Blog

Criminal networks are increasingly adaptive, spanning physical and digital domains and evading traditional detection methods. Fine-tuned LLMs help analysts detect hidden patterns and relationships in complex, high-volume data.

Ofcom and Protect Children published the "CSAM Perpetrator Research Report", which explores how perpetrators use and exploit digital platforms and services designs to view, host and distribute this type of content.

Dark web hacking forums play a significant role in the cybersecurity ecosystem, serving as hidden spaces where cybercriminals exchange tools, tactics, and stolen data. Understanding how these communities operate offers valuable insight into emerging cyber threats and the evolving digital risk landscape.

The LEA Projects Cluster, led by Privanova, unites 51+ EU projects to connect results, foster collaboration, and deliver coordinated, policy-relevant security outcomes.

In recent years, the volume of cyberattacks in Spain has shown an increasing trend. According to the National Cybersecurity Institute (INCIBE), 97,348 cybersecurity incidents were managed in 2024, representing an increase of 16.6 % over the previous year.

Quantum technologies are set to transform Europe’s law enforcement landscape, offering powerful new tools while challenging the very encryption systems that safeguard today’s data and communications.

Public-private collaboration offers a model for combining technical expertise, intelligence, and investigative authority to effectively disrupt criminal infrastructure.

Data harvesting for CaaS detection is about gathering signals from multiple layers of the digital environment - network traffic, dark web fora, malware telemetry, social platforms, and encrypted communication channels - and transforming them into operational intelligence.

On April 28, 2025, a blackout hit the Iberian Peninsula, leaving Spain and Portugal powerless for hours. The GiCP used this event to conduct a practical exercise in structured intelligence analysis, aiming to uncover insights and better understand the incident.

Recent analysis reveals significant advancements in the encryption capabilities of RansomHouse, a ransomware-as-a-service (RaaS) operation carried out by a group known as Jolly Scorpius.