I published the following diary on isc.sans.org: “Spam Delivered via .ICS Files“.
Yesterday, I received a few interesting emails in my honeypot. I set up catch-all email addresses for domains that are well known by spammers. I’m capturing emails and extracting MIME attachments for further analysis. Today, my honeypot received three ICS files. iCalendar is a file format used to exchange meeting information between users, mainly via email or a file sharing system… [Read more]