Malware

Fileless Malware and its evolving ML-based detection, classification and prevention

The main approach for detection and prevention of malware is based upon the concept of file signatures. More specifically, the anti-virus (AV) solutions are scanning the system’s storage devices and hash files at process/creation time. They then compare each of these hashes with their respective curated database which contains signatures of known malware samples. If there is a match then the file is flagged as malicious and subsequent actions take place to contain it. But what could happen if there was some kind of malware that did not rely on a file to accomplish its mission?

Continue reading

Click fix: a new weapon in cyber attacks

A new and particularly dangerous technique, called ClickFix, is at the center of ESET’s latest Threat Report for the first half of 2025. Its activity increased by 500%, now ranking second among the most widespread cyberattack vectors, second only to phishing. ClickFix operates in a deceptive way, displaying fake errors that prompt victims to execute malicious commands on their devices. Alarmingly, it targets all major operating systems — Windows, Linux, and macOS — and is used to spread ransomware, infostealers, trojans, and even state-sponsored malware.

Continue reading

Cybersecurity & the Domino effect

A cyberattack is rarely caused by one big thing, but more often a combination of many little things. We see it all the time in disaster documentary film, how even the tiniest little detail can start a chain reaction with devastating results. A chain reaction that could have been stopped if even just one of the Dominos in the line were missing.

Take documentary film about plane crashes for example. We know flying is safe, we know how high the security priority is. In the events of a crash, we hear of all the frustratedly many small errors and we are left wondering how so many things have been overlooked.

Continue reading

Dangerous malware in Greece

The last report from Check Point Research, in August 2024, reveals the most recent data on the most prevalent cyberthreats in a global scale but also in Greece. Qbot software was the main threat in Greece, affecting 12.77% of the organisations. FakeUpdates was second, which affected 10.21% of the Greek organisations, while Androgyh0st reached 3.62%. A number of other significant threats include Tofsee (3.19%), Njrat (2,34%), Joker (1,91%), SnakeKeylogger (1,70%) and AsyncRat, which recorded a percentage of 1,70% both in Greece and globally.

Continue reading