New LUCY 4.3 brings mfa security a full blown LMS and Debian 9.5

New LUCY 4.3 brings a full blown LMS and Debian 9.5

LUCY V4.3 brings

The Learning Management System (LMS) has reached full capacity. It includes now the advanced education portal functionality for end users: This feature allows users/victims to log into Lucy on their own and track their progress over multiple campaigns/trainings
A brand new Campaign Wizard
2-Factor Authentication for Lucy Users and Admins
A new Training Type named Training Library: This feature introduces the ability to offer recipients a library of training materials, compiled of various awareness templates in LUCY Server
The Software runs now on Debian Linux 9.5

Already at the end of September 2018 we have started the rollout of LUCY 4.3. The image is available on https://lucysecurity.com/download.

Functionality

The latest version of LUCY Server offers many interesting functional enhancements and improvements: A new wizard is available to make your first campaigns even easier. A two-factor authentication is now available for end users. Our LMS is now fully functional and has now the desired scope so that you don’t need an additional learning management system anymore. For the trainings there is now a real training portal, in which the user can manage his trainings and follow his learning progress. Especially we would like to point our new “Awareness Training Library”, where the end user can individually select his own training from a whole library of training modules. And there are even more new features worth to mention:

Threat analysis for endusers
Add attachments to PDF
User reputation report
Disk usage tracking
Block search engine networks from accessing Lucy
Incident center with Filter, Search and Sort
CSV, PDF export of Mail & Web Filter Test results
Campaign message log: search and filter

Linux Upgrade

The most far-reaching change is the upgrade of the operating system to Debian Linux 9.5 Stretch. This measure was necessary to ensure maintainability and to maintain system security, as this guarantees security updates for the OS until 2022.

All customers using a system hosted by LUCY have already been contacted or will be contacted directly by our support. Customers who use LUCY as VMware, VirtualBox or AWS appliance have an automated upgrade routine available for the update.

Customers who have installed LUCY natively on Debian, using a Docker container, will get an automated upgrade as well. Customers with native installations without Docker please contact our support as well. An appointment must be made to perform the manual upgrade.

Contact support in case of problems – We hope to have served with this information. If you have any problems with the upgrade, please do not hesitate to open a ticket directly awareness of cyber security at support (at) lucysecurity (dot) com. Note that no campaigns can run at the upgrade time and that the server is restarted during the upgrade.

Download V 4.3

Fixed Bugs in LUCY Software V 4.3

And we fixed a lot:

4.3 Awareness Delay Bug
4.3 Hyperlink Template show landing page
4.3 mail and webfilter display issue
Admin port configuration bug
Annymous not working for downloads
Anonymisation bug fix
Apache: Syntax error in apache2.conf while doing graceful restart
API recipient-group mapping to campaign fails
Awareness certificate generation page
AwarenessCertificateJob: runs after stopping any campaign
Campaign comparison: recipients bug
Campaign Restart & Reset Stats button
Campaign Restart not working
Campaign Test Run feature: tracking clicks isn’t working in ‘Awareness only’
Campaign.recipient_count out of sync
CampaignManager.getRunning / getRunningCount bugs
Console Post shows empty GUI
Constantly running getIpJob
Correctly mark simulation reports for stopped campaigns
Divided by zero bug
DocX report Bug
Download Template: Hide Installed is ignored when Check All available is ticked
Download templates error
Download Templates: Lucy is unable to get ‘updated’ (new) templates
Empty report arrives if the option After I stop the campaign send me a report to.. is enabled
End User Profile page: available training / History gives a 404
Error 500 when downloading campaign template
Importance of security awareness training
Error downloading user certificate
Error in UI when using 2FA
Exception on saving Scenario settings
Fix awareness cert
Fix bug in edit scenario template
Fix LDAP bug
Fix remaining errors from QA
Forgot password
Generate Report bug: showDateTime method is missing
In the download links files the wrong choice of ip / domain is used
Incident Management: download message received by SMTP
LDAP cannot be deactivated
Lucy is unable to change timezone
Lucy Outlook Button: Server Address could not be resolved
Mail & Web test – file names bug
Mail and webfiltertest: not possible to rename the campaign name
Mail Settings resets after insatalling 4.3
Migration tool: bugs
Migration Tool: empty campaign bug
Modifying scheduler rule issue
MWF: remove options from scenario and template
MX check error
Not possible to bind recipients to a campaign
O365: No ‘Access-Control-Allow-Origin’ header
Outlook plugin download fix
Password recovery does not work for any user
PDF attachment fixes
Portable media attack fixes
Property VictimCustomFieldForm.value is not defined
Recipients: Copy&Delete buttons unavailable in Internet Explorer
Recipients: Select All > Delete leads to system failure
Reflective Master/Slave
Reminders: FATAL (Exited too quickly)
Remove stat fields from Campaign and CampaignScenario
Report: Error generating image (custom admin port)
Reputation levels: default icon
Request failed try again when saving Message Tempalate
Scenario Stats : Show All button
Scheduler: when start\end have the same time then the plan is not created
SCORM Export bug
SCORM export: language selection
Spoofing Test: could not resolve
SSL for Lucy console when custom port is used
Stats calculation error
Temporary folder bugs
It security awareness training
Test Run: Email tracking breaks the campaign
Translation Bug fix
Undefined variable: ip