Product

Thunderbird

4 briefs RSS

Multiple Vulnerabilities in Mozilla Thunderbird Allow for Remote Code Execution and Data Breach

Multiple vulnerabilities in Mozilla Thunderbird prior to versions 150.0.1 and Thunderbird ESR prior to 140.10.1 could allow a remote attacker to achieve arbitrary code execution, data confidentiality breach, and security policy bypass.

Thunderbird ESR +1 vulnerability rce databreach securitybypass

2r 4t 5c 20h ago

high advisory

Unusual Process Loading Mozilla NSS/Mozglue Module

2 rules 1 TTP

Detection of processes loading Mozilla NSS/Mozglue libraries (mozglue.dll, nss3.dll) outside of known Mozilla applications, potentially indicating malware or unauthorized activity.

Firefox +9 defense-evasion anomaly windows

2r 1t Jan 3, 2024

medium advisory

Potential Masquerading as Communication Apps

2 rules 3 TTPs

Attackers may attempt to evade defenses by masquerading malicious processes as legitimate communication applications such as Slack, WebEx, Teams, Discord, RocketChat, Mattermost, WhatsApp, Zoom, Outlook and Thunderbird.

Slack +9 defense-evasion masquerading windows

2r 3t Jan 3, 2024

medium advisory

Masquerading Business Application Installers

2 rules 4 TTPs

Attackers masquerade malicious executables as legitimate business application installers to trick users into downloading and executing malware, leveraging defense evasion and initial access techniques.

Elastic Defend +22 masquerading defense-evasion initial-access malware windows

2r 4t Jan 2, 2024