Best Of

Hi,

I downloaded the Teamviewer client v. 14 and could not immediately reproduce your problem. Would it be possible for you to submit the false positive file (the exe that gives you trouble) for our labs at https://www.f-secure.com/en/web/labs_global/submit-a-sample.

    Maaret

Hi Carlos2285

To block/disable mobile phone via Device Control from PSB web portal, you need to block the following device classes.

Please add a device access rule as below, and let me know if it works:

Display name: Mobile Phone storage
HardwareID: USB\Class_FF
Access level: Blocked

Repeat this rule with the below mentioned device classes to block all smart phones:

HardwareID: USB\Class_00
HardwareID: USB\Class_08
HardwareID: USB\Class_02
HardwareID: USB\Class_EF

Hi Tamas,

As MonikaL shared, obtaining the file samples during the first stage would be the most efficient way to resolve a false positive case.

The binaries are required for us to debug how the false positive may occur in a particular file and then apply the necesary fixes, while keeping the protection on a good level to still detect valid malware samples.

In some cases, the samples may be publicly available or already in our backend. I would recommend whenever possible to provide at least the file hash (SHA1) when filing a false positive case, so that we can check if the sample is already available to us.

The PSB Management API documentation contains some examples on how to generate a report containing the detection details (including SHA1) programmatically:
https://help.f-secure.com/product.html?business/psb-rest-api/1.0.0/en/concept_216D5455656A49A38AA049D6C7B37427-1.0.0-en

For cases where the sample is not available to us (e.g. internally-developed software), there's an easy-to-use F-Secure tool available that we recommend to both Home and Corporate users to utilize in order to safely retrieve the quarantined files before submission.

The tool would have to be executed at the endpoint where the samples were quarantined, and its usage instructions are described here:
https://community.f-secure.com/t5/Common-topics/How-do-I-collect-quarantined/ta-p/78104

As PSB currently doesn't feature remote sample submission capabilities, I hope you find the above information useful for the time being.

Hi,

new release will be rolled out to all portals in next few days with folloging changes:

New features:

• Mobile devices can be searched by UDID.
• Added operating system build number to the computer device listing.

Fixed issues:

• Exported CSV report from infection tab does not include Computer name.
• If Server Security subscription is upgraded to Server Protection Premium, profile assignment option is not available for old Server Security 12.
• Portal UI displays "No Premium subscription" for Server Protection Premium products.
  
• Request fsdiag operations status handling fixed and no longer loses statuses.

PSB Team