LUCY Data Security Solution Acts as “Crash Test Dummy” to Emulate Cyberattacks

To find the weakest security link in your organization, you need to think like a hacker. Thanks to a new phishing solution called LUCY, companies can now measure and improve awareness towards phishing, malware and drive-by attacks by launching their own realistic phishing campaigns.

Malware and phishing attacks can be devastating for companies in terms of legal liability, reduced sales and bad publicity. Attacks that seem to make headlines daily highlight both the missing technical security precautions and lack of awareness that are a risk for any company.  With LUCY, organizations can run their own simulated attacks and find where their organization may be most vulnerable.

LUCY features a simple web-based user interface that includes pre-defined Mail and Web templates. LUCY has been designed so technical and non-technical persons can administrate the platform, and configure custom phishing attacks within minutes.

According to EMC/RSA, global phishing attacks approached 500,000 in 2013 with estimated losses of over $5.9 billion. A joint study by IDC and the National University of Singapore found the cost of data breaches and malware to be $491 billion in 2014, a staggering figure. Even worse, the same study shows that employees are the culprit in installing 20 percent of pirated software that gives attackers access to a company.

With its comprehensive approach to IT security, LUCY can emulate cyberattacks in your own network or in the cloud through four main modules:

Traditional Phishing Attack: LUCY runs different variations of phishing attacks to measure and improve awareness of your employees. All technical aspects, i.e. sending mail, starting the embedded webserver or generating statistical analysis are handled by the application. In a few clicks, entire websites can be copied to dupe users into leaking usernames, passwords or other sensitive data. Also included is a menu of attack scenario templates (pre-defined websites and mails).

Malware Attack: LUCY can simulate a malware attack, combining phishing with custom malware samples. You will see who, how far and what type of information can be exposed. LUCY’s malware simulation is non-intrusive and doesn’t interrupt your normal daily business operations.

Malware Protection Test: This feature allows users to perform security checks without involving employees outside your IT department. Determine your malware-related vulnerabilities on the network, system and application levels.

Training: An integrated eLearning module provides the necessary training to improve employee awareness.

LUCY can also be customized to allow users to create campaigns and templates that can be used again.

“As hackers become more creative, businesses need to analyze where they are most vulnerable,” said Oliver Muenchow, founder of LUCY. “Could your employees be fooled into entering sensitive data on a professionally appearing website; would they download/execute programs from unknown sources; can malware enter and affect your network without being detected? LUCY helps answer all those questions.”

Other features include:

  • Can run within private networks or on the Internet
  • Browser Analysis: detect if users access the campaign with vulnerable browsers (plugins)
  • Multi-user enabled. Web-based GUI to configure and run phishing campaigns against one or thousands of users
  • Website Copy feature: copy existing webpages and integrate them in your campaign
  • More than 40 professional designed, fully functional web- & mail templates
  • Statistical and comparative analysis in real time of each phishing campaign with custom report template
  • Automatic software updates
  • Ability to benchmark results
  • Backup and restoring campaigns, web & eLearning templates.
  • Login filters to check for complex passwords or custom domains required within the login

LUCY can be downloaded at http://phishing-server.com as a free limited community edition or as a commercial product.

Featured

  • AI to Help Resolve Non-Emergency Calls Across Utah and Decrease 911 Caller Wait Times

    The Utah Communications Authority (UCA), which oversees the state’s next generation 911 technology services, recently announced that public safety answering points (PSAPs) throughout the state plan to implement Motorola Solutions’ Virtual Response technology to automate the receipt and resolution of 10-digit non-emergency line calls in Utah with the help of AI. Read Now

  • Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

    KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, recently released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints. Read Now

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”