Tuesday, March 9, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

LUCY V 2.4 Phishing Server Becomes First Cybersecurity Tool To Simulate and Defend Against Macro Malware Attacks

by Corporate Compliance Insights
October 16, 2015
in GRC Vendor News
LUCY V 2.4 Phishing Server Becomes First Cybersecurity Tool To Simulate and Defend Against Macro Malware Attacks

PALO ALTO, CA (October 14, 2015) – LUCY today announced V. 2.4 of its phishing server, which becomes the first cybersecurity solution that allows a business, government agency or individual to simulate and defend against macro malware attacks.

The newest release of LUCY www.phishing-server.com can turn any laptop PC into a full security assessment environment, allowing users to simulate phishing and malware attacks and even build awareness by teaching users about the threats. LUCY has been designed so technical and non-technical persons can administrate the platform and configure traditional or custom phishing attacks and malware attacks, perform malware protections tests and implement an eLearning module to provide the necessary training to improve employee awareness. LUCY features a simple web-based user interface that includes pre-defined mail and web templates. It is free to download for individuals and companies up to 100 employees and also available as a commercial product.

The Microsoft Malware Protection Center says there has been a dramatic increase in threats using macros to spread malware via spam and social engineering over the last month. Malicious attachments have dominated the campaigns of 2015 to date, driven by the massive volumes of attachments and messages.

Typical macro based malware first gets executed on the windows and in a second step fetches a second stage payload from a compromised server or from an attacker-hosted server. Most times this happens by hijacking the browser and initiating a regular HTTP or HTTPS request to the attackers server in the internet. Additionally most attackers use some sort of obfuscation and encoding techniques to hide their activities.

In the latest release of LUCY 2.4, every home user or company is now able to test its macro security and people awareness. As part of its phishing simulations, LUCY is now also able to simulate all those steps discussed earlier. LUCY can create a custom Word file that includes a macro malware simulation.  Users can send this Word file using LUCY via email – or include it in one of the many phishing campaign templates. Once opened, the Word document will execute a few harmless Windows shell commands that can be configured in LUCY  (e.g. “ipconfig” or “whoami”). In the next step it will send the output back to the LUCY admin console using the build in browser.

Using this new and unique feature in LUCY allows users to test:

  1. If their users are aware of the risks from macro’s (open and enabled macros)
  2. If the company infrastructure is able to defend macro attacks (e.g. using the right GPO’s – group policies)

LUCY can be downloaded at http://phishing-server.com.

About LUCY

LUCY helps companies identify potential weaknesses in their cybersecurity. The web-based solution can prevent cyber attacks and hacks before they happen. Easy to set up and use but with powerful reporting and customization features, LUCY is a necessity for any business looking to protect against malware, phishing and “drive-by” attacks. Learn more at http://phishing-server.com.


Previous Post

Get Ready for the New Age of IT Governance

Next Post

4 Clear Messages from the BMS FCPA Enforcement Action

Corporate Compliance Insights

Related Posts

freelance worker on laptop at train station

Stoke Talent Launches AI-Powered Worker Classification Engine

March 5, 2021
hands holding seedling in eggshell

SEC Announces Enforcement Task Force Focused on Climate and ESG Issues

March 4, 2021
SEC emblem on building exterior

SEC Division of Examinations Announces 2021 Examination Priorities

March 3, 2021
cybernetic brain in form of human brain in cyberspace

Strike Graph Introduces First-Ever AI Tech Platform to Automate Security Questionnaires

March 1, 2021
Next Post
4 Clear Messages from the BMS FCPA Enforcement Action

4 Clear Messages from the BMS FCPA Enforcement Action

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights