TRU Security

Updates from Acronis Threat Research Unit

Acronis
ARINC’s common-use passenger processing system MUSE Disruption Impacts Flights Across Europe
Major European airports including Heathrow, Brussels, Berlin, and Dublin have reported disruptions in check-in, boarding, and kiosk systems. The outages have been linked to Collins Aerospace’s passenger processing platform MUSE, a system used across many international airports.
Insights
September 11, 2025 — 3 min read
Acronis
Acronis Cyberthreats Update, September 2025
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis...
August 21, 2025 — 5 min read
MSP cybersecurity news digest, August 13, 2025
Clinical data stolen in cyberattack on dialysis provider DaVita, Chanel, Pandora, Google and Cisco...
August 18, 2025 — 4 min read
MSP cybersecurity news digest, August 4, 2025
Scattered Spider group disrupted, but imitators carry on, Fake OAuth apps and Tycoon phishing kit used...
August 11, 2025 — 3 min read
Acronis Cyberthreats Update, August 2025
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis...
August 05, 2025 — 4 min read
MSP cybersecurity news digest, July 29, 2025
Benign-appearing panda images used by new Koske Linux malware to deliver malicious code, Turkish...
August 04, 2025 — 19 min read
MSPs a top target for Akira and Lynx ransomware
Acronis Threat Research Unit (TRU) analyzed recent samples of Akira and Lynx ransomware families to...
July 24, 2025 — 4 min read
MSP cybersecurity news digest, July 14, 2025
SafePay inflicts major ransomware attack on Ingram Micro, Oyster malware loader spread through SEO...
July 16, 2025 — 4 min read
MSP cybersecurity news digest, July 7, 2025
Zurich nonprofit Radix hit by Sarcoma ramsomware group, resulting in theft of 1.3TB of data, Google...
July 14, 2025 — 3 min read
Acronis Cyberthreats Update, July 2025
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis...

Trends and analysis

March 06, 2023 — 15 min read
Acronis
IcedID (BokBot): From banking trojan to backdoor
IcedID, also known as BokBot, was initially a banking trojan when it was discovered in 2017. Now it is...
February 13, 2023 — 7 min read
Acronis
CaddyWiper makes Windows machines unusable
CaddyWiper is an example of data-wiping malware, whose purpose is to corrupt the operating system and...
February 06, 2023 — 8 min read
Acronis
DoubleZero: A data wiper deployed against Ukraine
The DoubleZero wiper — so named for its tactic of zeroing files — was first discovered on March 17,...
February 02, 2023 — 8 min read
Acronis
Vawtrak: A banking trojan with a long history
Vawtrak is a banking trojan — a form of malware that attempts to steal credentials from banks. It...
January 05, 2023 — 9 min read
Acronis
Royal ransomware’s actors make high demands
Royal ransomware was first spotted in January 2022, targeting different corporations. This group does...
December 27, 2022 — 2 min read
Acronis
AV-Comparatives: Acronis Cyber Protect certified an...
Acronis Cyber Protect with the Advanced Security pack successfully passed the rigorous test criteria...