When most people think about cyberattacks, they picture a sudden breach — an email hack, stolen credit card numbers, or a ransomware note popping up on a screen. But in reality, many attacks leave behind digital clues long before they strike. That’s where threat maps come in. These interactive tools show where attacks are happening around the world in real time, giving cybersecurity experts a bird’s-eye view of the global threat landscape.
The main approach for detection and prevention of malware is based upon the concept of file signatures. More specifically, the anti-virus (AV) solutions are scanning the system’s storage devices and hash files at process/creation time. They then compare each of these hashes with their respective curated database which contains signatures of known malware samples. If there is a match then the file is flagged as malicious and subsequent actions take place to contain it. But what could happen if there was some kind of malware that did not rely on a file to accomplish its mission?
A new and particularly dangerous technique, called ClickFix, is at the center of ESET’s latest Threat Report for the first half of 2025. Its activity increased by 500%, now ranking second among the most widespread cyberattack vectors, second only to phishing. ClickFix operates in a deceptive way, displaying fake errors that prompt victims to execute malicious commands on their devices. Alarmingly, it targets all major operating systems — Windows, Linux, and macOS — and is used to spread ransomware, infostealers, trojans, and even state-sponsored malware.
The JMD 1689/2025 introduces some important obligations for Greek businesses and public entities in the cyber security field, by setting a new national frame for the protection of the digital infrastructures.
The outline
The new frame, that is relying on the 5160/2024 law, addresses some “basic” and “important” entities and includes technical, organisational and administrative actions for the managing of cyber threats. The “basic” entities are included in strictrer demands but every single one is obliged to comply.
The Hellenic Open University clarifies that this size represents an extremely small percentage, compared to the total volume of data that they maintain, and emphasizes that the investigation continues.
The HOU in Greece, has provided clarifications regarding the cyberattack it suffered last October, noting that the investigation on this incident is still ongoing. The cyberattack, which took place on October 25th, resulted in the HOU’s electronic systems being put out of operation.
In recent years, the digitalization of Public Administration has increasingly exposed the cybersecurity vulnerabilities of Italian municipalities. Hacker attacks are multiplying, targeting public offices and essential services, while institutions struggle to respond with new regulations and protective measures. However, the problems persist, and municipalities often find themselves unprepared in the face of increasingly sophisticated threats.
Rising Concern Over Cybersecurity in Municipalities
According to data from the National Cybersecurity Agency (ACN), in 2024 about 18% of cyberattacks targeted Public Administration, particularly affecting local authorities and healthcare centers. This alarming trend prompted the government to respond with legislative measures and security strategies.
Kaspersky has recently concluded an investigation into cyber-attacks targeting the industrial sector in Eastern Europe. The investigation has revealed the employment of advanced tactics, techniques, and procedures (TTPs) by threat actors to compromise industrial organizations in the region. Industries such as manufacturing, industrial control system (ICS) engineering and integration have been particularly affected, emphasizing the urgent need for enhanced cybersecurity preparedness.
According to the research a series of targeted attacks was revealed, aiming at data -breach through the creation of a channel with similarities to cases previously reported, such as ExCone, and DexCone, a fact that clearly manifests the participation of APT31 (also known as Judgement Panda and Zirconium).
Five years ago the security of the digital infrastructures of the organisations was not even an object of discussion. Most though of security as a store room with a lock on the outside, a back-up external drive, that usually remained connected on the server, and an antivirus that in most of the cases was a free one.
It comes without saying that file sharing policies, back-up check in portable devices, active directory, firewall, certified connection of the users in the internet, GDPR, website access restrictions and in everything that we today consider digital security. All of the above though, change for the best in the past few years. The Covid era was a milestone in this process as the safe remote access to the information systems became a non-negotiable necessity.
Five years ago the security of the digital infrastructures of the organisations was not even an object of discussion. Most though of security as a store room with a lock on the outside, a back-up external drive, that usually remained connected on the server, and an antivirus that in most of the cases was a free one.
It comes without saying that file sharing policies, back-up check in portable devices, active directory, firewall, certified connection of the users in the internet, GDPR, website access restrictions and in everything that we today consider digital security. All of the above though, change for the best in the past few years. The Covid era was a milestone in this process as the safe remote access to the information systems became a non-negotiable necessity.
