// 01Executive summary
Public administration entities face immediate threats from state-nexus intrusion sets, cybercrime operators, and hacktivists, primarily involving data-related threats and ransomware. Recent incidents highlight state-sponsored espionage by groups like APT31 and APT28 targeting government bodies, necessitating heightened vigilance. Organizations should prioritize implementing recommendations for DDoS, data protection, and ransomware defenses to enhance their resilience. Immediate focus must be on strengthening perimeter defenses, improving detection capabilities for known adversary tactics, and enhancing incident response readiness.
// 02Key metrics
// ttps
0
ATT&CK techniques
// iocs
122
indicators
// actors
2
threat groups
// kwords
10
keywords
// 03MITRE ATT&CK
// no techniques extracted
// 04Threat actors
// 05Indicators of compromise
// ips0
none
// domains14
- verbandsgemeinde-elbe-heide.html
- cyberaanval-legt-websites-van-meerdere-provincies-plat.html
- calvia-town-hall-cyberattack.html
- unternehmen.html
- earth-koshchei.html
- earth-krahang.html
- earth-lusca-uses-geopolitical-lure-to-target-taiwan.html
- 100474480.html
- cyberattaque.html
- mail.read
- sites.read.all
- 2fwww.ccinfo.nl
- tickets.astro.noa.gr
- enisa.europa.eu
// urls105
- https://creativecommons.org/licenses/by/4.0/
- https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:02022L2555-20221227&qid=1744178176020#anx_I
- https://ec.europa.eu/eurostat/statistics-
- https://www.enisa.europa.eu/publications/enisa-nis360-2024
- https://www.enisa.europa.eu/publications/enisa-
- https://www.enisa.europa.eu/topics/state-of-cybersecurity-in-the-eu/cybersecurity-policies/nis-directive-2
- https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32019R0881&from=EN
- https://www.enisa.europa.eu/publications/enisa-threat-landscape-methodology
- https://www.valdereuil.fr/actualites/cyberattaque-sur-les-serveurs-de-la-mairie-la-ville-prend-des-mesures-pour-
- https://www.elbe-heide.de/news/1/987561/nachrichten/eingeschr%C3%A4nkte-erreichbarkeit-der-verwaltung-der-
- https://www.unionesarda.it/news-sardegna/sassari-provincia/attacco-hacker-al-comune-di-sorso-sistema-informatico-
- https://www.nu.nl/tech/6306531/cyberaanval-legt-websites-van-meerdere-provincies-plat.html
- https://www.vid.gov.lv/lv/jaunums/informacija-wwwvidgovlv-lietotajiem-arvalstis
- https://t.me/noname05716/6369
- https://www.postimees.ee/7951529/kehra-elanike-andmed-lekkisid-veebi
- https://www.majorcadailybulletin.com/news/local/2024/03/04/122359/calvia-town-hall-cyberattack.html
- https://vpt.lrv.lt/lt/naujienos-3/del-kibernetiniu-ataku-cvp-is-butina-skubiai-pasikeisti-savo-slaptazodzius-due-to-cyber-
- https://www.csoonline.com/article/3495448/phishing-attackedeutschlandweiter-hackerangriff-auf-ihk-
- https://stormwall.network/resources/blog/ddos-attack-statistics-2024
- https://t.me/noname05716/5592
- https://t.me/noname05716/5606
- https://t.me/noname05716/5616
- https://t.me/noname05716/5629
- https://t.me/privetOTof222/137
- https://t.me/h0lyleague/13
- https://t.me/CyberArmyofRussia_Reborn/9017?single
- https://t.me/noname05716/8444
- https://t.me/CyberArmyofRussia_Reborn/8897
- https://therecord.media/spain-arrest-noname-russia-hackers
- https://t.me/noname05716/7655
- https://t.me/noname05716engver/769
- https://t.me/cyber_wolff/631
- https://t.me/hack_n3t/420
- https://t.me/noname05716/7038
- https://t.me/noname05716eng/3204
- https://www.lanbide.euskadi.eus/noticia/-/noticia/2024/
- https://www.postimees.ee/7951529/kehra-elanike-andmed-lekkisid
- https://www.secnews.gr/566008/webmail-elliniki-astinomia-dark-web/
- https://www.security.nl/posting/862833/Gemeente+Almere+lekt+door++foutieve+printinstelling+gegevens+inwoners
- https://proton.me/pass/leaked-politicians-dark-web
- https://data.europa.eu/doi/10.2824/456263
- https://forbes.hu/tarsadalom/kibertamadas-honvedelem-freesz-ferenc/
- https://www.romania-insider.com/hackers-data-bucharest-citizens-sale-nov-2024
- https://www.ouest-france.fr/societe/cyberattaque
- https://armyvoice.gr/2024/11/kyvernoepithesi-eap-ston-aera-dedomena-stratiotikon/
- https://teo.gal/gl/actualidade/2024/o-concello-traballa-na-recuperacion-dos-seus-servizos-principais-tras-sufrir-o
- https://www.digi24.ro/stiri/actualitate/politica/atac-cibernetic-la-camera-deputatilor-buletinul-lui-ciolacu-a-ajuns-pe-
- https://www.cybermalveillance.gouv.fr/tous-nos-contenus/fiches-reflexes/rancongiciels-ransomwares
- https://www.ncsc.nl/ransomware/wat-te-doen-bij-een-ransomware-aanval
- https://www.bsi.bund.de/DE/Themen/Verbraucherinnen-und-Verbraucher/Cyber-Sicherheitslage/Methoden-der-Cyber-
- https://atwork.safeonweb.be/tools-resources/cyber-attacks-what-do
- https://www.kyberturvallisuuskeskus.fi/fi/ajankohtaista/mika-ihmeen-kiristyshaittaohjelma
- https://securityintelligence.com/x-force/itg05-leverages-malware-arsenal/
- https://harfanglab.io/insidethelab/compromised-routers-infrastructure-target-europe-caucasus/
- https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Analysen-und-
- https://www.wojsko-polskie.pl/woc/articles/aktualnosci-w/detecting-malicious-activity-against-microsoft-exchange-
- https://cert.pl/en/posts/2024/05/apt28-campaign/
- https://www.cert.ssi.gouv.fr/uploads/CERTFR-2024-CTI-006.pdf
- https://cert.gov.ua/article/6281076
- https://www.ic3.gov/CSA/2024/241010.pdf
- https://web-assets.esetstatic.com/wls/en/papers/threat-reports/eset-apt-activity-report-q2-2024-q3-2024.pdf
- https://mzv.gov.cz/jnp/en/issues_and_press/press_releases/statement_by_the_government_of_the_czech.html
- https://www.seznamzpravy.cz/clanek/domaci-kauzy-ministerstvo-zahranici-se-stalo-tercem-kyberspionu-cinske-vlady-
- https://cybule.cz/kyberneticke-utoky/unik-dat-i-soon-nabizi-vhled-do-kyberspionaznich-aktivit-ciny-mezi-obetmi-ceske-
- https://www.tgsoft.it/news/news_archivio.asp?id=1557&lang=eng
- https://www.svt.se/nyheter/inrikes/120-myndigheter-drabbade-av-it-attack-tiotusentals-anstallda
- https://www.laopiniondemurcia.es/municipios/2024/03/31/ayuntamiento-torre-pacheco-sufre-ciberataque-
- https://www.redhotcyber.com/post/in-vendita-laccesso-al-potale-della-protezione-civile-italiana/
- https://www.fnlondon.com/articles/it-sounds-like-me-even-though-its-not-me-deepfake-scams-put-city-firms-on-high-
- https://www.enisa.europa.eu/sites/default/files/2024-
- https://safeonweb.be/en/news/beware-investment-fraud-exploiting-deepfakes
- https://www.incibe.es/linea-de-ayuda-en-ciberseguridad/casos-reales/nuevo-metodo-de-fraude-usando-la-voz-de-un-
- https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Informationen-und-
- https://www.scmagazine.com/news/takedowns-spark-affiliate-bidding-war-among-ransomware-gangs
- https://almond.eu/wp-content/uploads/Almond-x-Amossys-8Base.pdf
- https://www.picussecurity.com/resource/blog/hunters-international-ransomware
- https://www.acronis.com/en-us/cyber-protection-center/posts/hunters-international-new-ransomware-based-on-hive-
- https://cybelangel.com/unmasking-noname05716/
- https://www.radware.com/blog/security/uncovering-the-hacktivist-cyberattacks-targeting-the-eu-election
- https://cyble.com/blog/hacktivist-groups-peoples-cyber-army-and-hacknet-launch-trial-ddos-attacks-on-french-
- https://cointelegraph.com/news/cyberattacks-target-french-government-websites-report
- https://t.me/CyberArmyofRussia_Reborn/8273
- https://t.me/CyberArmyofRussia_Reborn/8276
- https://kyivindependent.com/denmark-to-donate-all-its-artillery-to-ukraine-says-pm/
- https://www.radware.com/security/threat-advisories-and-attack-reports/pro-russian-hacktivists-target-organizations-
- https://therecord.media/austria-websites-ddos-incidents-pro-russia-hacktivists
- https://www.radware.com/blog/security/megamedusa-rippersec-public-web-ddos-attack-tool/
- https://t.me/noname05716/5661?single
- https://t.me/noname05716/5780
- https://t.me/noname05716/5804?single
- https://t.me/CyberVolk_K/227
- https://t.me/noname05716/5693
- https://www.enisa.europa.eu/sites/default/files/2025-
- https://www.francetravail.org/accueil/communiques/2024/france-travail-et-cap-emploi-victimes-dune-
- https://poliisi.fi/en/-/investigation-into-hacking-of-parliament-s-information-systems-has-been-ongoing
- https://www.gov.pl/web/baza-wiedzy/uwaga-csirt-nask-ostrzega---polskie-instytucje-rzadowe-celem-ataku-grupy-
- https://www.ed.nl/eindhoven/eindhoven-liet-bsn-gegevens-van-ruim-220-000-inwoners-
- https://www.cert.ssi.gouv.fr/cti/CERTFR-2024-CTI-006/
- https://www.noa.gr/en/news/news/urgent-notice-theft-of-personal-information-in-the-reservation-system-of-the-
- https://balticnews.com/government-websites-facing-intense-cyber-attacks/
- https://eng.lsm.lv/article/society/defense/20.08.2024-cyber-attacks-on-public-sector-websites-in-latvia-
- https://www.primariatm.ro/2024/08/26/atac-cibernetic
- https://www.dnsc.ro/vezi/document/press-release-v20240826-ransomware-cyber-attack-on-public-institutions-in-romania-
- https://hotnews.ro/atac-cibernetic-asupra-serverelor-primariei-timisoara-si-a-mai-multor-institutii-subordonate-unele-servicii-
- https://www.aivd.nl/documenten/publicaties/2025/05/27/aivd-en-mivd-onderkennen-nieuwe-russische-cyberactor
// sha2560
none
// md50
none
// emails0
none
// cves3
- CVE-2023-2339762
- CVE-2022-38028
- CVE-2024-20353
// 06Geographic coverage
// 07YARA rule
// Failed to generate YARA rule
// 08Keywords
{'keyword': '2024', 'score': 48.6483}
{'keyword': 'com', 'score': 38.1285}
{'keyword': 'eu', 'score': 36.0247}
{'keyword': 'enisa', 'score': 35.3933}
{'keyword': 'data', 'score': 30.9379}
{'keyword': 'public', 'score': 30.1263}
{'keyword': 'attacks', 'score': 27.5531}
{'keyword': 'threat', 'score': 26.592}
{'keyword': 'ransomware', 'score': 25.7741}
{'keyword': 'incidents', 'score': 23.2394}