Santiago leads global investigations into advanced threat actors, cybercrime ecosystems, and emerging attack techniques. He specializes in analyzing nation-state actors, criminal organizations, and financially motivated threat groups, focusing on malware analysis, reverse engineering, and developing advanced detection capabilities. With over 15 years of experience in cybersecurity, he has presented original research at leading international conferences including Virus Bulletin, CARO, MITRE ATT&CK, BlueHat, AVAR, Nuit du Hack, and ekoParty, among others.
Introducing the Acronis TRU Alliance Series. This new series highlights collaborative research analysis between Acronis Threat Research Unit (TRU) and other leading threat intelligence teams. In this first post of our collaboration series, we’ve teamed up with VirusTotal (VT) to share practical insights from Acronis TRU on several recent reports.
The Acronis Threat Research Unit (TRU) identified an ongoing malware campaign named Shadow Vector that is actively targeting users in Colombia through malicious SVG files masquerading as urgent court notifications.
Chaos RAT is an open-source remote administration tool (RAT) first seen in 2022. It evolved in 2024, and new samples have been discovered by TRU in 2025.
Acronis Threat Research Unit (TRU) uncovered a new SideWinder APT campaign targeting high-level government institutions in Sri Lanka, Bangladesh and Pakistan.
Introducing the Acronis TRU Alliance Series. This new series highlights collaborative research analysis between Acronis Threat Research Unit (TRU) and other leading threat intelligence teams. In this first post of our collaboration series, we’ve teamed up with VirusTotal (VT) to share practical insights from Acronis TRU on several recent reports.
The Acronis Threat Research Unit (TRU) identified an ongoing malware campaign named Shadow Vector that is actively targeting users in Colombia through malicious SVG files masquerading as urgent court notifications.
Chaos RAT is an open-source remote administration tool (RAT) first seen in 2022. It evolved in 2024, and new samples have been discovered by TRU in 2025.
Acronis Threat Research Unit (TRU) uncovered a new SideWinder APT campaign targeting high-level government institutions in Sri Lanka, Bangladesh and Pakistan.