Threat Research Unit is a dedicated Acronis unit composed of experienced cybersecurity experts. Our team includes cross-functional experts in cybersecurity, AI, and threat intelligence. We are empowering IT teams with intelligence-driven cyberthreat research and reporting.
A new version of MLNK Builder, a link generation tool popular among cybercriminals, has emerged on the dark web. The updated feature set focuses on antivirus evasion and masquerading techniques, using icons of popular legitimate applications and file formats.
The Knauf Group, a German-based multinational producer of construction materials, has announced that it's been the target of a cyberattack. The incident took place on the night of June 29, forcing its global IT team to shut down email systems, although communications were still possible via mobile devices and Microsoft Teams.
The Japanese video game giant Bandai Namco, known for publishing franchises like Elden Ring, Pac-Man and Tekken, has been hit by BlackCat/AlphV ransomware.
Google has released updates for its popular Chrome browser to remediate several vulnerabilities, including a high-severity vulnerability that has already been exploited in the wild. This marks the fourth zero-day vulnerability that had to be patched in Chrome this year.
An unpatched remote code execution vulnerability in the Microsoft Windows Support Diagnostic Tool (MSDT), which is being tracked as CVE-2022-30192, is being exploited in phishing campaigns that are targeting U.S. and European government organizations.
Palermo, a city of 1.3 million people and a popular tourist destination in Southern Italy, has become the latest victim of a Vice Society ransomware attack.
Carinthia, the southernmost state in Austria, has had their computer systems encrypted by BlackCat (ALPHV) ransomware, causing a severe disruption of government services.
A new malware distribution campaign is embedding malicious Microsoft Word documents inside PDF files, prompting victims to launch the Word document as soon as the PDF is opened.
Global agricultural equipment company AGCO, creator of Fendt tractors and other popular tools, has been knocked offline by a ransomware attack.
Recent phishing campaigns are targeting verified Twitter profiles with convincing emails, enticing victims to provide their Twitter credentials — supposedly in order to fix a problem with their verification badge.
A new ransomware known as Black Basta has emerged, attacking at least 12 companies within its first three weeks of operation — including the American Dental Association and wind farm operator Deutsche Windtechnik.
The Nordex Group, known as one of the world's largest manufacturers of wind turbines, has confirmed a cyberattack. The attack was discovered end of last month, and Nordex disabled remote access from some networks to their turbines as a precaution.