Threat Actors Exploit Calendar Subscriptions for Phishing and Malware Delivery
Infosecurity Magazine
Actively Exploited
Summary
BitSight research highlights a significant cybersecurity threat where threat actors exploit calendar subscriptions to deliver phishing links and malware via hijacked domains. This method poses a serious risk as it can lead to social engineering attacks, potentially compromising sensitive information and systems.
Impact
Calendar applications, email clients, and users of hijacked domains.
In the Wild
Yes
Timeline
Newly disclosed
Remediation
Users should be cautious about accepting calendar subscriptions from unknown sources and regularly review their calendar settings for any unauthorized subscriptions. Implementing email filtering and security awareness training can also mitigate risks.