A new, Exclude option is added to the BI Reports > Filter Panel:

If enable, this option will allow you to exclude a filter from the report. In the above example, the employee, admin@desktop-qqem6kq will not be included in the report. Note that, you can only exclude Common Filters (e.g., Employee, Department, Computer, Task) at the moment.

A new rule criterion, Running elevated is added under Activity Rules > Applications. This will allow you to detect any application that's launched with elevated permission using Windows User Control (UAC):

An app is usually run as elevated when you launch it from the Windows Start menu while holding down the SHIFT+CTRL keys. Or, when you run it from Windows Explorer with the right-click and then select the Run as administrator option:

This new rule feature will enhance the security of your system as software that usually requires admin permission might make changes to your system. It can also help you mitigate the impact of malware and prevent unauthorized privilege escalation, etc.

A new, ACTIVE POLICIES button was added to the Employees > Employee's screen. When you click the button you will be able to see all active policies and rules applied to the user:

Please note that:

A new option, SEND INSTANCE HOSTNAME is added to the Settings > SMTP screen.

The option is disabled by default but could be enabled to send the hostname of the client to identify it to the server. It might be useful in fixing email relay related issues on clients like Gmail.

Support for the Applications Activity-based rules are now available.

You can create a Applications rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

Here are a few things to note:

Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Applications section to learn more.

Agent support for the Keystrokes Activity-based rules are now available.

You can create a Keystrokes rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

Here are a few things to note:

Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Keystrokes section to learn more.

Support for the Printing Activity-based rules are now available.

You can create a Printing rule by clicking the the ADD RULE FOR THIS POLICY button on the Behavior > Policies screen:

Here are a few things to note:

Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Printing section to learn more.

You can now enable/disable auto-update of the Agent from its configuration file (usually located at this location: /usr/local/teramind/agent/etc/agent.conf).

To prevent auto-update of the Agent, add this line in the agent.conf file:

To enable the auto-update, use this line instead:

The new GET request agent/me API call will now return information about the loggedUser. A readOnly property will return all the features in an array with all possible permissions, what this user can do and which pages they can see:

The new API call will be:

And, it should return the following JSON output:

Where:

name = name of the instance

type = onprem or cloud, depending whether the instance is cloud or prem

The Agent will capture file hash (MD5 and SHA256) and file type info (based on first bytes) for all uploaded/downloaded files (e.g., uploads on Skype, email attachments, etc.).

This info will be collected for uploads/downloads when the Monitoring Settings > Websites is turned on.

The Grid widgets on the BI Reports are now APG/WPI Grid compliant. This means, they will now support keyboard navigation and aria-sort:

This will create a more accessible web experiences for users of assistive technologies.

We have increased the timeout vale for the report export from 30 seconds to 300 seconds so that larger reports will have enough time to finish exporting.

The Online Employees widget on the Dashboard now has a better graph, with gray bars behind each column. This would make it easier to visualize the Activity % of each employee:

The Agent now stores a copy of the Behavior Policies and Rules locally to speed up their processing and better offline enforcement.

We have updated the Export to CSV feature on the CONFIGURE > Access Control screen so that an attacker cannot exploit it to inject malicious SQL codes:

Our remote Redis server(s) are now protected with better authentication methods to avoid any exploits by an attacker.

We have limited the number of email addresses that can be entered in the Notify action to 15:

This limit will be applicable to both the Behavior Rules and the Anomaly Rules.

We have made some improvements to the messages used in Rule Actions such as Block/Warn so that a potential attacker cannot use any unwanted tags or attributes in the messages or inject cross-site script/XSS payloads.

We have made some improvements to how caching is handled so that a potential attacker cannot use API calls like /password/reset to steal password reset tokens or other sensitive tokens or use an unauthenticated HTTP request to takeover a user's account.

We have added a rate limit so that calls like the /tm-api/send-schedule or send-instructions cannot be used in an attack to slow down the email server or other types of exploits.

We have made some improvements to how nodes are created so that a potential attacker cannot use API calls like /site/nodes/add to add nodes (e.g., terasrv, elastic, teracv, etc.) and approve it with an unauthenticated request.

We have made some changes to the authentication system so that it wouldn't be possible for a potential attacker to obtain a QR code or secret code after the 2FA is set.

You might have seen a notification like the one below:

The bug causing this message is fixed now.

You might have noticed that when trying to use the Export > Schedule Export option on the BI Reports, the export fails and the dashboard shows the error message, MESSAGES.INCREMENT_LIMIT:

The bug is fixed now.

The tooltips for any of the Graph columns (e.g., Applications & Websites: Active/Idle Time Graph, Input Rate: Activity (%) Graph, Work Time: Active / Idle Time Graph) would show "[object Object]" instead of the actual help text:

The bug is fixed now.

The graph on the Timeline widget (e.g., on the Console Commands) would plot the Y-axis incorrectly:

The bug is fixed now.

Due to a bug, if you created a Activity rule and used both the Active Time and Idle Time criteria in a condition, the rule wouldn't trigger:

The bug is fixed now.

If you created a Activity rule for IM: Slack, it would trigger when the user closed and reopened Slack (desktop app/web version). It would also trigger, if the user restarted the service then reopened the app/browser:

The bug is fixed now.

Due to a bug, Special Key Typed condition on a Keystrokes-based Activity containing whitespace (except for <Alt+Space>) wouldn't work properly:

The whitespaces aren't also captured properly on the BI Report, Monitoring Report, etc.:

The bug is fixed now.

Files-based Activity rules such as the example below wouldn't trigger for Google Drive Desktop:

The bug is fixed now.

Block action for Email-based Activity rules such as the example below wouldn't work properly. The warning message is shown, but the email wouldn't be blocked from sending:

The bug is fixed now.

Due to a bug in the file extraction logic, Files-based Activity rules such as the example below wouldn't work properly for Box drives:

The bug is fixed now.

The Delete and Disable Monitoring actions on the Employees wouldn't work as expected. The user would still show as online:

The bug is fixed now.

A bug caused the Employees > Employee's Page > Activity Log screen to show multiple line items for a single activity:

In the above example, the user actually opened Notepad once then started a movie. However, the Notepad event was captured multiple times.

The bug is fixed now.

You might have noticed that when trying to upload a CSV file it would fail with an error 504.

The bug is fixed now.

You might have noticed that when trying to upload a CSV file greater than 1 GB, it fails and the dashboard shows the error message, Invalid arguments: csrf_token_error:

The bug is fixed now.

The Daily Export tab on Employees/Computer screen wouldn't behave as expected. When enabling Daily Export on one employee/computer it enables the tab for all employees/computers:

The bug is fixed now.

Clicking on the Online Count column on the Computers would sort the column as expected. But any subsequent clicks wouldn't do anything:

The bug is fixed now.

You might have noticed that in some cases, when creating a new Template from the CONFIGURE > Schedules > Templates tab, dates on all the templates are shifted:

The bug is fixed now.

Recently, you might have noticed that any kind of Report Export would get stuck in the queue. The dashboard wouldn't show any error but it wouldn't let you download the reports either. If you took a look at the Teramind log, it might show something like this:

A bug in our report processor caused this behavior which is fixed now.

Due to a bug in the video processing system, exported MP4 videos would show artifacts such as yellow hue:

A bug is fixed now.

Due to a bug, The Agent would sometimes block USB peripherals (e.g., hub, webcam, mouse, etc.) connected to computer. This is fixed now.

Updating the WSS Port setting on the Monitoring Settings > Websites wouldn't update the Agent in 2 minutes:

The bug is fixed now.

We fixed some minor string parsing issues with the CEF format used by some SIEM integrations.

The Windows hidden agent download link on the “email download instructions” email was broken:

The link is fixed now.

Sometimes, the Revealed Agent would crash after you finish hosting a meeting on Zoom. The bug is fixed now.

This is a minor bug fix, where the Stay logged option on the Revealed/Visible Agent is now called Stay logged in.

Sometimes you might have noticed that the Stay logged in setting on the Revealed/Visible Agent isn't always persistent:

The bug is actually a temporary one and shows up on mostly slower connections for 1-3 seconds before the application logs in.

The bug is fixed now.

On an M1 Mac, macOS Monterey, Revealed Agent version 230 would crash with the following error message when the user clicked the Start and then the Stop button repeatedly:

The bug is fixed now.

Due to a bug, Teramind Stealth/Hidden Agent on Mac would calculate session time for an inactive user if the user switched between two accounts on their computer (without first logging out from the first account).

This might happen in the following specific scenario:

This bug is fixed now.

If you used the CUSTOM USER ALERT HTML option on the Settings > Alerts screen to create a HTML alert template and then used the USE HTML TEMPLATE option with a rule's Warn/Block action, the alert would be shown incorrectly to the user:

The bug is fixed now so that the HTML alert messages are rendered with the correct tags and elements.

This was similar to the above bug. In this case, the users weren't being monitored if they switched from one account to another account on their computer (without first logging out from the first account).

This might happen in the following specific scenario:

This bug is fixed now.

Emails still captured even when the monitoring is disabled for certain day(s) using the Scheduler on the Monitoring Settings > Emails:

The potential security flaw is fixed now.

Due to a bug, password recovery for emails containing upper cases (e.g., [email protected]) wouldn't work. The user would get the recovery email but they wouldn't be able to reset the password and the dashboard would show an “email not found” error message.

The bug is fixed now.