Abusing Internet Calendaring and Scheduling (iCal)
The Basics The research below was conducted by Eric Gonzalez (@elbori) and Dan Lussier (@dansec_) with a special shout out to Sam Ferguson (@AffineSecurity). All content is for educational purposes and focuses on all aspects (investigation, weaponizing, detection & mitigation). The focus of this article is about abusing iCal files (.ics extension) within Outlook. Note: This entire method will require user interaction, and you may not always be able to achieve this during a campaign, make sure whatever your campaign is builds trust with the targets....