As researchers continue to block new attack vectors, actors behind Agent Tesla malware have been found launching new variants designed to infect Microsoft Antimalware Scan Interface (AMSI) itself.

Threat actors continue to upgrade their attack arsenal. Now, researchers reported a cyberespionage campaign using the new LodaRAT to spy on Android and Windows users in Bangladesh.

An Iranian APT masquerading as the Ministry of Foreign Affairs of Kuwait and the UAE National Council is using a remote management tool called ConnectWise Control in a cyberespionage campaign.

By the time law enforcement intervened, Emotet had infected more than 1.6 million machines and caused hundreds of millions of dollars in damage.

The vulnerability in Chess.com’s API could have been exploited to access any account on the site. It could also be used to gain full access to the site through its admin panel.

The expose included live details such as location, whether the microphone was active, and the name of the WiFi network that the camera is connected to, along with information about the webcam owner such as email addresses.

The Internal Revenue Service (IRS) has warned US tax professionals of identity thieves actively targeting them in a series of phishing attacks attempting to steal Electronic Filing Identification Numbers (EFINs).

The researchers also discovered that botnets and attackers behind malware and phishing email attacks are relying on “fast-churning campaigns” where the same template will hit an average of no more than 1,000 potential victims.

In a blog post, the Redmond company said it detected roughly 140,000 web shells per month between August 2020 and January 2021, up from the 77,000 average it reported last year.

Bazar is a backdoor Trojan designed to target a device, collect sensitive information, control the system via commands, and deliver malware. Last year, it was observed delivering the TrickBot malware.