TRU Security

Updates from Acronis Threat Research Unit

Acronis
ARINC’s common-use passenger processing system MUSE Disruption Impacts Flights Across Europe
Major European airports including Heathrow, Brussels, Berlin, and Dublin have reported disruptions in check-in, boarding, and kiosk systems. The outages have been linked to Collins Aerospace’s passenger processing platform MUSE, a system used across many international airports.
Insights
October 17, 2025 — 3 min read
Acronis
Acronis Cyberthreats Update, October 2025
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis...
September 11, 2025 — 3 min read
Acronis Cyberthreats Update, September 2025
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis...
August 21, 2025 — 5 min read
MSP cybersecurity news digest, August 13, 2025
Clinical data stolen in cyberattack on dialysis provider DaVita, Chanel, Pandora, Google and Cisco...
August 18, 2025 — 4 min read
MSP cybersecurity news digest, August 4, 2025
Scattered Spider group disrupted, but imitators carry on, Fake OAuth apps and Tycoon phishing kit used...
August 11, 2025 — 3 min read
Acronis Cyberthreats Update, August 2025
The Acronis Cyberthreats Update covers current cyberthreat activity and trends, as observed by Acronis...
August 05, 2025 — 4 min read
MSP cybersecurity news digest, July 29, 2025
Benign-appearing panda images used by new Koske Linux malware to deliver malicious code, Turkish...
August 04, 2025 — 19 min read
MSPs a top target for Akira and Lynx ransomware
Acronis Threat Research Unit (TRU) analyzed recent samples of Akira and Lynx ransomware families to...
July 24, 2025 — 4 min read
MSP cybersecurity news digest, July 14, 2025
SafePay inflicts major ransomware attack on Ingram Micro, Oyster malware loader spread through SEO...
July 16, 2025 — 4 min read
MSP cybersecurity news digest, July 7, 2025
Zurich nonprofit Radix hit by Sarcoma ramsomware group, resulting in theft of 1.3TB of data, Google...

Trends and analysis

March 06, 2023 — 15 min read
Acronis
IcedID (BokBot): From banking trojan to backdoor
IcedID, also known as BokBot, was initially a banking trojan when it was discovered in 2017. Now it is...
February 13, 2023 — 7 min read
Acronis
CaddyWiper makes Windows machines unusable
CaddyWiper is an example of data-wiping malware, whose purpose is to corrupt the operating system and...
February 06, 2023 — 8 min read
Acronis
DoubleZero: A data wiper deployed against Ukraine
The DoubleZero wiper — so named for its tactic of zeroing files — was first discovered on March 17,...
February 02, 2023 — 8 min read
Acronis
Vawtrak: A banking trojan with a long history
Vawtrak is a banking trojan — a form of malware that attempts to steal credentials from banks. It...
January 05, 2023 — 9 min read
Acronis
Royal ransomware’s actors make high demands
Royal ransomware was first spotted in January 2022, targeting different corporations. This group does...
December 27, 2022 — 2 min read
Acronis
AV-Comparatives: Acronis Cyber Protect certified an...
Acronis Cyber Protect with the Advanced Security pack successfully passed the rigorous test criteria...