Learn about the WebP zero-day vulnerability threatening versions of Google Chrome as well as other OS and applications, as well as how to stop it.
In this blog, we break down the .NET Loader of XWorm 4, looking at some of the key differences of previous versions, including it's modular nature, ability to monitor systems, and execute on the disk, memory, and shell levels.
Learn how to uncover and address recent attacks leveraging XWorm4. The Todyl Detection Engineering team deobfuscated the four files involved in the initial stages of the attack to drill into how to defend against it.
Learn about the recent spyboy Terminator software attack vector and how Todyl's Endpoint Security and MXDR modules help prevent it from carrying out on your systems.
In this blog, we cover how the 3CX supply chain attack originated from an earlier supply chain attack performed on Trading Technologies Inc.
Todyl is actively tracking a malicious actor campaign targeting users of the 3CX softphone telephony platform. Learn more about the campaign in our blog.
On February 3rd, 2023, Todyl's MXDR observed threat actors using OneNote to deploy Qbot. This blog explores what the attack chain looks like and the key takeaways for businesses.
CISA, the NSA, and MS-ISAC released a joint advisory warning organizations that threat actors are using legitimate RMM tools to control victim machines after initial compromise. Get the key takeaways here.
On November 17, 2022 Todyl’s MXDR team observed new infections from a campaign that included the IcedID Trojan. This new activity targets users in the US with IRS notifications and file names.
