Hackers weaponizing calendar files as new attack vector bypassing traditional email defenses
A surge in attacks exploiting iCalendar (.ics) files as a sophisticated threat vector that bypasses traditional email security defenses. These attacks leverage the trusted, plain-text nature of calendar invitations to deliver credential phishing campaigns, malware payloads, and zero-day exploits.
Over the past year, calendar-based phishing has emerged as the third most common email social engineering vector, with a 59% bypass rate against Secure Email Gateways (SEGs) and affecting hundreds of organizations worldwide through campaigns delivering thousands of malicious invites.
The iCalendar format, standardized under RFC 5545, was designed as a text-based, universally interoperable standard for exchanging calendar and scheduling information across platforms, including Microsoft Outlook, Google Calendar, and Apple iCal. This simplicity, while enabling seamless integration, creates exploitable attack surfaces that security solutions struggle to monitor effectively.
Read more at Cyber Security News