32 min listen
#ThreatDigest: Discussing RTF Template Injection: A Malicious New Technique
#ThreatDigest: Discussing RTF Template Injection: A Malicious New Technique
ratings:
Length:
26 minutes
Released:
Dec 14, 2021
Format:
Podcast episode
Description
If you asked for M&M’s and received Skittles, you might pop a few in your mouth, but it won’t take long to realize something’s off.
This is exactly what’s happening with RTF files: Instead of the intended attachment, unaware companies are delivering these files and realizing later that they were actually malicious.
On this episode of Protecting People, hosts Selena Larson and Crista Giering chat with Michael Raggi, Senior Threat Research Engineer at Proofpoint, about RTF files, template injection, and campaigns using the technique in an effort to make sure customers aren’t being surprised with “Skittles.”
Join us as we discuss:
The importance of template injection
Campaigns using the technique
Widespread adoption of the RTF injection
Mitigating and monitoring the technique
Resource mentioned:
https://www.proofpoint.com/us/blog/threat-insight/injection-new-black-novel-rtf-template-inject-technique-poised-widespread
https://www.youtube.com/watch?v=bqyOtkibGro&feature=youtu.be
https://twitter.com/sansforensics/status/1470901574717382663
For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.
This is exactly what’s happening with RTF files: Instead of the intended attachment, unaware companies are delivering these files and realizing later that they were actually malicious.
On this episode of Protecting People, hosts Selena Larson and Crista Giering chat with Michael Raggi, Senior Threat Research Engineer at Proofpoint, about RTF files, template injection, and campaigns using the technique in an effort to make sure customers aren’t being surprised with “Skittles.”
Join us as we discuss:
The importance of template injection
Campaigns using the technique
Widespread adoption of the RTF injection
Mitigating and monitoring the technique
Resource mentioned:
https://www.proofpoint.com/us/blog/threat-insight/injection-new-black-novel-rtf-template-inject-technique-poised-widespread
https://www.youtube.com/watch?v=bqyOtkibGro&feature=youtu.be
https://twitter.com/sansforensics/status/1470901574717382663
For more episodes like this one, subscribe to us on Apple Podcasts, Spotify, and the Proofpoint website, or just search for Protecting People in your favorite podcast player.
Released:
Dec 14, 2021
Format:
Podcast episode
Titles in the series (100)
Exploring Vulnerability: Why Phishing Works: Just 61% of survey respondents knew what the definition of phishing was — and that was from a multiple-choice list. This response is a huge indication of the language gap between InfoSec and users, which speaks to the urgent need for security... by Protecting People