What's New August 30, 2021
- Filter Enhancements – Expanded filter field character limit to 250 (previously 60) characters on all filter fields. Enhanced field name wrapping in filter field menu.
- Several fixes in the back end to improve performance and security.
What's New August 9, 2021
- Several fixes in the back end to improve performance and security.
What's New July 14, 2021
- Added new article with procedures to help stop users from seeing the pop-up warning message from Google. See Disabling Google Safe Browsing Warning Message Using Group Policy.
- Activity Filters – Fixed issue with activity filters based on operating system (OS) that did not work correctly.
- Automated Training Campaigns – Fixed issue that caused delays with Training Completed notifications.
What's New June 28, 2021
- Several fixes in the back end to improve performance and security.
What's New June 7, 2021
- Removed Address Book Limit – Campaigns no longer have a limit on the number of address books they can contain. This change improves workflows for the MSP team.
Blocked Domain Warning – Fixed the blocked domain warning to also include blocked domains that are part of content groups.
Send Notification Button – Enabled the Send Notification button for Automated Campaigns.
Certificate Renewals – Researched and fixed problems with the certificate renewal process.
- Campaign Overview Reports – Enhanced Campaign Overview reports to include Out of Office and Bounced statistics, even if they are blank.
What's New May 18, 2021
- Automated Training Campaigns – You can now create automated campaigns for training in addition to testing. For details, refer to Creating and Running an Automated Campaign.
- Campaign Manager Workflow Enhancements – Streamlined Campaign Manager workflow to be more intuitive to users. For details, refer to Creating and Generating an Email Campaign.
- REST API – Updated the library of REST APIs, mapping threat types to content groups.
- Security – Enhanced security by restricting access to the main PhishLine instance and implementing measures to prevent reverse tabnabbing.
- Benchmark Statistic Fixes – Fixed issues with Benchmark statistics.
What's New April 26, 2021
- New Training Reminder Template – Campaign managers can now use a separate email template when sending automated training reminders. For details, refer to Creating and Running a Training Campaign.
- Subdomain Support – You can now delegate subdomains for use in your phishing campaigns both in the from email addresses and as the web server for landing pages. For details, refer to Using Your Own Domains.
- Security Improvements – Addressed a number of issues related to cross scripting.
- Performance Improvements – Continued work to improve performance.
What's New March 15, 2021
New Top-Level Domain Support
- New support for the following top-level domains: .center, .co, .me, .support.
Landing page domains can now point to external servers.
Google Blocklisting – Continued testing and tracking to work with Google’s increased effort to block phishing sites.
Ongoing Performance Improvements
What's New February 22, 2021
- New and Improved LMS – The LMS (Learning Management System) is officially upgraded and will provide a substantial improvement in performance and reliability with training campaigns.
Some of the notable enhancements include:
Reliably tracks course progress and completion.
Records users' progress in near real-time. Enables you to watch users progress in Training Results as they answer questions.
Enables users to continue an interrupted training session – even if they closed the browser. If their training was interrupted, users locate the training invitation email and click on the training link again. The LMS will prompt them to either resume the training from where they left off or restart the training.
Informs users if they have already completed a course. Prevents work duplication by warning a user if they click on a link for a course they have already taken.
Training Results now contain one record for each student per course/campaign.
- Campaign End Date Limit – Campaign duration can now be up to one year. End Date can be up to one year from Start Date, regardless of Start Date value.
- Password-protected Smart Attachments – Fixed issue that prevented passwords from working on smart attachments.
- Notification Campaigns – Fixed issue that required a manager email address when it did not apply.
- Automated Training Reminders – Fixed issue that prevented automated reminders from being went while certain utilities were running.
What's New February 1, 2021
- Office 365 Integration – You can now connect to your Office 365 account to create address books. For more information, refer to How to Create an Address Book, How to Edit an Address Book, and Office 365 Connection Manager
- Global Host Domain for Email Images – You can now choose a specific domain name to serve all email images (excluding inline images). Now you only need to add a single domain name to your Allow list to allow images to load from a remote source. Note that the landing page images will still be served from the landing page domain. For more information, refer to Global Settings.
- XLSM Smart Attachment Type – You can now specify XLSM messages as Smart Attachments. XSLM files are macro-enabled XLSX files. Like XLSX files, this file type can be password protected. The existing Smart Attachments use a macro to automatically send the person who opens the file to the phishing simulation landing page, if they have enabled macros. Most of the Smart Attachments also have clickable links that will also send the user to the PhishLine landing page. For more information, refer to Email Templates.
- User Session Timeout – You can now configure the Maximum User Session Inactivity, the maximum time a user session can be idle before it times out. For more information, refer to Global Settings.
- Landing Pages and Certificates – The configuration and management of domains and landing page SSL certificates is being automated and will cover all of the landing page domains. Previously only 100 domains of the 425 active domains where covered on the landing page SANs certificate. In addition, custom third-level domains will be covered under the second-level domain certificate. For example
neverclick.netwill be both be considered as valid under the
- Report Generator Control Changes – Infrequently used advanced filter options are now hidden and error handling has been improved. For details, refer to How to Use the Report Generator.
- Updated UI – We are starting to update the Barracuda PhishLine user interface.
What's New December 1, 2020
- Multiple Activity Filters – You can now implement more than one activity filter at a time, specifying whether you want to explicitly allow or block certain ISPs or IP addresses. Refer to Global Settings for details.
- Domains You Own and Control – You can now use your own domain to send both training and testing emails. The only requirement is that you must add Barracuda's mail server IP addresses to your DNS SPF record and adding an additional DKIM record for email signing. For additional information, refer to Using Your Own Domains and Choosing How to Send Training Invitations. Note that the information about using a Customer Awareness Domain is now located within the Using Your Own Domains article.
What's New in the November 10, 2020 Release
- Automated Training Reminder Send Days – Automated training reminders will send seven days a week, regardless of valid send days in the campaign. For more information about Automated Training Reminders, see Creating and Running a Training Campaign.
- Automated Training Reminders and Time Zones – Fixed a issue with time zones when sending Automated Training Reminders.
- Email Classification Issues – Fixed an issue where emails not properly classified as bounced.
- Levelized Campaign Error for Multiple Campaigns – Fixed an issue with Levelized Campaigns that occurred when campaign count reached a certain level.
What's New in the October 19, 2020 Release
- Enhanced Word (DOCX) Reports – Updated five of our reports and converted to DOCX format. Refer to How to Use the Report Generator for more information.
List of updated reports:
- Campaign Comparison Report – Formerly known as Campaign vs. Campaign Report
- Detailed User Report
- Multi-Campaign Repeat Clicker Report – Formerly known as the Repeat Offender Report
- Multi-Plan Repeat Clicker Report – Formerly known as the Repeat Offender Report
- Plan Comparison Report – Formerly known as Plan vs. Plan Report
- Address Book File Detection Enhancement – The Address Book file import utility can now detect password protection in spreadsheets. If a password protected spreadsheet is uploaded, the system prompts the administrator to remove the password protection from the spreadsheet to continue. Password-protected spreadsheets cannot be imported. For more information, see How to Create an Address Book.
- SMS Campaign Bug Fix – Fixed errors with SMS campaign code that prevented responses from being recorded properly.
What's New in the September 28, 2020 Release
- Predefined LDAP Search Filters – In addition to creating your own search filter, you can now select a new predefined LDAP search filter. Selecting a predefined filter automatically enters the filter expression in the Search Filter field. This enhancement makes it easier for non-experts to search. There is still an option to enter a custom search filter. For more information, see LDAP/AD Configuration Manager. [DEV-1478]
- Hire Date Allows Zulu Time - Dates imported from LDAP in the Zulu time format are now supported by the Hire Date field. The Zulu time format is
YYYYMMDDHHMMSSZ. Note the
Zat the end. Hire Date is mentioned in How to Create an Address Book and How to Edit an Address Book. [DEV-1453]
- New Fields in Web Activity –Two new fields have been added to Web Activity Analysis report for time-zone-specific request information. For details, see Web Activity Analysis Metrics. [DEV-1449]
- Login IP Filter – You can now restrict access so users can only log in from specified IP addresses. For details, refer to Global Settings. [DEV-1448]
- Primary Domain Authorization – All new PhishLine accounts will now have their main company domain (used to create their PhishLine instance) authorized automatically. This simplifies the process of getting started with PhishLine products. For information on Domain Authorization for additional domains, see Domain Authorization. [DEV-1462]
- LDAP Search Filter – Allowing the LDAP Configuration Manager to accept values for time and date comparisons that were previously not seen as valid. [DEV-1458]
- Training Reminder Time Zone Bug Fix – Training reminders are now correctly taking account time zone actual into account when sending. [DEV-1486]
- Campaign Overview Report Updates – The Campaign Overview reports have been updated to remove duplicate listings of domains, web templates, and email templates. Additionally the Domains section now includes full friendly email sender name. [DEV-1452]
- Multiple Content Groups – Addressed issue encountered when a campaign contained multiple content groups. [DEV-1452]
What's New in the September 8, 2020 Release
- Global Login Page – Introduced a Global Login page that does not require a user to know their instance name to log in. Navigate to http://phishline.com/login and enter your email address. You will be automatically forwarded to your instance to continue logging in. Refer to Overview for more information. [DEV-1419]
- No Password Reset for MFA Users – You can now disable password expiration for those using multi-factor authentication (MFA), so they will not have to change their password. For details, refer to the Default Security Settings section of Global Settings. [DEV-1446]
- Password Reset Default – Extended default setting for password expiration from 60 days to 90 days. This affects all users who had the default 60-day value selected. [DEV-1446]
- On-Demand Manager Notification Templates – Added five new templates and updated existing templates for sending automated report emails to managers. For details, refer to Understanding Automated Campaigns. [DEV-1429]
- Centralized Authentication Logging – All Barracuda PhishLine authentication events are now logged to a central authentication log that is monitored by the Barracuda IT personnel. This allows better detection and prevention of brute force attacks and provides remote logging that cannot be modified or changed by a potential hacker. [DEV-1319]
- Authentication/Password Expiration – Fixed issues around authentication and password expiration. [DEV-1444]
- Report Generation in Word – Fixed an issue with generating reports in Microsoft Word (DOCX format) when the Campaign Name included XML reserved characters (&, >, ‘). [DEV-1451]
- Additional Fixes – [DEV-1459, DEV-1464, DEV-1460, DEV-1469, DEV-1457]
What's New in the August 17, 2020 Release
- Maximum User Inactivity Period – New field enables you to set the maximum number a days a user can remain inactive (not log into Barracuda PhishLine) before automatically deactivating their account. By default this feature is not enabled. For details, see Global Settings. [DEV-1425]
- Delete Individual Email Address – You can now delete individual email addresses that have not already been included as part of a campaign. You can deactivate, but not delete, email addresses that have been included as part of a campaign. For details, see How to Edit an Address Book. [DEV-1403]
- Manager Fields – Two new fields – Manager Name and Manager Email Address – enable you to store data for individual users in the User Manager. For information, see User Management. [DEV-1426]
- Active by Default – The following values are now set to Active by default: new user accounts (see User Management), address books, and email addresses (see How to Create an Address Book). [DEV-1402]
- Training Results – Improved how the system records training results, to prevent bugs when users double-click training links. [DEV-346]
- Password Expiration – The system requires passwords to expire. Passwords for user accounts with multi-factor authentication (MFA) enabled will not expire. [DEV-1440; DEV-1442]
What's New in the July 27, 2020 Release
This release focused on addressing issues.
- Terminology Update – Replaced outdated terminology. Now using allow list and block list. [11.1.5063]
- Anonymizer – Fixed an issue where some fields were not anonymized. [11.1.5053]
- Training Results Registration Code – To resolve an issue, changed the match type for the Registration Code field to autocomplete, rather than a multi-select. [11.1.5043]
- Message # in Inbox – To resolve an issue, changed the match type for the Message # field to autocomplete, rather than a multi-select. [11.1.5033]
- Content Group Import – Improved the algorithm to determine whether a content group must be imported from the Content Center, based on changes made to it. [11.1.5023]
- Sample Email Delivery – In the Approval stage of a campaign, you can now use single quotes in an email address when sending a sample email. [11.1.5013]
- Password Expired Message – Fixed an issue in My Preferences that caused an expired password warning message to display erroneously. [11.1.4993]
- Copying Voice Templates – Fixed an issue where voice templates were not copying correctly into voice campaigns. [11.1.4983]
- Image Gallery
- Image Uploads Availability – Images uploaded to the Image Gallery will be available more quickly. [11.1.5003]
- Deleting an Image – Fixed an issue with an error message displaying erroneously when deleting an image from the Image Gallery. [11.1.4973]
What's New in the July 6, 2020 Release
- Training Campaigns in Quick Launch – You can now create Training (Educational) Campaigns, in addition to Testing Campaigns, from the Quick Launch. You can choose from ten popular Training content groups. For details, refer to How to Use Quick Launch. [11.0.4883]
- Automated Training Reminders – You can now automatically send out training email reminders to users who have not completed the training, at intervals you specify. You can still use the Resend Training Emails button to send reminders on an ad hoc basis. For more information, refer to Creating and Running a Training Campaign. [11.0.4913]
- Domain Authorization Status – The Address Book now includes two new fields – Domain Authorized and Ignore Unauthorized Domain – which show the status of domain authorization of each Address Book entry. These fields support viewing, sorting, and filtering. Campaign functionality has not changed. This just exposes additional data in the address book to allow easier maintenance of records affected by unauthorized and/or ignored domains. [11.0.4813]
- Hire Date – Address Book entries now have a standard Hire Date field. This new Hire Date field is also available in the Campaign Advanced Filter as the first range field. This allows you to setup new hire campaigns without special processing. [11.0.4873]
- Global Settings – API and User Login Preferences – A new Default Security Settings section in the Global Settings includes options for configuring user login, session timeout, and API authentication. Includes the following fields: Maximum Password Age, Maximum Session Length, Maximum API Key Expiration. For details, see Global Settings.
- Report Enhancements
- Report Types for Quick Reports – When you create a Quick Report from the Campaign Manager, the system automatically generates the appropriate type of Campaign Overview Report – Benchmark, Training, or the universal Campaign Results Overview Report. For more information, refer to Creating a Quick Report. [11.0.4923]
- Login Stats – All Campaign Results Overview reports have been updated to include Login Stats, if applicable, in the Results Summary section. These reports are available from the Report Generator and also from the Generate Report button in the Campaign Manager. [11.0.4933]
- PDF Reports – Reports labeled as MS Word can also now be generated as PDFs in the Report Generator. [11.0.4953]
- Improved Navigation – The Report Generator workflow is streamlined if you do not use the Sequence By Field option. [11.0.4963]
- Content Groups – Content Groups can now be used in Training campaigns. [11.0.4903]
- Campaign Intent – Added new field, Campaign Intent, to the Content Group Manager. This field indicates for which type of campaign the content group is intended to be used. [11.0.4893]
- Optimized Outbound Processing – The outbound processor now only publish pages associated with the outbound emails that will be sent out in the current batch. In addition, it no longer publishes pages for campaigns in Approved status that have a cutoff date more than thirty days in the past, because in most cases, these are abandoned campaigns that will never be brought live. [11.0.4863]
- Inbox Matching – Enhanced the inbox matching logic to more efficiently associate incoming emails with the proper campaign and outbound email. [11.0.4853]
- BMP Files – You can now upload BMP files to the File Library and to the Image Gallery. [11.0.4833]
- @ Symbol – You can now use the @ symbol in the Email Template Sender Name field. [11.0.4843]
- Click Rate Percentage – Fixed error in calculating Click Rate Percentage in Campaign Results Overview reports. [11.0.4943]
- LMS Completed Date – Fixed error with blank LMS Completed Date entries. [11.0.4823]
What's New in the June 15, 2020 Release
- New Benchmark Report Filters – New filters include Sent Count and Licenses. Refer to Benchmark Results for more information. [10.9.4781]
- Training Content Groups – You can now create Training content groups from Content Group Manager. Training content groups cannot yet be used in campaigns. That functionality is coming soon. Refer to Content Groups for more information. [10.9.4801]
- Top Level Domains – Now both .
devdomains are supported as TLDs. [10.9.4731]
- Updated warnings for late messages. Messages that are over 30 days late (30 days after the last sendAfter date) will not be sent by the system. The Campaign Manager now displays a warning when your campaign has messages more than 30 days late, indicating you must go back to Stage 1. Design and regenerate the campaign to refresh the generated send dates. You are not allowed to proceed to Stage 4. Go Live! if you have any messages that are over 30 days late. [10.9.4761]
- Resend Training Emails – Fixed an issue preventing the Resend Training Emails function from resending emails more than 30 days old. [10.9.4791]
- PDF reports – Fixed an issue preventing PDF reports with more than two applied filters from generating correctly. [10.9.4771]
What's New in the May 25, 2020 Release
- Benchmark Campaign Summary Report – There is new Benchmark Campaign Summary report that provides similar information to the Campaign Summary report, but also includes comparisons to others customers that have participated in the benchmark comparison by industry, it also include historical click rates by industry for all campaigns conducted using the PhishLine platform. The Benchmark Campaign Summary reports are now automatically delivered to subscribers at the end of a benchmark campaign. The report will be delivered within 24 hours after the cutoff date. To ensure you are signed up to receive these notifications, refer to Notification Settings.
- Address Book Utility – For more information, see Address Book Utility.
- Remove Clicks by ISP or IP Organization – This new click remove utility allows more flexibility to remove false clicks from completed campaigns.
- Multiple Campaign Select – The activity-based address book utilities now allow running the utilities on multiple campaigns at the same time.
- Resend Training Button in Automated Campaigns – The resend training invitation button that was already available in normal training campaigns is now available in automated campaigns as well. For more information, refer to How to Create an Automated Campaign.
- Fixed an issue with Web Analysis Activity not matching Outbound Analysis when activity removal utilities are run against a campaign.
- Fixed issue with API sending error 500 related to missing fields in underlying database view.
- Fixed issue with API sending error system error when it should have been sending permission denied message.
- Reset Outbound Default Filters.
- Cleaned up Report Generator UI – This is the first step to cleanup and streamline the Report Generator interface.
- New Version of the Outlook Button – A new version of the Windows Outlook Button is available. There were no functional changes only the code signing certificate was updated. This should only be deployed if customers are receiving code signing certificate expiration errors.
What's New in the May 4, 2020 Release
- Two-Step Landing Page Templates – Added customization for these labels, especially useful for translation and localization: More Options, Forgot Email, Welcome (username). See Landing Pages for additional information. [10.7.4563]
- Quick Launch Scheduling – Estimated campaign schedule dates (including end date and cutoff date are now available while creating the Quick Launch campaign. For details, see How to Use Quick Launch. [10.7.4523]
- Quick Launch Enhancements – Quick Launch now performs a list of verification checks, including checking for blocklisted domains, before allowing content to be selected for Quick Launch campaigns. For more information on Quick Launch campaigns, see How to Use Quick Launch. [10.7.4553]
- Benchmark Campaigns – Now use the Benchmark content group and no longer require special naming conventions. For details, refer to Creating and Running a Benchmark Campaign and Understanding Benchmark Campaigns. [10.7.4533]
- Automatic Report Deliveries – A campaign summary report or training summary report is automatically sent within an hour after a campaign cutoff date and time. Specify recipients in the Notification Settings page. For details, see How to Use the Report Generator and Notification Settings. [10.7.4503]
- Domain Authorization responsiveness – The domain authorization process has been enhanced to reduce the time a domain is authorized after the text (TXT) record is added to the domain DNS zone. New domains are now given more priority using a backoff algorithm. See Domain Authorization for details on the algorithm. [10.7.4493]
- Shortened time to receive grades – Grading process updated to reduce time between a user's finishing a course and their results appearing on the PhishLine dashboard. [10.7.4483]
- @restricted Address Book Removed – Removed deprecated address book. [10.7.4573]
- Exporting to CSV works appropriately with international characters. [10.7.4543]
- LDAP Configuration Manager Test Configuration button error fixed. [10.7.4513]
- Secured HTTP headers. [10.7.4473]
- CSV export – Special characters now escaped so they do not interfere with Dynamic Data Exchange (DDE) or Excel formulas. [10.7.4463]
- Domain name change issue resolved – If a domain was added manually and then the domain name was changed, underlying data was not changed to match. This issue is now reloved. [10.7.4453]
What's New in the April 13, 2020 Release
- Quick Launch Note – Added a note to the Quick Launch Send Sample feature that clarifies that samples are intended only for visualizing the look and feel of a given campaign email. They do not act as verification tests that emails will be delivered correctly. See How to Use Quick Launch for details. [10.6.4441]
- Outbound Analysis – The Campaign Stats tab on the Outbound Analysis Reports page has a new chart, breaking down outbound statistics by Email Template. You can now choose to see stats by Campaign Name or Email Template. These reports now include two new columns that show how many users have started training without finishing it. For details, see Outbound Analysis. [10.6.4431]
- Report Generator – Two new report designs have been added to the Report Generator that are modeled after the Campaign Results Overview reports, but are designed specifically for Training campaigns. These reports give a general overview of a completed Training campaign.See How to Use the Report Generator for more information. [10.6.4411]
- Notifications Settings – A new Notification Settings feature has been added to the PhishLine System menu. This new feature allows PhishLine User Administrators to subscribe to and unsubscribe from the six types of PhishLine notifications. It also allows a PhishLine User Admin to add subscriptions for email addresses that do not have a PhishLine User account. The six types of Notification Types that are available at this time are:
- Critical Admin Messages
- Click Thinking Announcements
- Campaign Summary Reports
- Campaign Status Updates
- Release Notes
- Data Retention Deletion Notification
- For details, refer to Notification Settings. [10.6.4401]
- Repeat Offenders – The Multi-Campaign Repeat Offender Report and Multi-Plan Repeat Offender Report have been given a face lift. Repeat offenders are defined as users who click on simulation phishing links during multiple campaigns. [10.6.4391]
- Performance Improvement – The filtering for Web Analysis and Outbound Analysis have been modified to provide better performance. [10.6.4381]
- Campaign Type/Campaign Intent – Corrected an issue where Campaign Type was not aligning with Campaign Intent if Campaign Intent was changed more than once. Campaign Type should now always align with Campaign Intent.[10.6.4451]
- Anonymizing Address Books – A request to anonymize address book information was not immediately triggering an update to the system. This has been fixed. Moving forward, address book anonymization requests should be resolved more quickly. [10.6.4421]
What's New in March 23, 2020 Release
- Quick Launch Send Sample Feature – New feature enables you to view a sample of a campaign before going live. For details, see How to Use Quick Launch. [10.5.4343]
- Quick Launch Update to Same Day Processing – Campaigns intended for same day processing must be created before 3:00 pm local time. Otherwise, they will start the following business day. For details, see How to Use Quick Launch. [10.5.4353]
Campaign Results Overview Reports Updated – The Campaign Results table is now obsolete and is replaced with the new Campaign Stats table in both of the Campaign Results Overview report designs in the Report Generator. For more information, refer to How to Use the Report Generator. [10.5.4333]
Comments Visible in Risk Analysis – Comments entered in a campaign are now visible in Risk Analysis. Refer to Risk Analysis. [10.5.4313]
New Address Book Utility: Restore Removed Click Data – If the you made a mistake using one of the Remove Clicks address book utilities, use this new utility to restore data to the original condition. For details, refer to Address Book Utility. [10.5.4303]
- Copy Functionality Streamlined – Campaigns created through copying have a creation date of the date the copy was made. The flow of creating a copy has been updated. [10.5.4323]
What's New in March 2, 2020 Release
- Quick Launch – New feature makes it easier to conduct simulated phishing email campaigns—reducing the time and effort involved to a few simple clicks! See How to Use Quick Launch for details. [10.4.4282]
- Address Book Utility Update – The Remove Clicks in a Single Campaign by IP Address utility will now allow multiple lines of data. Commas and multiple lines are both allowed to separate the IP addresses added to the utility. [10.4.4262]
Browse View Performance Improvement – Decreased the time to display the Browse Views for applications with large data sets such as Outbound Analysis and Web Analysis. The time to move between pages of data was also greatly reduced. [10.4.4252]
Multilingual Out of Office Messages – The following phrases have been added to the Inbox Analysis process. This helps classify incoming Out of Office emails with greater accuracy for the following languages. [10.4.4242]
- Swedish, Norwegian, and Danish – Autosvar; Automatisk svar
- Finnish – Automaattinen vastaus or Automaattivastaus
- French – Réponse Automatique
- Dutch – Automatisch Antwoord
- German – Automatische Antwort
- Portuguese – Resposta automática
- Catalonian – Resposta automàtica
- Spanish – Respuesta automática
- Polish – Automatyczna odpowied?
- Turkish – Otomatik yan?t
- Italian – Risposta automatica
- Changed Default Behavior on Text Browse View – Text and Card views updated to allow power users to quickly open edit forms for multiple templates and content groups in new browser tabs. [10.4.4212]
- Training Campaign Domain Name – For Training Campaign feature, the default web server is now
- Exported Data – Fixed data missing from exported CSV file. [10.4.4292]
- Adjust Reputation Data When Cutoff Date is Changed – Internal adjustment, recalculating data when cutoff date is changed. [10.4.4272]
- Address Book Utility Updates – The Add Training Completed to a Single Campaign Per Source Address Book utility has been fixed to now update the individual campaigns, as well as the associated address books. [10.4.4262]
- Cross Site Request Forgery (CSRF) Vulnerability – All forms now use a unique randomly generated token to prevent CSRF attacks. [10.4.4232]
Single Quote in Campaign Name – Fixed issue with using single quotes in a campaign name. [10.4.4222]
What's New in February 10, 2020 Release
- New Campaign Type: Training – Like Email Campaigns, Training Campaigns are used to send email to your users. However, instead of using the email to test the users, it delivers links to training content. The links are trackable, so you will be able to see which users have taken training, and resend emails to those users who have not. The Training Campaign does not use a landing page, so there is no need to choose a landing page or web server when creating the campaign. For details, refer to How to Create a Training Campaign. [10.3.4182]
- Replace Campaign Results With New Campaign Stats – The Campaign Results report has been removed from the Results menu and replaced with the new Campaign Stats report. The Campaign Stats report can be accessed via the tab on the Outbound Analysis report. The Campaign Stats report shows all statistics for the selected campaigns. Calculated rates for sent messages exclude Bounced messages. See Outbound Analysis for more information. [10.3.4202]
- UI Performance Enhancements – Updates to improve speed of user interface, especially for large results sets in Outbound Analysis and Web Analysis. [10.3.4152]
- Google Button Updates – Current users of the Google Button must remove their currently installed button and install the new version. The old version is no longer supported. For detailed instructions, refer to Google Button. [10.3.4172]
Send Sample Button Disabled After Cutoff Date Passed – After cutoff date, cannot send sample emails. Disabled button. [10.3.4192]
- Search Filter Fixes – Updated filters for Voice Results and Training Results. [10.3.4142]
- LDAP Configuration – Fixed LDAP issues when creating a new LDAP connector with a long list of attributes. [10.3.4132]
What's New in January 20, 2020 Release
- New feature - Quick Report – On the Campaign Manager screen, for any given campaign, quickly generate a Campaign Results Overview Report (MS Word format). [10.2.4001]
- New Feature - Single Sign On/Just In Time (JIT) Integration for provisioning users. [10.2.4121] See Single Sign-On and Just In Time Provisioning.
- Custom Reporting Enhancements – During export, file is generated in the background and includes all rows from all screens. [10.2.4011]
- Dynamic Address Books require valid Manager email address, because results of the automated campaign are sent to the manager. [10.2.4041]
- Custom Report Manager - Show Sums checkbox – New checkbox enables you to hide numbers displayed on a chart. [10.2.4061]
- New Email Attributes available in the Email Template Manager and the Email section of the Content Center Manager. New attributes include Branding, Complexity, Design Level, Lure Type, and Personalization Level, and can make searching for email templates easier. [10.2.4071]
- Ad Hoc Click Utilities now ignore any campaign type with the word
Testingat the beginning of the Campaign Intent field. [10.2.4091]
- Unsupported data types, like ASPX, are restricted and cannot be uploaded to the document library. [10.2.4101]
- Usage Log performance improved. [10.2.3981]
- Improved security of status changes. [10.2.3991]
- Improved New Account or Password Reset behavior. New password no longer treated as previously used password. [10.2.4021]
- Fixed Adhoc Click Count Content Group Match UI [10.2.4031]
- Disposition field in Results > Incident Response edit view is now editable. [10.2.4051]
- Miscellaneous UI updates – removed mentions of Advanced Analysis and restricted, which were both deprecated. [10.2.4111]
What's New in December 14, 2019 Release
- Activity Filtering – New configuration to set up Allow or Block List by IP or ISP. For details, see Global Settings. [10.1.3901]
- Landing Pages Disabled when No Longer Needed – When campaign containing a landing page is past the Campaign Cutoff Date, the landing page shows as File Not Found. [10.1.3921]
- LMS Grading Method Updated – All LMS content grades now consider both the score recorded, as well as the completed and passed flags set, to ensure the user receives full credit for their efforts. [10.1.3952]
- LMS Delivers Content over HTTPS – The LMS now delivers content over HTTPS, rather than HTTP. [10.1.3972]
- Custom LDAP Attribute Configurations – You can now choose specific fields from your LDAP / Active Directory, and map them to the Address Book fields of your choice. Previously, there was a set of common LDAP attributes that were mapped automatically, and no additional mapping was possible. Any LDAP address book that does not have specific mappings created will continue to use the old default mappings. [10.1.3962]
- Central Time Zone – Fixed issue where time zone defaulted to Central Time Zone if user reset their password. [10.1.3911]
- Custom Reporting – Fixed issue where field limits were not enforced. Limits are now enforced: add up to 20 Summary Fields and 10 Email Address Meta Fields when saving a report. [10.1.3931]
- Address Book Help Text Updated – Clarification that Mobile Phone field is used for SMS campaigns and Phone is used for Voice campaigns. [10.1.3932]
- Email Campaign Protocol – Images in emails now sent with HTTP protocol, avoiding issues with certain email clients not displaying images correctly with HTTPS. [10.1.3942]
What's New in November 18, 2019 Release
New REST API Endpoint - Web Activity – Enables you to pull the web analysis records down through the REST API. For more information, see Web Activity. [9.8.3633]
- Data Retention Configuration – New setting in Global Configuration. Specify how long you want to retain data in your instance. For more information, see Global Settings. [9.9.3651]
- New Dynamic Address Books (DABs) – Two new DABs included in this release:
- On Demand Non-Clicker Notification, sent to users who do not click on campaign email. [9.9.3661]
- Immediate Feedback Training Completed Notification, sent to users when they complete training. [9.9.3671]
- Blocklisted Domains within Active Campaigns – Campaigns with blocklisted domains are prevented from running. If an actively running campaign has a landing page or email domain that becomes blocklisted midway through its run, the campaign will now be automatically paused and a notification will be sent out to the campaign administrator. The administrator of the campaign can then return the campaign to Stage 1. Design, choose a replacement for the blocklisted landing page or email domain, and continue running the campaign by advancing it to Stage 4. Go Live! To prevent a campaign from pausing midway through and allow it to continue to run with a blocklisted domain, select the option Allow Blocklisted Domains under Campaign Manager > General Settings . [9.9.3681]
- Updated Phish Reporting Button for Exchange. In this update, when a user reports an email that is under 1MB in size, a new email message is created with the reported email added as an attachment. This preserves all the original data of the reported message. If the reported email is over 1MB in size, a rare occurrence, the email is forwarded in the same manner it was in previous versions. For more information, see Customization Options - Microsoft Exchange Button. [9.9.3691]
- Custom Reports – Two new fields enable sorting in Custom Reports [9.9.3701]. For details, see How to Create Custom Reports.
- Sort Priority – Enables you to choose a number representing the priority the corresponding field should take when sorting. Sort Priority 1 sorts first, then Sort Priority 2, and so on.
Sort Direction – Enables you to choose whether the corresponding field is sorted in ascending or descending order.
These fields are used on the following Custom Reports fields:
- Summary Levels #1-#3
Email Address Meta Data Fields
- Report Generator – All charts and tables displaying information about browser plugins and software analysis have been removed from reports and report designer. [9.9.3711]
- Software Analysis Removed – The Software Analysis menu option has been removed. This feature was not essential to the product. [9.9.3713]
- Allowed File Types for Upload – Fewer restrictions in the File Library, Address Book Upload, and Image Gallery. [9.9.3723]
- Fixed issue with Address Book Utility, so Remove Clicks in a Single Campaign utilities remove data from Outbound Analysis, Web Activity, and Address Books. [9.8.3622]
- Detail view of Portable Campaign Reporting now accurately shows Media Reporting Date. [9.8.3623]
- Fixed issue with LMS (Learning Management System). Training results from courses where users proceeded to next section before answering questions are now reported correctly. [9.8.3643]
- Fixed issue with possible incorrect labeling for templates in the Content Center. [9.9.3743]
- Portable media campaign data reporting dates fixed. Also, Media Reporting Date now visible in Outbound Analysis (see above). [9.9.3753]
What's New in September 9, 2019 Release
- New options in Custom Report Designer. New chart type, Stacked 2D Column With Line, combines a bar chart and line chart. New option, Summary Field Custom Colors, enables you to change colors in Summary Fields section. [9.7.3582]
- New Address Book Utility, Remove User Click Activity by IP Address. Removes click activity and all other associated activity from the a single campaign based on the list of IP addresses and/or Class-C IP address blocks specified. Useful if you are getting false positives from help desk activity or sandboxing systems, like Barracuda's Advanced Threat Protection. [9.7.3572]
- Allow Blocklisted Domains option added to the Campaign Manager enables campaign to run even if it contains blocklisted landing pages or email addresses. Refer to Creating and Generating an Email Campaign for details. [9.7.3602]
- Data Retention Policy enables you to automatically delete your data in 1, 2, or 3 years. Refer to Global Settings for more information.
What's New in August 19, 2019 Release
Voice applications can now be downloaded to your instance from the Content Center, just like all other available content. [9.6.3521]
- Exchange Phish Button – In this release, To, From, and CC email addresses were added to additional header details that get sent in the reported message. Additional header details can be turned on and off via the Add header details to wrapper email body checkbox in the button configuration. Refer to Customization Options - Microsoft Exchange Button. [9.6.3541]
- Custom message available on main login screen. Refer to Global Settings for details. [9.6.3571]
- Fixed problem with exporting charts and graphs. [9.6.3551]
- Fixed filtering issue relating to the number zero (0). [9.6.3561]
What's New in July 29, 2019 Release
- In the Content Center, SMS Templates are now separated from Email Templates. [9.5.3453]
- Content Manager for Voice campaigns updated. Placeholders for Email Templates and Landing Page Servers no longer needed. Voice Applications now correctly labeled (no longer mislabeled as Landing Page Templates). Phone numbers now correctly labeled (no longer mislabeled as Email Servers). [9.5.3463]
- Content Center Cards improving to make layouts more uniform across the platform. [9.5.3473]
- Purger utility has improved warning labels, explaining what the utility will and will not do. Use caution with the Purger utility. [9.5.3501]
- Address Books browsing now displays only relevant columns, instead of all columns. [9.5.3511]
- Warning for blocklisted Landing Page domains and Email Address domains that are part of an active campaign. Use only non-blocklisted domains in your campaigns. [9.5.3491]
- Courses with grades of 100% are now consistently marked as having been passed. [9.5.3443]
- Content Center thumbnail image quality now improved. [9.5.3483]
What's New in June 14-17, 2019 Release
- New column, Last Send Attempt Error, added to Outbound Analysis. Refer to Outbound Analysis Metrics. [9.4.3433]
- Portable Media Campaigns: Landing Pages and Web Servers now display as cards in the Content Center, as they do for other campaign types. Refer to Creating and Generating a Portable Media Campaign. [9.4.3423]
- Custom reporting now includes email address metadata, enabling you to have more than one address book field. Refer to How to Create Custom Reports. [9.4.3421]
- Updated click through End User License Agreement (EULA). [9.4.3391]
- Content Center: Content Groups card redesigned. Click a card to see information it contains, including email templates, email addresses, landing pages, and landing page URLs. [9.4.3371]
- Campaign Results Overview and Campaign Results Overview (MSWORD) duplicate row and percentage of users reporting email both resolved. [9.4.3411]
- Custom Reporting Summary Fields can now be sorted by user, based on Seq field fix. [9.4.3401]
- Campaign approval log issue with backslashes resolved. In the Campaign Management screen, individual log entries display on separate lines. [9.4.3381]
What's New in May 28, 2019 Release
- Can now export all Results charts to any of these formats: PNG, JPG, PDF, SVG, XLS. Refer to How to Export Data. Can download custom reports in CSV format. Refer to How to Create Custom Reports. [9.3.3341]
- Improved filters in the Content Center to help you find content. [9.3.3351]
What's New in May 6, 2019 Release
- Can now resend training materials to any user who has not completed training in a given Education Email Campaign. [9.2.3301]
- Exchange Button version 184.108.40.206 released to match up version numbers. No major changes. [9.2.3311]
- Quote Manager removed from product. [9.2.3321]
What's New in April 8, 2019 Release
- Address Books – Added Division field when importing a LDAP/Active Directory. The data is saved under Organization Level in the Address Book. [9.1.3273]
- Voice Application – Removed Recording Seconds field from the Voice Application Step form. [9.1.3261]
- Landing Pages – Enabled Login Form Password field by default. The Enable Login Form field must be selected if a login form is included on the landing page. [9.1.3293]
- Custom Reports – Allow administrators to edit invalid reports. [9.1.3283]
- Training Results – Fixed the number of questions answered correctly. [9.1.3263]
- CKEditor – Updated the rich text editor used on various screens within the PhishLine UI (e.g., customizing Email Templates). [9.1.3251]
What's New in February 25, 2019 Release
- Campaigns – Name and Approval Comments fields now editable in a locked campaign. [9.0.3152]
- Custom Reporting – Added Plan Name to the Cross Tabulation options list within Custom Reporting. [9.0.3142]
- Voice Application – Added Mask User Input feature to store data from a Voice campaign call as either readable or obfuscated. [9.0.3132]
- Landing Pages – Plain text password removed. Renamed plain text password field Login Form Password to Login Form Text Field. Previously collected non-password data in the password field is now moved to Login Text Form Field Value in web analysis and web analysis detail. [9.0.3112]
- Exchange Button – Parse Send To text fields correctly in the Plugin Config interface. Text fields can now accept comma or semicolon delimiters. [9.0.3122]
- Training Results – Training calculations fixed. [9.0.03102]
What's New in February 5, 2019 Release
- Report Generator – Ensure all report objects created in each instance are correctly set up for use in reports. [9.0.3081]
Reporting – Display zero correctly on x-axis labels. If multiple types of data are on a single chart, y-axis does not display numerical values. If one data type, then formatted for that type. Might need to save chart again to update the stored definition. [8.9.3101]
API – Requests without a JSON body no longer display an error. [8.9.3091]
What's New in January 14, 2019 Release
- Exchange Button – Reversed button positions in OK/Cancel on Are You Sure? pop-up windows. [8.9.3052]
- Address Books – SFTP automation to upload CSV files is available. Larger files will take longer to process. [8.9.3042 DEV-429]
- Email Templates – Increased Name field to allow 128 characters. [8.9.3012]
- General – Added new Global setting for minimum password age policy. For details, refer to Global Settings. [8.9.2992]
- Content Groups – Display custom domain names correctly, without an extra
- Address Book – Remove extra leading and trailing spaces from Address Book Names. [8.9.3062]
- Campaign Manager – When a campaign is copied, campaign statistics cleared out and reset to 0. When a campaign with test data moves to a different stage, test data is cleared out to keep statistics accurate. [8.9.3032 DEV-314]
- Address Book – Require a Address Book type selection (LDAP or File Upload) for a new Address Book configuration. [8.9.3022 DEV-437]
- Email Templates – Correctly set Urgent flag on email templates. [8.9.3002]
What's New in December 21, 2018 Release
- User Management – Automatically purge administrative user activity logs to comply with GDPR requirements. [8.9.2982]
- Domain Authorization – Added an option in the Domain Authorization Application to ignore unauthorized domains when sending out campaign emails. Refer to Domain Authorization. [8.9.2972]
What's New in December 3, 2018 Release
- Address Books – Added LDAP/AD Configuration Manager, allowing integration between your LDAP or Active Directory service and Barracuda PhishLine. After it is configured, you can directly import a new address book. [8.9.2953]
- General – Added support for multi-factor authentication (MFA) through email and SMS, in addition to voice. You can change the multi-factor authentication method in the System menu under User Manager. [8.9.2943]
What's New in November 7, 2018 Release
Outbound Analysis – Charts updated to display data in the same time zone in which the corresponding campaign was scheduled. [8.9.2942]
Reporting – For Voice Phishing Applications, changed terminology in interface from IVR to Voice, Voice App, or Voice Application where applicable. [8.9.2922]
- Campaigns – Improved Landing Page error checking for Voice, Email, and SMS campaigns. [ 8.9.2932]
What's New in October 15, 2018 Release
- Benchmark Reports – Added Login Activity chart. [8.9.2902]
- Web Activity Analysis – User Login automatically populates in this report. [8.9.2882]
- Outbound Analysis – Added reporting filters to create Voice Application data charts and tables in Outbound Analysis Custom Reporting. Refer to Outbound Analysis. [8.9.2872]
- Campaign Manager – Web servers added to Campaign or Content Groups landing pages now indicate if the domain exists in Barracuda's SSL certificate in the Web Server Host Domain list. [8.9.2861]
- Outbound Analysis – Fixed Emails Sent/Scheduled by Day-of-Week chart. [8.9.2892]
- Button Configuration Manager – For buttons deprecated in a newer release, button selection is still retained and (deprecated) notice is added. [8.9.2862]
What's New in October 8, 2018 Release
- Educational Content and Survey/Content Delivery Network allow listing – Static multimedia content delivered using your closest CDN server. See Email Allow List and Best Practices for details.
What's New in September 25, 2018 Release
- Email Templates – Added Send as Urgent option to email templates, enabling an email to be sent as High Importance. [8.9.2833]
- Exchange Button – Included a pop-up message notification window in version 220.127.116.11. Valid for Exchange versions 2013 and newer. [8.9.2823]
What's New in September 24, 2018 Release
- Campaign – Enhanced delivery status processing allowing each instance to process and update the delivery status of outbound mail more quickly. [ 8.9.2813]
What's New in September 23, 2018 Release
- Security – Your PhishLine account is locked, instead of deactivated, after 5 unsuccessful login attempts. An email is sent to the email address associated with your account with instructions on how to unlock your account. [ 8.9.2803]
What's New in September 4, 2018 Release
- Campaign – After 30 days, campaigns are locked in read-only mode and statistics are not updated. The only editable fields are Description, Plan, Category, and Hide Campaign Results. [8.9.2793]
- Campaign Manager – Fixes to voice and SMS campaigns.
- The second web server added to the UI is now being used.
- Check for a valid voice application ID added during scheduling.
- Uploaded audio file displays correctly.
- Removed redundant API calls to the SMS provider.
|Corrected an issue where Campaign Type was not aligning with Campaign Intent if Campaign Intent was changed more than once. Campaign Type should now always align with Campaign Intent.|
- Maximum User Inactivity Period – A new option is available in Global Settings called Maximum User Inactivity Period. This field allows you to set a maximum number a days a user can remain inactive (not log in) before being deactivated automatically by our system. By default this feature is not enabled.
- Delete an Individual Email Address - We've added the ability to delete individual email addresses that have not already been included as part of a campaign. Email addresses that have been included as part of a campaign may be disabled but not deleted.
- Additional Fields in User Manager - We've added the ability to store Manager Name and Manager Email Address for individual users in User Manager.
- Default Active States – New User Accounts, Email Addresses, and Email Server Accounts are now set to 'active' by default.
- Training Results - Improvements have been made to how we records training results in an effort to prevent bugs when users double click training links.
- Password Expiration – Improvements have been made to the code which forces passwords to expire. We’ve also included better wording in the UI to inform users that passwords for user accounts with MFA enabled will not expire. This may change prior to production release.
- Git Migration – Completed research and partial migration to Git.
- Data Storage – Research has been partially completed on how to store a full body of foreign characters in our database. Implementation of research is expected to be worked on next sprint.
- Speed Optimization in Dropdowns – Improvements have been made to the way large dropdown content is allowed to load on screen which results in improved load time.
DEV-1459, DEV-1464, DEV-1460, DEV-1469, DEV-1457
- Removed Address Book Limit – The limit on address books has been removed from Campaigns, which should provide better workflow for the MSP team.