#ThreatDigest: Discussing RTF Template Injection: A Malicious New Technique

If you asked for M&M’s and received Skittles, you might pop a few in your mouth, but it won’t take long to realize something’s off.This is exactly what’s happening with RTF files: Instead of the intended attachment, unaware companies are delivering these files and realizing later that they were actually malicious.On this episode of Protecting People, hosts Selena Larson and Crista Giering chat with Michael Raggi, Senior Threat Research Engineer at Proofpoint, about RTF files, template injection, and campaigns using the technique in an effort to make sure customers aren’t being surprised with “Skittles.”Join us as we discuss:The importance of template injectionCampaigns using the techniqueWidespread adoption of the RTF injectionMitigating and monitoring the technique  Resource mentioned:https://www.proofpoint.com/us/blog/threat-insight/injection-new-black-novel-rtf-template-inject-technique-poised-widespread  https://www.youtube.com/watch?v=bqyOtkibGro&feature=youtu.behttps://twitter.com/sansforensics/status/1470901574717382663For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.