ICS phishing: Stopping a surge of malicious calendar invites

Sublime's Attack Spotlight series highlights the increasing threat of ICS phishing attacks, which exploit calendar invitations to bypass security measures in email providers like Microsoft 365 and Google Workspace. These attacks leverage the automatic addition of calendar events, creating a dual threat by embedding malicious content both in emails and calendar entries. Despite traditional email security efforts, malicious calendar entries often remain, posing a unique challenge. Sublime addresses this by offering functionality that automatically removes harmful calendar invites, akin to its email threat prevention. The series provides real-world examples, detailing how attackers use tactics such as QR codes, brand impersonation, and urgent messaging to deceive targets. Sublime's AI-powered detection engine, including the Autonomous Security Analyst, identifies these threats using various signals, including manipulative language and suspicious attachments. The text also offers guidance on securing Google calendars against "silent" invitations and promotes Sublime's ongoing efforts to inform about the evolving email threat landscape through demos and podcasts.