Security Affairs
U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

A ransomware attack disrupted the IT network of the City of Liege

Belgium city of Liege has suffered today a ransomware attack that has disrupted the IT network of the municipality and its online services. Liege, one of the biggest cities in Belgium, was hit by a ransomware attack that has disrupted the IT network of the municipality and its online services. “The City of Liège is […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

Belgium city of Liege has suffered today a ransomware attack that has disrupted the IT network of the municipality and its online services.

Liege, one of the biggest cities in Belgium, was hit by a ransomware attack that has disrupted the IT network of the municipality and its online services.

“The City of Liège is currently the victim of a large-scale targeted computer attack, obviously of a criminal nature.” reads the status page published by the city. “The City of Liège, surrounded by experts of international competence, analyzes the scale of this attack and its consequences, in particular in terms of duration on the partial unavailability of its IT system. It is doing everything to restore the situation as soon as possible. Services to the public are currently heavily impacted.”

In response to the attack, IT staff shut down its network to avoid the malware from spreading.

To avoid propagation to its entire network, staff were instructed not to turn on a computer in the office.

The City of Liège launched an investigation into the attack with the help of international security experts and is currently working to restore the operations.

“The precise list will be provided as soon as possible in order to avoid any unnecessary travel,” the City said in a press release. “Citizens who show up for their meeting will be personally informed of the procedure to follow to set up a new meeting,”

At the time of this writing, the experts have yet to determine the extent of the cyber attacks and it is not clear if threat actors have stolen City’s data.

Belgian media speculate the involvement of the Ryuk ransomware gang citing a source informed about the event.

“The City of Liège, whose computer system has experienced a serious failure since Monday morning, is the target of a ransom demand via ransomware named “Ryuk”. This is what we learned from a good source, a few hours after the observation of this computer failure, which affects many services, such as the civil registry and district town halls.” reported RTC Tele Liege.

Unfortunately, attacks against municipalities are becoming very frequent, in the US we observed a long string of ransomware attacks targeting municipalities of various sizes. The list of targeted municipalities includes City of Tulsa,City of Saint John, AlbanyAtlantaBaltimoreFlorenceKnoxvilleLafayette, New Orleans, and more.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, city of Liege)

[adrotate banner=”5″]

[adrotate banner=”13″]