topic AnyDesk is identified as malware by Cortex XDR in General Topics https://live.paloaltonetworks.com/t5/general-topics/anydesk-is-identified-as-malware-by-cortex-xdr/m-p/574902#M115520 <P>Hi Community,&nbsp;</P> <P>&nbsp;</P> <P>Any Desk.exe installed in Endpoint has been identified as malware. What can be done here?&nbsp;<BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="NDeshappriya1_0-1706610568844.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/56956i7C49EFB151C63B0F/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="NDeshappriya1_0-1706610568844.png" alt="NDeshappriya1_0-1706610568844.png" /></span></P> <P>&nbsp;</P> Tue, 30 Jan 2024 10:29:45 GMT NDeshappriya1 2024-01-30T10:29:45Z AnyDesk is identified as malware by Cortex XDR https://live.paloaltonetworks.com/t5/general-topics/anydesk-is-identified-as-malware-by-cortex-xdr/m-p/574902#M115520 <P>Hi Community,&nbsp;</P> <P>&nbsp;</P> <P>Any Desk.exe installed in Endpoint has been identified as malware. What can be done here?&nbsp;<BR /><BR /></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="NDeshappriya1_0-1706610568844.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/56956i7C49EFB151C63B0F/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="NDeshappriya1_0-1706610568844.png" alt="NDeshappriya1_0-1706610568844.png" /></span></P> <P>&nbsp;</P> Tue, 30 Jan 2024 10:29:45 GMT https://live.paloaltonetworks.com/t5/general-topics/anydesk-is-identified-as-malware-by-cortex-xdr/m-p/574902#M115520 NDeshappriya1 2024-01-30T10:29:45Z Re: AnyDesk is identified as malware by Cortex XDR https://live.paloaltonetworks.com/t5/general-topics/anydesk-is-identified-as-malware-by-cortex-xdr/m-p/574908#M115521 <P>Hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/316921">@NDeshappriya1</a> ,</P> <P>&nbsp;</P> <P>You could configure an app-overide or a threat exception but these are just workarounds to the issue and not an actual fix.</P> <P>&nbsp;</P> <P>If this is a false positive alert then the signature should be updated with a content update.&nbsp; I'd recommend grabbing the PCAP from the alert and submit it to TAC for review.</P> <P>&nbsp;</P> <P>Kind regards,</P> <P>-Kim.</P> Tue, 30 Jan 2024 10:41:17 GMT https://live.paloaltonetworks.com/t5/general-topics/anydesk-is-identified-as-malware-by-cortex-xdr/m-p/574908#M115521 kiwi 2024-01-30T10:41:17Z