09/07/2021 BullPhish ID Release Notes v2.33

This release of BullPhish ID comprises of a few documentation update, a few enhancements and a few bug fixes.

Documentation Update:

  • Guides & FAQ: 
    1. Microsoft has recently introduced a new Advanced Delivery capability for the configuration of third-party phishing simulation campaigns.

      IMPORTANT: This new Microsoft functionality is limiting the number of allowed whitelisted phishing simulation domains to ten. Please make sure that you whitelist the sending domains that are being used by your campaigns.

      To help you to configure the delivery of BullPhish ID campaigns through Microsoft 365 Defender, we have published the “Microsoft 365 Defender Third Party Phishing Simulation Configuration Guide Version 4.1” in the month of August. It is located in the Guides & FAQ section of the BullPhish ID portal.

    2. Users can now access the Active Sending Domains CSV file. Active Sending Domains CSV file will contain all unique domains that will be used for sending emails to the target users for each SMB organization. Sending Domain will not be included in this CSV file if the campaign was canceled or ended. 
      1. Login to BullPhish ID.
      2. Go to the Guides and FAQ section.

        mceclip0.png

      3. Click download on the Active Domain document.
        MicrosoftTeams-image__2_.png

Feature:

  • Phishing Simulation: Users can now see the Sending Domain while creating a new Phishing Simulation Campaign.
    1. Login to BullPhish ID.
    2. Under Phishing Simulation, click create Phishing Campaign.

      mceclip1.png

    3. Select any associate organization for the New Campaign.

      tempsnip.png

    4. On the left side of my Kits section, you can see all the available Sending Domains.

      MicrosoftTeams-image__1_.png

Bugs Fixed

1. The vulnerability on getting organizations via an API endpoint has been fixed now.

2. Training Portal:

  • The issue with setting Password Strategies for child organizations has been fixed now.

3. Phishing and Training Module: Vulnerability on access BPID system without proper permissions and user organization subscriptions have been fixed now.

4. XSS vulnerability is now fixed on BullPhish ID. 

 

 

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us