type
  67. Server – LDAP: users from another domain are not imported
  68. Server – Campaigns: Runtime exception of save campaign name with <>
  69. Server – Awareness: 404 on preview website for specific template
  70. Server – Campaign Wizard: the 404 page on preview template
  71. Server – SMS issue
  72. Server – “Test Run” bug in portable campaign
  73. Server – Reputation Levels buttons bug
  74. Server – Recipients import: “records of page” dropdown bug
  75. Server – Recipients import dropdown bug
  76. Server – Dynamic Domain Save Bug
  77. Server – Search field is not cleared after clearing field and click Update button
  78. Server – Migration Tool: “Campaign templates” section is not copied
  79. Server – Campaign export : table appearance issue
  80. Server – Negative rating
  81. Server – API: scenarios bug
  82. Server – Time landing Page varaibale is not shown in help
  83. Server – Individual scenarios not running
  84. Server – Bad code performance in CampaignController.actionClearSimilarErrors
  85. Server – Error uploading logs to server (error 400)
  86. Server – View Only User Bug
  87. Server – Scheduler: Run Days data validation
  88. Server – End User Line Break Issue
  89. Server – Awareness Certificate: non-english scenarios
  90. Server – Broken link in the campaign breadcrumbs
  91. Server – Recipient group creation bug
  92. Server – Mail settings bug
  93. Server – Enduser login bug
  94. Server – Add language to template
  95. Server – Report Variable: limited interval
  96. Server – Report Variable: screenshot by scenario ID
  97. Server – Reminders page: numeric UpDown fields display only one digit in Firefox
  98. Server – Forward Email bug
  99. Server – Test Run: Resend bug
  100. Server – Recipient Import from CSV: Gender column is missing
  101. Server – End User portal: password.txt
  102. Server – Copy button display bug
  103. Server – CSS bug: too long campaign name
  104. Server – Enduser when creating users
  105. Server – Permission issues
  106. Server – Advanced settings form adjustment
  107. Server – View filters bug
  108. Server – Adding recipients from search results
  109. Server – Campaigns.recipient_count bug
  110. Server – Test run affects campaign running time
  111. Server – Campaign summary design issue
  112. Server – System creates endusers for portable attacks
  113. Server – Awareness page is still accessible after campaign is stopped
  114. Server – Wrong user info in campaign stats
  115. Server – Import from CSV: Link field verification
  116. Server – Collision of victim’s links in copied campaign
  117. Server – Performance test campaign is not deleted after stop
  118. Server – Campaign overview not showing success
  119. Server – Reports: file type settings are not displayed
  120. Server – Webpage upload bug
  121. Server – Object restore id bug
  122. Server – Wrong paginator url on recipient page
  123. Server – clear-db.sh bug
  124. Server – LDAP: users who have name with brackets are not imported
  125. Outlook MSI Plugin – Outlook phish button error message when reporting mail which is in “draft”
  126. Outlook MSI Plugin – Big attachment bug
  127. Outlook 365 Plugin – Error parsing headers in O365 reports
  128. Outlook 365 Plugin – Useless function-file referenced from XML (with a wrong URL)
  129. Outlook 365 Plugin – Error for awareness reports
  130. Outlook 365 Plugin – Outlook 365 restored item bug

 

VmWare / VirtualBox / AWS / native Linux available
500 Free Recipient Credits included!

 

LUCY Security recognized as most promising cybersecurity startup 2018

Awards such as ‘Most Promising Cybersecurity startup 2018‘ are not only fun. They also support LUCY in the current investor search as described here. New Cyber Security Players are entering the market!

 

The ever evolving nature of cyber attacks requires companies to constantly update their corporate security strategies. Best practices used 5 years ago may be outdated today. The same can apply to security companies. There are some companies whose services are no longer as useful or useful today, or are offered at much lower prices elsewhere. It is therefore not surprising that new startups and vendors are constantly appearing in the cyber security environment.

 

Selection dominated by American Companies – LUCY Security has been on the market with products since 2015. However, the company has been able to retain its start-up character. In the selection of the most promising cyber security startups, the Swiss provider with a branch in Texas is the only one from Europe. The dominance of the USA is considerable: 13 of the 15 selected startups are American companies.

Excellent LUCY portrait helps with your purchase decision – Together with the award a great report about our company and about the performance of the LUCY software was published.  If you mention the purchase of a LUCY license, it is worth reading the article. The article of Startup City Magazine shows why companies should do security awareness and why this should be done with LUCY!

LUCY Security Awareness Posters for free download

Free Security Awareness Posters for your personal usage

Nearly 70 new educational posters for printing and hanging – freely modifiable and available in two different versions. This is simple and effective employee sensitisation for security awareness.

educational awareness poster for free usage - photo

Educational Poster: Photo

educational awareness poster for free usage - illustration

Educational Poster: Illustration

The LUCY Software contains the posters also in the source format (Adobe Illustrator). You can revise and modify the posters according to your ideas. It’s that simple!

Two versions: The posters are available as illustrations and as photo posters. If you would like to edit the poster in the LUCY server or process it further for printing, please click on the navigation point Content template on the left, then click on the button Upload file or image in the visual editor. In the Image Info tab, click on the search server to download the Adobe Illustrator file.

Bring useful variety to your offices. Hang awareness posters. Change them from time to time. With over 60 templates included for free in the LUCY software, it’s no big deal!

 

 

Free Awareness Posters: Following topics are actually available:

01. Lock your device (Photo)
02. Lock your device (Illustration)
03. Sharing Information (Photo)
04. Sharing Information (Illustration)
05. Identify Theft (Photo)
06. Mobile Device Security (Illustration)
07. Surfing unknown websites (Illustration)
08. Surfing unknown websites (Photo)
09. Don’t share private info (Illustration)
10. protect client’s data (Illustration)
11. Identify Theft (Illustration)
12. Secure your mobile device (Illustration)
13. Verify client’s data (Illustration)
14. Build Security Block by Block (Photo)
15. Protect client’s data II (Illustration)
16. Spot the threat (Illustration)
17. Social Media Security (Photo)
18. Security depends on you (Illustration)
19. Protect patient data (Photo)
20. Secure your mobile device (Photo)
21. Our security depends on you (Photo)
22. Secure Payment (Photo)
23. Monitor transactions (Photo)
24. Protect customer’s data II (Photo)
25. Don’t take the bait (Photo)
26. Don’t take the bait (Illustration)
27. Become a human firewall (Illustration)
28. Become a human firewall (Photo)
29. Verify all transations (Illustration)
30. Impersonating institutions (Photo)
31. Be cautious of phishing (Illustration)
32. Be cautious of phishing 2 (Illustration)
33. Password Security (Illustration)
34. Danger of sharing on social media (Photo)
35. Insecured Wi-Fi (Photo)
36. Spoofing & Phishing (Illustration)
37. Whispering (Photo)
38. Bubble (Illustration)
39. Build Security Block (Illustration)
40. Coffee Shop (Illustration)
41. Call center (Photo)
42. Call center person (Photo)
43. Call center person (Illustration)
44. Bubble (Photo)
45. Card (Photo)
46. Coffee Shop 2 (Photo)
47. Coffee Shop (Photo)
48. Crazy Businessman (Illustration)
49. Private (Illustration)
50. One Device (Photo)
51. Personal Info (Photo)
52. Password Mobile (Illustration)
53. One Device (Illustration)
54. Mobile Device Security (Photo)
55. Protect patient data (Illustration)
56. Password Mobile (Photo)
57. Personal Info (Illustration)
58. Spam 2 (Photo)
59. Spam 2 (Illustration)
60. Spam (Photo)
61. Transaction (Illustration)
62. Sticky Note (Photo)
63. Sticky Note (Illustration)
64. Whispering (Illustration)
65. Transaction (Photo)
66. Identity Theft 2 (Photo)
67. Crazy Businessman (Photo)

At LUCY we are constantly delivering new security awareness content and the updates come for free! 

 

So that’s it  🙂  Keep on enjoying LUCY Server and our Security Awareness Training Content

 or download our free Community Edition here.

 

Phishing Attacks Made Easy Webinar 2018

How do I do a file-based phishing email simulation and training? [Video Tutorial]

Phishing Attacks Made Easy – In 15 minutes to a savvy professional attack with file-based phishing email and IT security training. Prevent cybercrime, strengthen your employees!

The recording of the webinar moderated by Kevin Beaver shows how to provide an advanced phishing campaign. The video tutorial is rounded off with a search for existing data leaks in the darkweb.

 

 

During the screen presentation you will be shown the following steps in the creation of a file-based phishing simulation and the subsequent training lesson:

00:00 – Introduction “A wrong decision is all that it takes” by IT Security Expert Kevin Beaver

08:45: Creating a simulated phishing attack using the new LUCY Software V4.3. Security Evangelist Oliver Münchow shows how to create a sophisticated attack simulation and training campaign with the LUCY software in no time at all:

  • Selection of a Phishing Simulation
  • Create a landing page similar to the login page of an Office 365 © installation.
  • Configuration of a harmless Trojan in the ‘Installation file for Office Mail’.
  • Selection of the training module for the subsequent Awareness Training
  • Executing the awareness-raising campaign
  • Statistics / reporting of phishing simulation and the employee training
  • Reporting suspicious emails using the Phishing button and the Incident Console’s working method

23:00 Dark Web Research & Analysis: As a bonus the new LUCY Darkweb search for existing data leaks is presented (Preview)

26:50 Q+A: Questions from the audience moderated by Colin Bastable LUCY USA

About – The LUCY software serves to prevent cybercrime. The product can be installed locally or downloaded from the cloud. Hundreds of attack templates and training modules are available so that the solution can be used immediately. In the meantime, LUCY has been downloaded over 11000 times and installed over 6000 times. Customers like Robert Bosch, Pioneer or SEB-Bank are customers of the Swiss company with offices in Switzerland and Austin Texas.


LUCY is available in the Cloud or locally (download here)

Contents of the Webinar Video:


LUCY is available in the Cloud or locally (download here)

 

Top Ten Phishing Emails based on customer surveys

The 10 most effective phishing mails for employee sensitization [customer experience sharing]

Simple = Effective. For the top 10 Phishing Emails a simple formula obviously applies when it comes to the question of which phishing simulations are the most effective. During the LUCY User Conference 2018, a survey was conducted among the participating customers to find out which is the best or most effective phishing campaign.

The 10 best phishing mails for the employees are all simply structured. Nevertheless, even with repeated use, high ‘penetration rates’ are achieved. These are the top 10 phishing mails used by the LUCY user community:

  • Private files found on the computer that will soon be deleted
  • Unauthorized files on your drive moved to quarantine
  • E-Fax Phishing scenario with your own company logo.
  • GDPR / DSGVO – Information or confirmation letter
  • Near-time use of security incidents from the real world such as ‘Your data in the Ecofax data breach.
  • Company events such as ‚Your personal data for the preparation of the office move’.
  • Survey-based phishing attacks, especially the HR survey
  • Discounted or free offers (e.g. use Microsoft licenses for home use)
  • New bonus calculation for employees
  • Login masks of all kinds, in particular the Office 365© Login
  • Quarantined unauthorized files on your drive

 

Top Ten Phishing Emails based on customer surveys

According to customer statements, these are two of the most effective phishing templates for employee cybersecurity sensitization: bonus campaigns (fitness subscription) or the e-Fax scenario.

Hundreds of such templates in the Lucy software – so to speak for all above mentioned Top 10 Phishing Mails there is a template in LUCY! The simulated phishing attack is set up in no time, is always available in several languages and can be completely individualized, regardless of whether you prepare the campaign yourself or have it handled by a third-party provider (or even by LUCY Security itself).

Discover a small extract of the effective phishing mails from LUCY! With the large ‘Content Update 2018’, more than 150 new attack and training templates are available to you in one fell swoop. Click here for the table of contents.

Or download our Free Software here

 

We're all LUCY! Pictures and impressions from it-sa 2018 visitors

We are all LUCY! [PhotoGallery]

Prevention of cybercrime: Europe and Germany are awakening! it-sa in Nuremberg is the world’s second largest trade fair for information security. The fair has shown: Interest in IT security and employee awareness has risen sharply! The number of visitors to the stand of LUCY Security, the provider of Cybercrime prevention software, was absolutely remarkable. Not only IT security specialists were advised on security training courses, simulated phishing attacks and automated infrastructure audits, many executives were also present at LUCY’s stand!

it-sa 2018 Photo gallery: Impressions of the stand visits:

Or download our Free Software here

 

All notable LUCY features from the past four Releases

Did you miss all these features from the past 12 months? From LUCY 3.7 to 4.3

From 3.7 -> 4.3 : This is a considerable list! See a summary of the functionalities we have built or expanded in the last 12 months.  

Oct-16-2018
We have found that new features are often not noticed by users and therefore not used. That’s why we have summarized the most important new features of the last four major versions in this article.

  • LUCY Version 3.7 was the current release during LUCY Connect in October 2017 , since then
  • Four major releases were deployed until today: 4.0 (3.8, 3.9, 4.0 merged), 4.1, 4.2, 4.3

 

1.     People Testing Features and Enhancements

  1. Default campaign template for even more efficient campaign creations (3.7)
  2. Sending messages: CC, BCC and fake TO fields in messages (3.7)
  3. Gender-specific addressing using variables (4.0)
  4. Digital signature in phishing emails (4.1)
  5. Add attachments to PDF. Filebased Attack using the pdf format including an executable attachment (4.3)
  6. 315+ Attack templates and new languages like simplified Arabic, Chinese & Japanese

2.    Awareness Training Features and Enhancents

  1. A new Enduser profile page,your personal learning and training (3.7)
  2. Authoring Toolkit(4.0)
  3. Option for awareness results overwriting (4.0)
  4. Reputation-Based eLearning / ‘Maturity Model’ (4.0)
  5. Scorm export for Learning/Awareness Content (4.0)
  6. Attendance Certificate for successful training / Training Diploma (4.1)
  7. Full-featured LMS Advanced education portal for end users (4.3)
  8. Training library support (4.3)
  9. 180+ Training Templates containing 40+ Videos
  10. Screen locker Template – send data to the server on execution (4.0)

3.    User Engagement Features

  1. New Windows Incident Plug-In (split versions x32 / x64) (3.6)
  2. New Gmail Incident Plug-In (4.2)
  3. Office 365 Outlook plugin (3.7)
  4. Outlook plugin improvements:
    • Custom subject, multiple recipients, additional headers (X-CI-Report) (3.7)
    • Additional headers checkbox (4.0)
    • Configuration interface (4.0)
    • Custom image (4.0)
    • Localization support (4.0)
  5. Option to remove incident notification for emails generated by LUCY (4.0)
  6. Optional additional headers support (4.0)
  7. MS-Outlook / Office365© Incident Plugin improvements: configurable ribbon label, inline email forwarding options (4.1)
  8. Email Risk Score / Incident Auto Feedback (4.0)
  9. Gmail phishing button! (4.2)
  10. Extended Threat analysis for end users: Now extended information is available for endusers including charts, etc. (4.3)
  11. Threat Mitigation (4.0)

4.    New Infrastructure Assessment Features and Enhancements

  1. Risk Assessment Campaigns (4.0)
  2. Mail and Web Filter Test (Which file and message types ‘go through’?) (4.1) including CSV, PDF export of Mail & Web Filter Test results (4.3)
  3. Mail spoofing test (4.2)

5.    GUI, Stats, report and miscellaneous

  1. Widgets on the Dashboard (4.0)
  2. Stop All Campaigns” button (makes patching easier) (3.7)
  3. Custom logos in the campaign report. (3.7)
  4. Add comparison/benchmark charts into the report (3.6)
  5. Extended reporting options (3.6)
  6. New dashboard & new dashboard actions: It makes the handling much more straightforward, especially when you have a lot of campaigns running (3.7) or if you are a heavy user with lot of campaigns (4.0)
  7. Statistics: New real-time statistics overview (4.0)
  8. Campaign Variables enhancements, including the use of variables in headers and subject line (4.0)
  9. New report template variables: You can put ‘everything’ into your Campaign reports! (3.7)
  10. API: Integrate your personal LUCY instance into your corporate infrastructure or enhance the functionality. It’s a bidirectional Interface. (3.7)
  11. Track & monitor e-learning via API, dashboard or reports (4.2)
  12. Disable campaign checks option (3.7)
  13. Ability to enable/disable recipients (4.0)
  14. Campaign export page (4.0)
  15. Download template dialogue: Search and sorting (4.0)
  16. Improve additional groups in import (4.0)
  17. IP whitelist message (4.0)
  18. LDAP filter improvement (4.0)
  19. Recipient groups selection in schedule rule (4.0)
  20. Scheduler randomization (4.0) and improvements (4.1)
  21. User reputation in Lucy (who is not the same as reputation based e-learning)
  22. User reputation report (4.3)
  23. Recommended email domains in templates (4.1)
  24. Export Recipient Groups (4.1)
  25. Reports: Image placeholder (4.1)
  26. More Whitelabeling: Change default name, copyright, logo, etc. (4.1)
  27. Labeling / Whitelisting You can edit nearly all Text Messages or Labels (4.1)

6.    New or changed system specific components and functionality

  1. A new version of the active vulnerability detection feature based on own code, BeEF replaced (3.6)
  2. Fake deletion (you won’t accidentally delete anything) (3.6)
  3. Backups speedup (3.6)
  4. Backup of DB data (3.6)
  5. AV/Firewall protection improvement (3.7)
  6. Recipient upload improvement (3.7)
  7. Scheduler improvements (3.7)
  8. Advanced Export Features (4.0)
  9. Anonymous Mode: Stronger settings, no more reverts (4.0)
  10. Domain registration: New TLDs (4.0)
  11. Log Improvement (login, logout, create/delete campaign/scenario (4.0)
  12. Predefined Campaign Templates (4.0)
  13. Multiple default campaign templates (4.0)
  14. New Campaign Wizard (4.3)
  15. Domain renewal option (4.1)
  16. XML export support (4.1)
  17. New SPF CHECK & MX Check (4.2)
  18. Postfix: support TLS for outgoing messages (4.2)
  19. Automatic invoices when buying credits (4.2)
  20. 2-Factor Authentication for Lucy Users (4.3)
  21. Disk usage tracking (4.3)
  22. Block search engine networks from accessing Lucy (4.3)
  23. Incident center with Filter, Search and Sort (4.3)
  24. New Docker configuration (4.2)
  25. The Software runs on Debian Linux 9.5 (4.3)

These all the notable Features and Enhancments from the past four LUCY Releases – Enjoy using LUCY!

We make Cybercrime Prevention and Simulated Internet Attacks available and affordable to everybody!

Ridicolous easy: Phishing Attacks and Awareness trainings set up and run within seconds. Also suitable for Experts!

Even for Experts: Phishing & Training Campaigns set up within seconds with LUCY Software 4.3 [Video]

It can’t be better! Cybercrime Prevention in Seconds! Also for Pros: A new Phishing and Training Wizard for Campaign Creation is available in LUCY V4.3. LUCY Software is the leading solution for cybercrime prevention.

Watch the 2-minute video and discover how to set up, start and send a complete simulated phishing attack and a security awareness training course to your employees in two minutes. We explain how this works:

  1. You need LUCY Server V4.3 as local installation or Cloud Appliance (Download).
  2. Log into LUCY and select ‘New’ and ‘Campaign Wizard’ options in the Campaign Dashboard.
  3. The wizard for creating the simulated phishing attack will start. Select the type of attack you want to use. Available are hyperlink-based, web-based, file-based, USB attack, Mail+Webfilter test, pure training without attack simulation or the Malware Simulation to test your infrastructure.
  4. Select the template on which the phishing attack should be based, define the attack language.
  5. Name your attack scenario and select the client under which the attack should run.
  6. If you want to add a training to the phishing attack, please select the corresponding checkbox.
  7. Now define the properties of the phishing attack: attack domain, sender name (of the simulated phishing email), sender email and subject of the message. You can already work with variables to address the victims individually here. The configuration of the attack part is now completed.
  8. Awareness Training part: Now select the appropriate sensitization training and the language to be used. There are hundreds of quizzes, videos, games, interactive courses, posters, etc. to choose from.
  9. Now also define the properties of the training lesson: source domain, sender name, sender e-mail and subject. This information is then used to send the user an invitation e-mail to complete the training.
  10. Select a predefined recipient group that is to receive the attack and the training or enter the recipients now.
  11. Done! Check your entries in the recapitulation of the phishing and training campaign and
  12. Press ‚Start’. Alternatively, professionals can go into the detailed settings of the attack and make further revisions! So even specialists benefit from the efficiency gain in campaign creation through the LUCY V4.3 Campaign Wizard.

Strengthen your staff against Internet attacks with LUCY Software! There is no better product for cybercrime prevention.

Schedule a Demo

Ask for a Testsystem