2023
25 December
Improvements:
The license-allowed maximum phone number information for the company is displayed on the top of the settings page of the Callback Phishing product to improve the visibility of the company’s license options.
The information panel is added to the campaign creation wizard’s target user selection step to inform the system user that users who do not have phone numbers will not receive MFA scenarios in the Phishing Simulation, the Smishing Simulation and the Quishing Simulation products.
The “Instant Report Message” display speed is increased after some performance improvements in the add-in API for the Microsoft Outlook Desktop Add-In.
The whitelabeled company’s login screen is displayed instead of the default one if there is an error in the SAML Provider’s error situations related to the SAML configuration.
The Last Clicked and the Times Clicked column labels are renamed to “Last Scanned” and “Times Scanned” under the Scanned QR Link tab of the campaign details of the Quishing Simulator product.
Platform’s LDAP integration configuration UI now supports BaseDN and Relative DNs for user object searches for better integration with enterprise-wide LDAP / Active Directory-owning customers.
Bug Fixes:
A bug is resolved where customers without a valid Awareness Educator product license get an error message while creating a new phishing campaign in the Phishing Simulator product.
A bug is resolved where the excluded IP address is visible in the reports in the Phishing Simulator product.
A bug is resolved where the recurrences count does not match with the list of recurrences for the multifrequency quishing campaign in the Quishing Simulator product.
A bug is resolved where exported and downloaded excel/pdf file content does not match with the quishing campaign manager’s UI in the Quishing Simulator product.
A bug is resolved where the IP address is not displayed correctly in the IP Restriction field of the editor of Rest API Company Setting.
A bug is resolved where the UI gets stuck instead of displaying an error message while deleting a preselected email template from a phishing scenario if the scenario is used in a campaign in the Phishing Simulator product.
A bug is resolved where “Invalid Dialing Notice” is allowed to be saved empty even though it is a mandatory field in the Vishing Simulator product.
A bug is resolved where an error occurs while applying a filter to a custom field column in the “Add Users o Group” screen of the Target Users manager in the Company Settings.
A bug is resolved where the “Times Submitted” column value does not match with the “Details” popup window’s title in the Quishing Simulator product’s campaign details.
A bug is resolved where users with idle status are not changed immediately to expired if the investigation status becomes expired in the Incident Responder product.
A bug is resolved where the Attachment type of simulations is not listed under the Type search criteria while selecting the scenarios while creating a new Phishing Campaign in the Phishing Simulator product.
A bug is resolved where the target user count does not match with the information displayed in the snack bar while importing target users from a Microsoft Excel file in the platform’s Target Users manager.
A bug is resolved where the MD5 / SHA512 hash filter does not work after Cluster By Subject or Cluster By Reported By grouping is used in the reported emails list in the Incident Responder product.
A bug is resolved where multiple campaigns start immediately for multiple selected scenarios instead of a single campaign handling each scenario in the Phishing Simulator product.
A bug is resolved where an empty tooltip is displayed instead of explaining that “SCIM synced users are not editable” for non-editable target users who are synced by SCIM integration in the platform’s target user manager.
New Features:
Enrolling training to the target users who are successfully quished or smished in a campaign by notifying them via an email now is available in the Quishing Simulator and the Smishing Simulator product.
IP address query against Virus Total’s reputation database is implemented for Virus Total integration of the Incident Responder product.
15 December
Improvements:
An inappropriate technical error message is replaced with a human-understandable error message in case of a reported simulation email not matched with any of the simulations on the platform in the Microsoft 365 Phishing Reporter AddIn product.
Bug Fixes:
A bug is resolved where the Microsoft 365 Phishing Reporter AddIn product displays a “This is a phishing email” modal dialogue instead of a “Delete reported email” confirmation dialogue in case the “delete reported email after reporting” option is selected in the configuration of AddIn.
A bug is resolved where target users’ enrollment status is stuck in the “In Progress” state in case of target user is deleted during training attendance before completing the training in the Awareness Educator Product.
A bug is resolved where target users’ enrollment does not send a Training Completion Certificate in case of target user is deleted during training attendance before completing the training in the Awareness Educator Product.
New Features:
Enrolling training to the target users who are phished in an email phishing campaign by notifying them via email now is available in the Phishing Simulator product.
Physical paper printout quishing with individual mail merged PDF generation for the Quishing Simulator product.
SCORM proxy training delivery artifacts now report to both the Awareness Educator product and the 3rd party LMS while they are running in the 3rd party LMS of the customer.
11 December
Improvements:
The phishing email template editor’s error message is improved to better explain that more than 10,485,760 characters long emails are not accepted by the platform in the Phishing Simulator product.
The smishing text template editor is visually improved by removing large margin whitespace from the left part of the editor.
Adding less than or equal to 25 target users to less than or equal to 5 target user groups now are processed immediately without queuing to prevent the misunderstanding that newly created small-sized companies are not able to start phishing simulation campaigns.
API documentation is fixed to help customers to use “/api/investigations” without error.
Bug Fixes:
A bug is resolved where MS Outlook Desktop AddIn is unable to report the suspicious email from the Archived mailbox.
A bug is resolved where the Status is equal to the “Open” filter does not find any results even though there are many reported emails with Open status in the Incident Responder product.
A bug is resolved where the target users preview does not include the Phone Number column in the target audience selection pane while a new vishing campaign is created in the Vishing Simulator product.
A bug is resolved where the default port is assumed to be 389 instead of 636 for LDAPS protocol in the LDAP integration in the Company Settings.
A bug is resolved where an MSSP gets an “Object reference not set to an instance of an object." error message while trying to start a new campaign for its sub-companies by switching to the context of the sub-company in the Phishing Simulator product.
A bug is resolved where some of the reported emails’ Analysis Source column is empty for the reported emails list in the Incident Responder product.
A bug is resolved where downloading a Phishing Report displays an error in the Reports item of the platform’s main menu.
A bug is resolved where the downloaded report for Phishing, Smishing and Quishing simulations including submitted data scenarios has garbage and obfuscated in the “Submitted Data” column of the report in the Phishing, Smishing and Quishing Simulator products.
A security bug is resolved where search API violates the privacy of companies by returning the data of another company if the OR operator is used at the Filter feature of all table representations all over the platform.
A bug is resolved where URLs wrapped by Microsoft 365 Safelinks are not parsed correctly for malicious sites in the Incident Responder product.
A bug is resolved where the Language column filter does not work for the Landing Page Templates table of the Quishing Simulator product.
A bug is resolved where the Status column’s sort feature malfunctions in the Incident Responder product’s investigation details for found emails table.
A bug is resolved where required fields are allowed to be submitted as empty in the landing pages editor of the Phishing Simulator product.
A bug is resolved where the filter does not work in the tags column of the enrollments table of the Awareness Educator product.
A bug is resolved where the target audience column is not sortable in the Training List table of the Awareness Educator product.
23 November
Improvements:
Domain allow list API endpoint is improved to return positive HTTP status code instead of 404 not found even if there are no tuples to help 3rd party monitoring tools to understand better that everything is okay, only the result set is empty.
The terminology for “Exclude from reports” is changed to “Mark as Test” to be compliant with the other simulator products in the Fast Launch feature of the Phishing Simulator product.
A confirmation dialogue is shown if a sending campaign is tried to be cancelled by the system user to prevent accidental cancels in the Phishing Simulator product.
A confirmation dialogue is shown if an idle campaign is tried to be launched by the system user to prevent accidental launches in the Phishing Simulator product.
An information pane is displayed to inform the system user how many target users will not receive the simulation if their phone numbers are not present while sending MFA scenarios in the Phishing and Smishing simulator products.
Call distribution settings are reorganized to be compliant with the other simulator products in the Vishing Simulator product.
An information pane is displayed to inform the system user how many target users will receive the enrollment of training only via email because their phone numbers are not present while optional enrolling via SMS in the Awareness Educator product.
LDAP Integration Path information now accepts LDAP connection string in Server URL representation format like “ldap[s]://ldapserver[:389]" as well as FQDN hostname.
The report details of the training enrollments now display SMS sending information for the enrollments optionally engaged via SMS message delivery in beside to email delivery.
Bug Fixes:
A bug is resolved when an error message is displayed while a global search is used after the Cluster by Reported by option is selected in the Incident Responder product.
A bug is resolved where analysis is not marked as finished if there is no analysis engine defined in the Incident Responder product.
A bug is resolved where training enrollment email sending does not start if the target users in a target user group are changed just before email sending in the Awareness Educator product.
A bug is resolved where saving a campaign after editing its name fails with an internal server error in the Phishing Simulator product.
A bug is resolved where the status of a training enrollment is stuck as “Not Delivered” status even if it is successfully delivered after the Resend functionality in the Awareness Educator product.
A bug is resolved where parsed URL lists are different from each other when the same email is reported by 3 different Phishing Reporter AddIns.
A bug is resolved where only one user is imported when the search functionality reduces the result set of displayed users into a single user for all users fetched from LDAP.
A bug is resolved where a custom permission role defined by a reseller and shared with its sub-companies is not visible by the sub-company in the platform.
A bug is resolved where the downloaded reports contain encrypted and non-human representations of submitted data values in the Phishing, Smishing and Quishing Simulator products.
A bug is resolved where the analysis source is empty for the emails which are discovered by a playbook in the Incident Responder product.
New Features:
Enrolling training to the target users who are successfully smishied or quished in a campaign now is available in the Smishing Simulator and the Quishing Simulator products.
Training enrollments now have their own names instead of training names to prevent conflicts if the same training is enrolled at different times.
The Incident Responder product now introduces a new functionality that allows to search of emails by MD5 or SHA512 hashes of the attachments included in the reported emails.
10 November
Improvements:
“Social Engineering Summary Report” is released under the Advanced Reports menu.
Some improvements to the Email Threat Simulator product are developed to make it work better, be more reliable, and stronger.
Took out the "NEW" button from the recurrences section in the phishing campaign instance view because it's meant for creating instances of campaigns, not recurrences in the Phishing Simulator product.
The warning messages are improved to better clarify and guide the user if there are no marked as default email notification templates for the first enrollment, reminder and certificate delivery notification email templates in the Awareness Educator product.
Some Canada region phone numbers are added to the platform to use with the Smishing Simulator product, the Vishing Simulator product and the MFA Phishing Scenarios in the Phishing Simulator product.
LDAP integration’s LDAPS protocol definition is improved by adding support to standard “ldaps://ldapserver:636” like URL schemed LDAP connection strings.
Switch Company feature for reseller companies now better performs case-insensitive searches for the Turkish language.
The company brand logo has been changed to match the latest one in the Swagger API documentation.
The reported email trend graphic in the dashboard is improved to prevent dots from overlapping if the numbers are many.
Microsoft Exchange connectivity library is advanced to the latest version to better support the latest Microsoft Exchange servers for the Incident Responder product.
URL modified by the Safelinks security feature of the Microsoft 365 platform now is resolved to its original URL and the original URL is being analyzed by the Incident Responder product.
The Text to Speech provider access is retried for the second time within 3-second timeout to give it a second chance to recover and not break the current conversation in the Vishing Simulator product.
Bug Fixes:
A bug is resolved where submitted data does not persist if the MFA Scenario is engaged in the Phishing and Smishing Simulator products.
A bug is resolved where the status column lists “Moving to trash” even if the action is selected as “delete email”.
A bug is resolved where the MFA Code option is displayed disabled even if there is at least one MFA Code Submission human behaviour for the campaign resend action in the Phishing Simulator product.
A bug is resolved where the UI does not transition to the enrollments page if the “Training delivery for your LMS” option is enabled during the enrollment of a training.
A bug is resolved where the excluded domains containing dash and underscore characters are being analyzed by the Incident Responder.
A bug is resolved where reporters are not stored for the Direct Email Creation (DEC) for Microsoft 365 feature users who report suspicious emails with the Phishing Reporter AddIn.
New Features
The new product, Quishing Simulator, is now available. It allows our customers to simulate QR Code based social engineering attacks through emails.
Submitted data is stored in the platform as manipulated and masked to protect the privacy of the target users by default. We delivered a functionality for pentester partners that gives the power to store the target users’ submitted data encrypted but reversibly displayable. This option is enabled only for companies who would like to store their target users’ submitted data reversibly encrypted in the Company Settings / Privacy / Data Privacy configuration. This option can only be enabled by the company itself, not by the support representatives. The other companies continue to store the data irreversibly masked.
The reseller companies are now able to give permission to their sub-companies to access the training of the external vendors as a self-service during sub-company creation or editing the existing sub-company if the license option permits without getting help from the account manager.
AI voices in the Vishing Simulator product’s Vishing Templates are now previewable through the UI of the product during editing of the templates, selecting templates for a campaign, displaying templates in the campaign details, etc.
25 October
Improvements:
The scheduled start time is prefilled with the current date time and user preferences’ time zone settings during the edit of the campaign in the Phishing Simulator product.
Unknown characters are stripped out from the target users’ phone numbers to reformat them to make them usable by the telco providers.
Bug Fixes:
A bug is resolved where LDAP target user synchronization does not update phone numbers after the first synchronization in the platform’s target user management module.
A bug is resolved where the date time is displayed as 01/01/1970 for the report details for a campaign which is scheduled for the future in the Phishing Simulator Product.
A bug is resolved where “start time” is displayed word wrapped in the Apple Safari browser in the Phishing Simulator product’s new Campaign wizard’s schedule date time pane.
A bug is resolved where the Time Zone is displayed as UTC instead of the system user’s preferred time zone, but the preselected date time is displayed in the browser’s default time zone in the Phishing Simulator product’s new campaign wizard’s scheduled date time pane.
A bug is resolved where the time zone for the date time is double calculated and shows the wrong time in the Start Date column of the enrollments table for the Awareness Educator product.
A bug is resolved where a button disappears from the editor if the label of the button is completely deleted in the WYSIWYG HTML Editor, now it displays “No Label” instead of disappearing.
A bug is resolved where the Last Sending Status is fixed to “Not Delivered” even though the enrollment is resent to that user successfully.
New Features
Enrolling training to the target users who are successfully phished in a phishing campaign now is available in the Phishing Simulator product.
9 October
Improvements:
Sorting by the description column functionality is removed from the training list since it is useless in the Awareness Educator product.
Resend functionality in the Awareness Educator product now able to function for “No Response, Exam Results, Progress, and Sending Report” kind of target user lists.
The Vishing Simulator product now waits a shorter amount of time to detect more digits than the expected digits input.
Automatic checking of successfully delivered attack vectors within the target email address is now checked in all the mailboxes instead of only inbox in the Email Threat Simulator product.
Successful completion of the exam award certificate is visually aligned in the Awareness Educator product.
Multilingual trainings are shown at the top to easily identify them if the training list is filtered by language column with multiple languages selected filter.
Microsoft Outlook Desktop add-in is improved to report suspicious emails with a DLP-compatible method to help DLP solutions successfully check the reported emails.
The Date Created column is added to the exported XLS/PDF file of the training list.
The warning dialogue informing the system user that there is no default certificate for the company now explains the situation and directs the system user with a better understandable message.
The sorting feature of the Scan Status column is removed from the investigations table of the Incident Responder product.
Verify domain icons are aligned vertically in the Allowed Domains settings view of the company.
The phishing reporter settings page responding with “HTTP 404 NOT FOUND” status code during phishing reporter addin generation is changed to “HTTP 200 OK” to support better integration with 3rd party monitoring tools to indicate that there is no error, the progress continues and the result is still empty.
Text message length of 160 characters limit is now checked omitting merge tags to help system users to use more characters in the short message text templates.
Company LDAP Settings page responds with “HTTP 404 NOT FOUND” status code if there is no configured LDAP setting is changed to “HTTP 200 OK” to support better integration with 3rd party monitoring tools to indicate that there is no error, the settings page is empty.
Bug Fixes:
A bug is resolved where the user count is different than the selected user count in the enrollment reports bulk operations feature in the Awareness Educator product.
A bug is resolved where the opened email count in the card of enrollment report displays the wrong number after the resend functionality is used in the Awareness Educator product.
A bug is resolved where custom role creation fails with “permission resource id is invalid” for system users who try to assign permissions for resend functionality of the Awareness Educator product.
A bug is resolved where the deletion of the reseller company causes inconsistencies for the sub-companies of the deleted reseller company.
A bug is resolved where exam results are not shown for the target users who attended the exam with the link provided by the resend functionality of the Awareness Educator product.
A bug is resolved where the frequency schedule display window shows invalid formatted date time values in the Phishing Simulator product’s create a new campaign summary page.
A bug is resolved where the results column is filtered to match the undetected value and does not show in-analysis status rows.
A bug is resolved where the “Email failed to send” item is missing in the pie chart of creation of enrollment by phishing campaign results in the Awareness Educator product.
A bug is resolved where pie chart items are inappropriate if the attachment method of phishing is used in the creation of enrollment by phishing campaign results in the Awareness Educator product.
A bug is resolved where the “Submitted data” and “Email failed to send” items are missing if the “Data Submission” method scenario is selected in the creation of enrollment by phishing campaign results in the Awareness Educator product.
A bug is resolved after editing of an enrollment fails with the error “date time is invalid” in the Awareness Educator product.
A bug is resolved where the frequency is displayed empty instead of one-time if the phishing campaign is Fast Launch in the Phishing Simulator product.
A bug is resolved where the Clicked tab is missing in the campaign reports summary page of the Phishing Simulator product.
New Features
Direct Email Creation now supports email distribution settings like send immediately, send in the selected business days and hour ranges and bulk sending limits.
A new Schedule and Distribution feature is added to the Phishing Simulator product.
The Awareness Educator product now optionally supports sending training enrollments over SMS as well as email.
The Smishing Simulator now support multiple scenarios in a campaign, multi-frequency smishing simulation in a campaign like the Phishing Simulator product has.
22 September
Improvements:
The multifrequency scenario schedule display window is visually improved in the campaign creation summary page of the Phishing Simulator product.
The scenario name is now displayed for each target user row in the exported report of the Phishing Simulator product.
Supported subdomain count for Attachment type of scenario phishing domains is increased in the Phishing Simulator product.
Some new caller local Türkiye phone numbers have been added to the Vishing Simulator product.
SIEM Integration worker process is completely separated from the platform and now has its own standalone working environment to increase performance and to be compliant with some of the regulations.
All the content for Phishing, Smishing, and Vishing simulators is now made available for all companies.
The "Date Created" column is added to the training list table (by default added as hidden) in the Awareness Educator product.
Multilanguage training now is easily identifiable with the help of an improved filtering feature in the Awareness Educator product.
Bug Fixes:
A bug is resolved where editing of an existing Smishing Campaign does not bring the target user group preselected with the previous values in the Smishing Simulator product.
A bug is resolved where the evaluation and calculation of attack vectors containing emails delivered to mailboxes other than the inbox are not calculated correctly in the Email Threat Simulator product.
A bug is resolved where an MFA scenario was sent to target users who did not have a phone number in the Phishing Simulator product.
A bug is resolved where the reminder end date is displayed differently on the enrollment details page compared to the selected end date at the enrollment creation page in the Awareness Educator Product.
A bug is resolved where “delivery start - end” information is displayed incorrectly for scheduled multifrequency recurrences of the phishing simulation scenario deliveries in the Phishing Simulator product.
A bug is resolved where the training list export result does not match with the UI’s training list table in the Awareness Educator product.
A bug is resolved where filter functionality on the “tags” column of the training list table does not work properly in the Awareness Educator product.
A bug is resolved where filter functionality causes issues in the "Email Delivery" column of the Campaign Manager page in the Phishing Simulator product.
A bug is resolved where “Clicked Link” tab is not visible in the campaign report of the Phishing Simulator product.
A bug is resolved where the MFA Code Submission popup window is displayed broken when it is combined with some of the Phishing Landing Page templates.
A bug is resolved where system users with company admin roles are unable to start a Phishing Campaign in the Phishing Simulator product.
A bug is resolved where the scroll page functionality does not work properly for some of the previewed templates in the Phishing Simulator product.
A bug is resolved where the count of MFA scenario responders at the report summary and resend widget don’t match.
A bug is resolved where search functionality does not properly in the Data Submit tab of the phishing campaign report in the Phishing Simulator product.
A bug is resolved where a search failed for custom fields in the Vishing Simulator product’s report pages.
A bug is resolved where the vishing campaign reports’ Users tab’s last two columns are frozen and not scrollable in the Vishing Simulator product.
A bug is resolved where the Last Name column is not frozen even if it is selected to be a frozen column in the Vishing Simulator product.
A bug is resolved where the second column is frozen if only the first column is switched as a frozen column.
A bug is resolved where validating an allowed domain sometimes fails with the error “Nullable object must have a value.” in the platform Company Settings module.
New Features
The platform now enables resend functionality in the Awareness Educator product.
8 September
Improvements:
SCIM Integration now syncs and manages target users’ phone numbers as well as other fields.
Save functionality of the Edit component of Reported Emails in the Incident Responder product is improved to make users feel that changes are committed successfully.
Internal development version information is implemented in the Outlook Desktop AddIn and the Diagnostics Tool products to improve support engineers’ productivity.
An auto investigation is limited to run 300 parallel auto investigations on each defined platform like Microsoft 365, Google Workspace, and Exchange Web Services to protect the mailing platform from high demands.
Investigation delete action now drops all waiting delete requests from the queue if the investigation is cancelled to ensure that it is completely cancelled.
Bug Fixes:
A bug is resolved when exporting the “sent attacks” page listing in the report of the Email Threat Simulator product.
A bug is resolved where some users’ Outlook Desktop AddIn is not started during Outlook Startup even if it is marked and monitored by the Diagnostic Tool by iterating the corresponding Windows registry configuration for each user profile on the workstation.
A bug is resolved where the text message template and landing page template are not preselected during the edit of the Smishing Scenarios.
A bug is resolved where the scenario name filter is not working in the Smishing Simulator product’s reports.
A bug is resolved where target user selection behaves like it is not selected even if it is actually preselected during duplication for the phishing campaign.
New Features
The platform currently enables the delivery of multiple Phishing Simulations to target users via a pre-scheduled Phishing Campaign at specified intervals aka Sending Frequency.
25 August
Improvements:
Azerbaijan language support is added to the Phishing Simulator and Smishing Simulator products’ text, email, and landing page templates.
The notified email template now is sent with the company’s local timezone instead of UTC in the Incident Responder product.
An error message is displayed if background requests are not responded to within 5 seconds by the server to raise the awareness of the user about slow network issues between the front-end and back-end communication.
New merge tags {CURRENT_DATE}, {CURRENT_DATE_PLUS_10_DAYS}, {CURRENT_DATE_MINUS_10_DAYS}, {RANDOM_NUMBER_1_DIGIT}, {RANDOM_NUMBER_2_DIGITS}, {RANDOM_NUMBER_3_DIGITS} are introduced for Phishing Simulator, Smishing Simulator, Vishing Simulator products and for Landing Pages.
“Invalid input message” is vocalized to users who enter more than expected digits in the Vishing Simulator product.
A predefined limit with value 3 parallel investigation tasks is implemented for Outlook Desktop Add-In Phishing Reporter product to protect Workstations from resource outage because of aggressive parallel investigation tasks.
Several enhancements have been made to boost the overall platform's performance.
Bug Fixes:
A bug is resolved where delete report icon is disabled and delete report action is inoperable in the Phishing Simulator product’s reports page.
A bug is resolved where notification email is not sent to reporter user if “mark as undetected”, “mark as malicious”, “mark as phishing” options are selected and “notify to reporter” action is configured in the playbook of the Incident Responder product.
A bug is resolved where editing of reported email attributes are not saved if the tags field is leaved empty in the Incident Responder product.
A bug is resolved where SCORM 2004 proxy packages fire some annoying error popup messages about missing SCORM parameters on the 3rd party LMSes.
A bug is resolved where SCORM 2004 proxy packages expects student_id parameter in a wrong way instead of learner_id.
A bug is resolved where the filter by “Campaign Name” column functionality is not working properly in the Phishing Simulator product’s campaign report page.
A bug is resolved where the sort by “Create Date” column functionality is not working properly on the Vishing Simulator product’s Vishing Templates page.
A bug is resolved where an error is displayed if “Bosnian (Bosnia and Herzegovina)” language is selected in Vishing Templates search panel during a Vishing Campaign creation in the Vishing Simulator product
A bug is resolved where the search fails with “column ‘name’ does not exists” error message in the Phishing Simulator product’s report page.
A bug is resolved where the phone call is hung up eventually without warning the user if the user does not respond to an input prompt in a meantime in the Vishing Simulator product.
A bug is resolved where the “invalid input message” was vocalized with a different language model than the Vishing Template configured in the Vishing Simulator product.
A bug is resolved where inactive analysis engines continue to analyze the components of reported suspicious emails in the Incident Responder product.
New Features
The platform now includes integration with AnyRun sandbox, enabling customers with a subscription to AnyRun to analyze the attached files and URLs in reported suspicious emails.
9 August
Improvements:
Resend vector icon is replaced with an improved one to utilise crisper and clearer rendering by Apple Safari browsers.
If the previous attempt encountered an error, the scheduling of a vishing simulation call is adjusted to take place within the next 3 minutes.
Loading performance is improved when grouping the reported emails by the “Reported By” field of the “Clustered By” feature of the Incident Responder product.
Language information is displayed for the scenarios while displaying the scenario list during the campaign creation process of the Smishing Simulator and Phishing Simulator products.
Custom target user fields are now displayed in the Phishing, Smishing and Vishing reports and reports are exported as excel / pdf files.
Enhancements to the Incident Responder product have led to improved performance.
Migrating the Microsoft 365 Add-In from Microsoft 365's Rest API to EWS SOAP API due to the deprecation of Rest API by Microsoft.
Bug Fixes:
A bug is resolved where the exam scores for target users are displayed wrong if the SCORM content has the ability to restart the exam from scratch in the Awareness Educator product.
A bug is resolved where a phishing campaign creation is blocked with an error message “at least a user must be in the selected target group” even if there is a user in the newly created target users group in the Phishing Simulator product.
A bug is resolved when a system user with a custom access permission role hits a permission denied error message during the creation of a new phishing campaign even if he/she has phishing creation permission set in the Phishing Simulator product.
A bug is resolved where filtering is not working on the scenario name column in the sending report page of the Smishing Simulator product’s report details.
A bug is resolved where filtering is not working on the phone number column in the sending report page of the Smishing Simulator product’s report details.
A bug is resolved where details of a deleted SCORM Content training are not shown in the Trash tab of the Awareness Educator product.
A bug is resolved where an invalid number is displayed for the target user count of the “Email failed to send” field in the resend feature of the Phishing Simulator product.
A bug is resolved where the reported email’s attachment name is not the subject of the actual reported email, instead, it is the subject of the report notification email’s subject in the Outlook Desktop Add-In product.
A bug is resolved where sorting is not working for some columns (category, target user, status) in the Awareness Educator product’s enrollments page.
New Features
A new switch mode is introduced for the transition between “listing all sub-companies” and “filtered listing of sub-companies by at least 3 characters typed” for reseller companies to protect sub-companies' privacy on switch company feature.
{FULLNAME}, {FIRSTNAME}, {LASTNAME}, {COMPANYNAME} merge tags are now available for Smishing Text Templates.
{FULLNAME}, {FIRSTNAME}, {LASTNAME}, {COMPANYNAME} merge tags are now available for Vishing Text to Speech Templates.
24 July
Improvements:
A typo error for an error message while displaying if the system user omits the mandatory merge tag “{PHISHINGURL}” in the text message template in the Smishing Simulator.
Advanced Reporting page is visually improved to support multiple reports presentation.
The resolution of the “resend” icon for Safari browsers has been enhanced to provide a crystal-clear visualisation in the Phishing and Smishing Simulator products.
Report load time is improved for the Phishing and Smishing Simulator products.
Text to Speech voice representation tags are separated by Language (Accent) + Voice Model in the Vishing Simulator product.
Field character limits are increased from 64 characters to 256 at the Target User and Target Group modules of the platform to be aligned with SCIM integration limits.
Phone call distribution is reimplemented to align all the calls back to back with a couple of minutes delay in the Vishing Simulator product.
Calling phone numbers are alphabetically ordered and the phone number group of the Company’s origin country is displayed first to help Companies to access their local numbers easier.
The Vishing Simulator product now shows a historical display of each resend action for the calls.
During template selection for a new campaign preparation in the Phishing, Smishing, and Vishing Simulator products, the company's preferred language is now prioritised and displayed first.
To prevent system users from accidentally writing or pasting a domain name containing invalid characters, a domain name validation feature has been implemented.
Bug Fixes:
A bug is resolved where “not responded” status is displayed instead of “Calling Error” status for incomplete phone numbers in the Vishing Simulator product.
A bug is resolved where the online payment system fails to complete the purchase because of an integration parameter change.
A bug is resolved where Voice Model names are displayed in the Language list at the Vishing Simulator product.
A bug is resolved where Microsoft Exchange investigation is unable to find some of the emails because of a timezone issue.
A bug is resolved where distribution calculation is wrong if a single target user is selected for simulation campaigns in the Phishing and Smishing Simulator products.
A bug is resolved where the MFA Submission popup window appears before collecting data for Data Submission phishing methods for the double page landing page designs in the Phishing and Smishing Simulator products.
A bug is resolved where VirusTotal integration is not working properly.
A bug is resolved where suspicious email reporting fails for some UTF-16 encoded email in the Phishing Reporter.
New Features
A new advanced report “Phishing Activity Reports” is introduced in the platform.
The platform now introduces account privacy, granting companies control over the support representative access policy.
The exported PDF/Excel files of training results now include individual scores for multiple quiz attendances.
The platform has been enhanced to enable MSSP resellers to create Phishing and Smishing campaigns on behalf of their sub-companies.
7 July
Improvements:
A typo error for “continuous” word is fixed in the Email Threat Simulator Product.
A new logo for the Smishing Simulator Product is introduced and replaced with the old one.
Text message templates are now shared with sub companies with the help of “Make Available For” feature in the Smishing Simulator Product.
The data collected via Data Submission Phishing Scenarios are stored and displayed masked to protect privacy of the phished target users.
Exchange Web Services integration now supports AND/OR operators for top level filtering in the Incident Responder Product.
UI of Voice selection is improved and easy to select desired Voice by separating Language and Voice model in the Vishing Simulator Product.
Turkey phone numbers are added to deliver SMS messages from Turkey prefixed numbers to customers located in Turkey for Smishing Simulator and MFA Phishing Methods.
Cyber-X Ray analysis engine is improved to classify analysis results with null or empty string return from Cyber-X Ray as Undetected.
Direct Email Creation consent creation for companies which use whitelabelling feature are now available in the platform.
Bug Fixes:
A bug is resolved where training enrollments of sub companies of resellers are displayed under reseller company context in the Awareness Educator Product.
A bug is resolved where target user selection by phishing campaign human behaviour results for a training enrollment was broken in the Awareness Educator Product.
A bug is resolved where permission denied error is displayed while trying to play SCORM Proxy training content package on a 3rd party LMS in the Awareness Educator Product.
A bug is resolved where download package action is displayed for all kind of enrollments.
A bug is resolved where the vishing template column width is too narrow and unable to display the template name in some sort of low resolution displays in the Vishing Simulator Product.
A bug is resolved where alphabetical ordering is not working for the Category column of the training list in the Awareness Educator Product.
A bug is resolved where the user count with no response status is displayed as 0 for the phishing campaigns resend to no response statused users feature in the Phishing Simulator Product.
A bug is resolved where landing page previews are unable to scroll down the content in some cases.
A bug is resolved where all kinds of training enrollments have “Download Package” is now restricted to only “SCORM Proxy” type of training Enrollments in the Awareness Educator Product.
A bug is resolved where target users are duplicated and receive multiple times of the same Phishing and Smishing Simulation attack emails after editing instances of Phishing or Smishing campaigns.
A bug is resolved where the email / sms delivery distribution calculation message is irrelevant in case of single target user selection situations in the Phishing Simulator and Smishing Simulator products.
A bug is resolved where MFA Scenario displays MFA Code Submission popup window in the first page of Data Submission phishing scenarios with 2 landing pages, now it is displayed prior to the last page display.
A bug is resolved where access permission definitions for some parts of Smishing Simulator product are grouped under No Name hive.
A bug is resolved where Outlook Desktop Add-In is unable to send reported email as an attachment to Cc and Bcc recipients.
18 June
Improvements:
A situation that creates the perception that the simulation does not start has been improved when too many target user groups are selected during phishing simulation creation.
The platform’s main menu items are reordered to present the different simulation products together.
Advanced reporting is visually improved by hiding unnecessary tabs, expanding the fields to display the whole numbers, etc.
Security of the platform is enhanced by applying improved encryption in configuration files.
The system users who are able to log in into the platform with their credentials are now warned with a meaningful warning message that briefly explains why they will not be able to use the platform if license is expired, their company is inactive, or their account is inactive.
Bug Fixes:
A bug is resolved where the phishing simulation reports table is not default sorted by Date Created column while it is opened for the first time.
A bug is resolved where the target users count is displayed as 0 if different sub company target users groups are selected by the reseller system users while enrolling awareness training for their sub companies in MSSP model way of usage in the Awareness Educator product.
A bug is resolved where an internal server error is thrown while defining a filter based on the date created field in the Incident Responder product’s Integrations module.
A bug is resolved where the “X-Anchor Mailbox Header” checked option is not saved while saving Mail Configuration for EWS in the Incident Responder product.
New Features:
The platform now allows customers to deliver Awareness Trainings as SCORM Cross Domain files to their third party Learning Management Systems from the Awareness Educator product.
The platform now introduces a new phishing simulation product named Smishing Simulator to give the ability for customers to deliver phishing attack simulation through Short Message System (SMS) of mobile operators.
A new phishing scenario method Multi Factor Authentication (MFA) is introduced to give the customers more sophisticated phishing simulations in the Phishing Simulator and Smishing Simulator products.
Platform now introduces more realistic voice models as artificial intelligence driven Text to Speech in the Vhishing Simulator product.
30 May
Improvements:
Platform’s common terminology is improved by changing “URL” wording to “Link” at the Clicked tab of Phishing Simulation Report Details page.
“Vishing” product name is changed to “Vishing Simulator” to make it compatible with the other Simulator products of the platform.
Bug Fixes:
A bug is resolved where the recent campaigns widget becomes empty after a click on a campaign at the Dashboard’s Recent Campaigns widget.
A bug is resolved where the Job Details table shows duplicate empty rows for each single not imported target user row.
A bug is resolved where difficulty level is shown as easy instead of hard for attachment method phishing scenario email templates which are created with difficulty level hard.
A bug is resolved where multiple phishing scenario preview tab headers are visually broken at the Phishing Simulator Report Detail Preview page.
A bug is resolved where search for phishing campaigns at the Awareness Educator’s “Send Training by Campaign” feature dumps an error message instead of filtering the campaigns.
A bug is resolved where invalid input error message is displayed while launching a campaign with multiple phishing scenarios count is more than the number of selected target users.
A bug is resolved where delivery of a phishing simulation email logs are displayed unordered in the Phishing Simulator Product.
A bug is resolved where multiple records are saved at Allowed Domains list if adding a new domain editor’s SAVE button is clicked multiple times instantly.
A bug is resolved where calculated target group count for selected target groups are not equal to the total target groups count at the pagination label Target Audience selection at creating a new Phishing Campaign or creating a new Vishing Campaign.
A bug is resolved where the NEXT button occasionally becomes disabled if all the groups are selected during creation of a new Phishing Campaign.
New Features:
Reseller companies’ system users now are able to mark the domains of their sub companies as verified.
19 May
Improvements:
The Vishing Templates with the same language as the company’s preferred language now are displayed first in the Vishing Simulator Product.
An error message is changed from "Plugin already exists" to “Attack vector already exists” in the Email Threat Simulator Product.
Main domain prerequisites now are displayed in detail to guide the system user how to configure CNAME record on their DNS in the Company Settings’ White Labelling feature.
Bug Fixes:
A bug is resolved where selecting target groups for a phishing campaign fails with a network error in the Phishing Simulator Product.
A bug is resolved where selecting target groups displays a warning message informing that there are target users with unverified domain names for the selected target groups even if there is no unverified domain names in the target users list in the Phishing Simulator Product.
A bug is resolved where training enrollment starts with no users if the selected target groups contain only inactive users or active users with unverified domain names in the Awareness Educator Product.
A bug is resolved where the {OWNER} merge tag is replaced with an email address instead of name and surname for notification email templates while reporting suspicious email and while processing a playbook.
A bug is resolved where target users eventually disappear when they are synced through an LDAP configuration containing multiple email domain names evaluation rules with OR operator in the target users management module.
A bug is resolved where investigation is not able to find the emails if the reported emails contain multiple URLs that are evaluated with AND operator in the Incident Responder Product.
A bug is resolved where search filters for name, language, and difficulty level don’t work at the Vishing Templates selection step of a new Vishing Campaign creation process in the Vishing Simulator Product.
A bug is resolved where the sorting by date created feature does not sort results as expected in the Campaign Reports of Reports.
A bug is resolved where the UI gets stuck while uploading multiple trainings with different languages in the Awareness Educator Product.
A bug is resolved where the status of target users which are rejected to be inserted or updated are stuck as “Waiting” even if the target user import job is finished.
A bug is resolved where sending status is not updated even if the phishing simulation email is already delivered to the target user.
New Features:
The Phishing Simulator Product introduces a new feature that allows applying phishing scenarios randomly for each target user during execution of a phishing campaign if multiple phishing scenarios are selected during campaign creation.
28 April
Improvements:
The Vishing module customers from Türkiye now have the ability to make vishing simulation calls from Türkiye originated MSISDN phone numbers.
Verification reasons for Verified domains marked as “by Primary Domain” are renamed to “as Primary Domain” to avoid misunderstandings in the Domain Allow List feature.
Current primary domains of all customers are marked as Verified with “as Primary Domain” reason for all the companies in the platform, because it is the default behaviour of our platform during company creation.
Bug Fixes:
A bug is resolved where error code 500 is thrown while editing a target user by changing the letter case but keeping the value the same for the email field only.
A bug is resolved where an error “domain already exists” is encountered when a company system user tries to add a new domain to their Domain Allow List.
A bug is resolved where the details popup window is not displayed for the Awareness Educator’s Enrollment’s reports.
A bug is resolved where unable to save IBM-X Force integration configuration in the Incident Responder module.
A bug is resolved where automatic evaluation of successful attack vector deliveries fail to mark the attack vectors with correct status and result indicator, where this causes all of them to reside in “in progress” status but marked with “success” results in the Email Threat Simulation module.
A bug is resolved where sometimes new attack vector upload tasks fail with an error in the Email Threat Simulation module.
A bug is resolved where enrolled training is still in “Sending” status even if it is completed by the target user in the Awareness Educator module.
A bug is resolved where unable to import target users via LDAP integration in some situations while using the LDAP search feature.
A bug is resolved where error is thrown while searching for an email in the details page of a phishing simulator’s reports.
A bug is resolved where unable to show Error status for a phishing campaign that failed to send phishing emails to whole recipients.
A bug is resolved where the status of a phishing campaign’s status remains in Processing state even if all the target users have Delivered statuses.
A bug is resolved where the details of a phishing email sent report shows irrelevant statuses.
A bug is resolved where some job details statuses are marked as an empty status during target user import job.
A bug is resolved where different filters are generated for the reported suspicious emails by Microsoft 365, Google Workspace and Microsoft Outlook Desktop add-in while expecting them to behave in the same way.
A bug is resolved where the label “Show Confirmation message when reporting email” has a misspelled word "messsage" which is fixed by changing it to "message".
New Features:
Unattended uninstaller is developed and delivered with the Phishing Reporter Diagnostics Tool install base.
Unattended uninstaller is developed and delivered with the Phishing Reporter Microsoft Outlook Desktop Add-in install base.
Owner column is added to the view of found incidents after investigation of the Incident Responder to display in which email box the incident is found.
13 April
Improvements:
A new column named as Verification is added to the Domain Allow List table to clarify the verification method of the verified domains.
In Virus Total integrations of Incident Responder, now it is possible to define a minimum threshold for the number of positive findings to decide whether an investigation is malicious or not.
Bug Fixes:
A bug is resolved where the Phishing Reporter add-in customization fails to save a custom message for “Turn off email forwarding for reported Phishing Simulation Emails” configuration item for the first time it is configured.
A bug is resolved where a text to speech (TTS) step editor in the Vishing Module fails to update TTS messages shorter than 500 characters and displays error message "The property Text can not be more than 500 characters".
A bug is resolved where searches fail if there is a custom field definition in the Target User table.
A bug is resolved where the “Send calls over” property shows 7 weeks instead of 1 week at the Distribution section during edit of a Vishing Campaign.
A bug is resolved where the Landing Page Templates navigator could not scroll the displayed template when it showed the last template and returned to the previous ones.
New Features:
Platform now introduces the new Direct Email Creation feature for Microsoft 365 customers simulating phishing to create phishing simulations emails directly in the mailboxes via Microsoft 365 API.
Inactive target users are now really inactive, they will not receive phishing simulation emails, training enrollments and vishing simulation calls anymore.
Platform now warns the system users while choosing target users for training enrollment and phishing simulation if the selected target users have unverified domains.
Platform now warns and prevents the system users to start a new email threat simulation targeting the email address which belongs to an unverified domain.
The first created system user’s email domain of a newly created company is added to the Domain Allow List as verified domain with “Verified by Primary Domain” rule.
29 March
Improvements:
The Incident Responder module’s playbook rule editor is improved by allowing one and two characters long filename extensions in the filter.
The statuses are visually improved and standardised in the Enrollments screen in the Awareness Educator module.
“if analysis results” label is visually improved to lay on the same baseline with the nearby operands or operators in the rule editor in the Incident Responder module.
Bug Fixes:
A bug is resolved where importing target users from a Microsoft Excel or CSV file fails for the target users already existing in the list with the same email address but mismatching character case.
A bug is resolved where the Vishing Module is not usable for the reseller companies because of permission issues even though the Vishing Module is available for the sub companies.
A bug is resolved where investigation finishes earlier than expected without iterating all inboxes on Microsoft 365 service in the Incident Responder module.
A bug is resolved where the Phishing Reporter Outlook Desktop Add-In creates a duplicate copy of reported email in the reporting user’s inbox if “Turn off email forwarding” option is selected.
A bug is resolved where the Phishing Reporter Outlook Desktop Add-In continues to send email to the SOC team the reported email even though “Turn off email forwarding” option is selected.
A bug is resolved where system users with permission to view exam results are unable to view the exam results in the Awareness Educator module.
A bug is resolved where system users without “Company -> Notification Templates” permissions see ambiguous error messages like [object Object] are now able to view “no permission to access resource” error messages.
A bug is resolved where method and language filters do not work at the training list enroll new training screen in the Awareness Educator module.
A bug is resolved where search action fails with error 500 during Target User import from a file on field mapping page.
A bug is resolved where notification is not sent for Mark as Phishing, Malicious or Simulation is selected and notify action is added to the playbook.
New Features:
Import or create new Target Users feature now warns the system user to validate the email domains which are newly introduced during import target users from file, create a new target user or automatically create target users via SCIM integration.
Manual investigation rule editor’s top level boolean operator now can be switched between AND and OR in the Incident Responder module.
URL’s modified in the reported suspicious emails by the customer’s Forcepoint sandbox tool now are resolved and the original URL is sent to analysis, instead of Forcepoint’s modified URL.
URL’s modified in the reported suspicious emails by the customer’s Symantec sandbox tool now are resolved and the original URL is sent to analysis, instead of Symantec’s modified URL.
The Phishing Simulator accumulates email sending logs into a MongoDB instance and shows the sending report related to the target user’s email sending report from MongoDB.
The Phishing Simulator Open Email and Click Link actions are now evaluated according to robot User Agents and marked as a sandbox activity to distinguish user behaviour from sandbox robot actions.
12 March
Improvements:
Improved discovery of URLs within a reported suspicious email in Phishing Reporter.
Improved encryption of email itself and attachments of the reported suspicious email in Phishing Reporter.
Validation error message is detailed if the target user group is not selected during Phishing Campaign, Vishing Campaign creation and Awareness Educator Training enrollment.
Attachments of reported emails are now downloaded as password protected ZIP files to protect them from client security solutions for further investigation.
Tables that overflow their modal window containers are visually improved to fit in the container window.
Auto detected harmful URLs, IP addresses, files are now automatically added to Incident Responder’s auto investigation rule filters.
Bug Fixes:
A bug is resolved where auto investigation contains duplicate criterias in the auto generated filter.
A bug is resolved where Awareness Educator enrollments’ Users table contains empty status fields.
A bug is resolved where submitted data statistics are always shown as 0 for “click link” type of phishing scenarios at Awareness Educator’s enrol training by phishing campaign screen.
A bug is resolved where target user import from Excel spreadsheet fails if the data contains previously imported users.
A bug is resolved where the auto analysis rule filter is generated empty at the Incident Responder module in some conditions.
A bug is resolved where auto investigation at Incident Responder module does not start for multiple criterias.
27 February
Improvements:
Online payment system now notifies new customers with more relevant "you are welcome" email.
Phishing Campaign Reports now show the relevant phishing scenario type within the Method column in the product’s UI and exported report.
Column Category title is changed to Method within email templates listing of Phishing Simulator to establish platform wide stable terminology.
Phishing Reporter Plugin now attaches the reported suspicious email to the wrapping reporting email with the subject of the actual reported email.
A meaningful error message is displayed if the target user group is not selected in the Vishing module.
Incident Responder’s Investigations now shows the name of the play book at the details page’s TRIGGER field as the same as it shows on the Trigger column of Investigations list.
Phishing scenarios, phishing landing page, phishing email template tags are now visible for tenant companies of reseller companies.
Bug Fixes:
A bug is resolved where reports exported to PDF / Excel files have 0 count for opened attachments scenarios within the Campaign Reports module.
A bug is resolved where the status filter shows only Stopped enrollments even if Stopped, Sending, Error ones are selected altogether at the status filter within the Awareness Educator module.
A bug is resolved where Microsoft 365 integration connection test fails on empty testing inbox within the Email Threat Simulator.
A bug is resolved where malicious attachments cause false positive matches within the auto investigation feature with filtering attachment’s extension, and pure attachment name in the auto generated filter within the Incident Responder module.
A bug is resolved where the UI is getting stuck while clicking on “What is new?” link at Resource Center.
A bug is resolved where pagination total numbers are not equal to the total number of incidents in the Threat Sharing module.
A bug is resolved where the “Rows per page” label overflows its container in the Company Group of Companies page.
9 February
Improvements:
Improved performance of the heartbeat service of the Outlook Desktop Add-in.
Status and Result columns are centered to visually improve the Email Threat Simulator’s Scans page.
Country name is displayed at the right of the caller numbers list in Vishing Module’s Create a new Vishing Campaign page.
Today and yesterday shortcuts are added to the date range picker component of the manual investigation of the Incident Responder.
Phishing Reporter’s Diagnostic Tool now able to run on clients that has broken Microsoft Office installation which does not have proper Microsoft Windows’s Registry Key that indicates the location of Microsoft Office installation.
Phishing Simulator’s Email Notification Template Editor now offers Sans-serif font family selection of the browser’s default Sans-serif font.
Bug Fixes:
A bug is resolved where emails in Microsoft Office 365 mailboxes containing threats are not able to be notified by the notify action of a playbook in the Incident Responder module.
A bug is resolved where target users are not able to be added into a target users group with an error 405.
A bug is resolved where a downloaded Microsoft Excel report of a Data Submission type Phishing Campaign Report does not show correct statistics for the Submitted Count column.
A bug is resolved where the Email Notification Template editor has two button components, “Outlook Button” one is removed.
A bug is resolved where the definition of a test email address is failed if the inbox is empty on Microsoft Office 365 in the Email Threat Simulator.
A bug is resolved where Google Workspace and Microsoft Office 365 Phishing Reporter add-ins are unable to attach suspicious emails as an attachment to Cc and Bcc emails.
A bug is resolved where Outlook Desktop Phishing Reporter Add-In is not able to report emails that have non-email format sender information.
A bug is resolved where ambiguous target users are listed while the target user group is selected during Awareness Educator enrollment, Phishing Campaign launch, Vishing Campaign launch.
A bug is resolved where the Download All / Download Current Page buttons are not working in the Incident Responder / Investigations / Reports / Users Found page.
A bug is resolved where play / pause buttons are not working for MP4 type of media playing in Vishing Module’s Vishing Templates pages.
A bug is resolved where "The property Text can not be more than 500 characters" error is displayed even less than 500 characters are typed in the Text field in the Vishing Module.
A bug is resolved where excluded IP address is contained in the Phishing Campaign Report.
A bug is resolved where ”Could not be scanned” icon is broken after stopping an ongoing Incident Responder Investigation.
A bug is resolved where the Incident Responder playbook editor’s action is defined as “Mark as Phishing” and “Status Closed”, but when opened second time “Mark as Phishing” is changed to “Mark as Undetected”.
A bug is resolved where invalid error message is displayed to the user of an offboarded company.
A bug is resolved where reminder notification email is sent to target users with “Completed” status when “On the Date” and “Occurrences” options are selected while activating reminder of education enrollment in Awareness Educator module.
A bug is resolved where an internal server error 500 is thrown while trying to get detailed information about running Email Threat Simulation.
A bug is resolved where Total Incidents count and the number at pagination does not match in the Threat Sharing module in Keepnet Threat Sharing Community page.
New Features:
Microsoft Office 365, Google Workspace and Outlook Desktop Phishing Reporter Add-Ins now allow the use of {SUBJECT} merge tag in the Subject field of the reported e-mail that actually is replaced by the original subject of the reported email.
Image search by filename feature is added to the Email Notification Template Editor.
The Main Domain field in the Whitelabel page now works fully automatically without needing extra assistance from the support team.
The admin now is able to create playbook rules based on analysis results (undetected, malicious or phishing) of a reported email.
25 January
Improvements:
“Copy to clipboard” action now displays a single and identical message throughout the whole platform.
Last confirmation button caption for a new phishing simulation campaign and for a new awareness training is changed from “SAVE” or “START” to “LAUNCH” for better understanding and preserving consistency.
Phishing Simulator module now displays information via tooltip about erroneous situations.
For better and quick user support Sentry integration is improved to support up-to-date new features.
Bug Fixes:
A bug is resolved for some customers who are faced with the “Custom filter is not available” error message in the Target Users panel.
A bug is resolved where editing of duplicate Target User records is not possible.
A bug is resolved where there are duplicate email addresses within Target Users.
A bug is resolved where unable to delete the Target Users previously. imported via SCIM integration after the SCIM integration rule is deleted.
A bug is resolved where the downloaded Target Users list does not contain phone numbers.
A bug is resolved that exposed hidden fields through API in Threat Sharing module.
A bug is resolved where the statuses column overflowed within “Not Responded Users List” in the Awareness Educator module.
A bug is resolved that causes sudden stops within the Vishing API node.
A bug is resolved where the Outlook Desktop add-in is automatically disabled after first installation.
A bug is resolved where adding target users to a group bulk operation adds only the users in the current displayed page, not all users.
A bug is resolved where mouse pointer is changed to drag and drop pointer in Email Threat Simulator in Allowed Domains Module’s Status column that causes users to experience misunderstanding.
A bug is resolved where empty error message is displayed while CORS error is faced during login, now users are informed about the error situation.
A bug is resolved where if a large number of target users encounter an error during the import process, keep silent and not inform the user.
A bug is resolved where unable to stop scheduled education enrollments by pressing the STOP button in the Awareness Educator module.
A bug is resolved where importing email notification templates have some overflow issues in notification template editor.
A bug is resolved where submitting data CORS error notification is displayed.
New Features:
New customers are able to buy Keepnet services with credit card online and self onboard themselves.
Reseller companies are now able to define access to the Vishing module for their sub companies.
Sender IP field in Playbook Filters of Incident Responder now supports regex matching operators.
White Labelling feature now automatically creates subdomains on Cloudflare.
06 January
Improvements:
Attachment based campaigns are now being generated with the Gembox tool for better performance and stability.
The “Attachment” type has been removed from the Phishing Simulator > Scenarios > Landing Page creation page since it is not flexible to use the “Attachment” type in a Landing Page.
The Threat Sharing module is implemented with Audit Log, so all actions taken by the admins, such as Delete, Create or Update actions are logged on the Audit Log feature.
A warning text message, “Duplicate entry in file” has been changed with a red icon that the admin can click on it and learn more details about the warning when uploading excel users to the target users menu.
New blacklist words such as “uber” and “dropbox” … have been added to the Phishing Simulator > Scenarios > Landing Page > Phishing Link subdomain field where the admin is not able to use those words in the subdomain creation field.
The “username or email” word has been changed to the “Email address” word on the login page of the platform.
The new logic is added to the reminder “on the date” and “occurrences” options, and with the new logic, the reminder will be sent to all users who have not completed the training.
The downloaded excel file from the campaign report shows “Campaign Start Date “ Campaign End Date”, these words have been changed to “Campaign Lifetime Start Date” and “Campaign Lifetime End Date” in the downloaded excel file.
Bug Fixes:
A bug is resolved where the Not Delivered count on the campaign report and the Not Delivered count from the downloaded campaign report excel file is not matched.
A bug is resolved in Incident Responder > Reported Emails page where the reported email is seen as “In Analysis” status, but the content of the reported email is already analyzed.
A bug is resolved where the deleted enrollments are not deleted permanently after 30 days of being deleted.
A bug is resolved where some target users who got phished by the phishing simulator show as No Response and at the same time in Opened Emails menu in the excel file that is downloaded from the campaign report.
A bug is resolved where the admin changes its own time format (24hr, 12hr pm) and then edits an enrollment to change reminder settings but gets an error about the timezone.
A bug is resolved where admin starts investigation in EWS email user and finds out 6 emails as they’re matched with the investigation criteria, but the “emails” column that shows how many emails have been scanned shows zero.
A bug is resolved where the admin wasn’t able to export all the data with the “Export All” option in the Awareness Educator module pages.
A bug is resolved where the audit log is being delivered to the SIEM Syslog product as a duplicate from the platform.
A bug is resolved where the admin deletes target users in Company > Target Users menu, but the target users count is not updated in the Companies > Target User count column.
A bug is resolved where the admin goes to the campaign report and clicks “Resend Campaign” to resend the campaign to the users who opened the attachment, but the option wasn’t operational.
A bug is resolved where the admin uploads a word file to attachment based campaign.
A bug is resolved where the admin downloads the user's page after go to inside of a target group, and the phone number column is not downloaded in the excel file.
New Features:
The “Preferred Languages” has been implemented for the Awareness Educator, so customers can choose a preferred language for their company and list all the training contents first with the preferred language.
The Playbook rule where the Conditions rule sets now supports Sender IP as a Regex pattern.
The Vishing module has been released. Vishing module allows you to create a realistic simulated vishing call that is sent to employees in order to assess their ability to recognise suspicious calls and their response to attacks that could compromise organisational data and systems.
The phishing emails that have been sent to target users and then reported by target users to the Incident Responder module were creating false positive reports after security tools analyse the phishing links that the system generates for each target users which affects the users seems clicked the phishing link in the report. The phishing domains are now excluded from analyzing to prevent false positives and the admin can see it all from Incident Responder > Integrations > Advanced Settings > URLs page.
Last updated