Learn how to uncover and address recent attacks leveraging XWorm4. The Todyl Detection Engineering team deobfuscated the four files involved in the initial stages of the attack to drill into how to defend against it.
Learn about the recent spyboy Terminator software attack vector and how Todyl's Endpoint Security and MXDR modules help prevent it from carrying out on your systems.
In this blog, we cover how the 3CX supply chain attack originated from an earlier supply chain attack performed on Trading Technologies Inc.
Todyl is actively tracking a malicious actor campaign targeting users of the 3CX softphone telephony platform. Learn more about the campaign in our blog.
On February 3rd, 2023, Todyl's MXDR observed threat actors using OneNote to deploy Qbot. This blog explores what the attack chain looks like and the key takeaways for businesses.
CISA, the NSA, and MS-ISAC released a joint advisory warning organizations that threat actors are using legitimate RMM tools to control victim machines after initial compromise. Get the key takeaways here.
On November 17, 2022 Todyl’s MXDR team observed new infections from a campaign that included the IcedID Trojan. This new activity targets users in the US with IRS notifications and file names.
In this blog, we provide background on LAPSUS$, a high-level overview of the Okta breach, and ways Todyl can help to detect and identify malicious activity.
On January 25, 2022, a Local Privilege Escalation Vulnerability was disclosed by Qualys. Todyl's Detection and Response Team implemented detection rules and is closely monitoring developments.
