North Korean state-sponsored hackers, known as APT37 or ScarCruft, are leveraging malicious ZIP files in phishing emails to start multi-stage cyber attacks. The malicious files, disguised as North Korean documents or trade agreements, use scripts and batch files to deploy the RokRat remote access Trojan, which gathers system information that is then sent to command-and-control servers via popular cloud services. The malware can also execute remote commands for data exfiltration, system reconnaissance, and process termination.
Health leaders need AI know-how to avoid cyberattacks
Etay Maor, chief security strategist at Cato Networks, emphasized the risks of AI in healthcare during HISMS25 in Las Vegas. He warned about potential vulnerabilities
