Warning As Google And Microsoft Calendar Hack Surge Confirmed

ByDavey Winder,

Senior Contributor.

Not all cybersecurity attacks involve unsupported operating systems, vulnerabilities without a patch, or password-stealing malware. Many, it has to be said, come under the remit of social engineering, exploiting human weaknesses alongside a little technical threat tomfoolery. The latest such warning has come from Sublime Security after it “observed a significant influx in phishing attacks” against users of Google Workspace and Microsoft 365 calendars. Here’s what you need to know and do.

It has been almost a year since I last reported about the threat surface that is, erm, your calendar. Yet that threat has not gone away, and Google and Microsoft users are now being warned of a surge in attacks that use calendar invites as a method to evade security solutions and deliver their undoubtedly dangerous payloads. A newly published report by Ahry Jeon, a product manager, and Brandon Murphy, a threat detection engineer, both working at Sublime Security, warns that “depending on the settings of the target’s calendar, even if the email message is automatically quarantined by an email security solution, the calendar entry often remains on the target’s calendar.”

Warning As Google And Microsoft Calendar Hack Surge Confirmed

Related reading

Warning Issued As Hackers Give Microsoft Windows The Finger: Report

New Microsoft Alert — Update Windows 10 And 11 Now, Attacks Underway

Act Now — Microsoft Issues Emergency Windows Update As Attacks Begin

All Microsoft Windows Users Warned As New Bot Attacks Confirmed

New Warning As Microsoft Windows Attacks Confirmed — No Fix Available

Update Microsoft Windows Server, 10 And 11 Now — Attacks Underway