Risky Bulletin Sponsored: Sublime can save a s**t tonne of time
8 snips
Nov 2, 2025 In this engaging discussion, Josh Kamdjou, Founder and CEO of Sublime Security, shares insights on the alarming rise of ICS phishing in calendar invites. He highlights how these attacks often bypass standard email gateways, making detection tricky. Josh delves into the objectives behind these attacks, from credential theft to commoditized phishing services, and emphasizes the need for using AI in defense strategies. He also announces an open-source tool for remediation, showcasing Sublime's commitment to enhancing email security and efficiency.
AI Snips
Chapters
Transcript
Episode notes
Calendar Invite Phishing Exploded
- ICS calendar-invite phishing has surged massively, up to 100x in volume recently.
- Josh Kamdjou links the spike to commoditization and easier attacker tooling rather than a single new actor.
Varied Attacks Delivered Via Calendar Invites
- Attack campaigns using calendar invites show varied intents like credential theft, callback phishing, and BEC.
- Josh describes seeing many traditional phishing types repurposed via calendar delivery mechanisms.
Calendars Bypass Traditional Email Gateways
- Calendar invites can bypass email gateways because invites may be added directly to calendars and not processed by inline email security.
- The calendar is an out-of-band surface requiring separate permissions for detection and remediation.