By Ashwani Mishra, Editor-Technology, 63SATS Cybertech
The Reserve Bank of India has mandated all banks to migrate to the secure ‘.bank.in’ domain by October 2025 to enhance digital banking safety. Marks & Spencer confirmed a cyber incident, prompting security measures. In the Netherlands, Russian hackers targeted public services and critical infrastructure in growing hybrid attacks.
Microsoft reported 92% adoption of phishing-resistant MFA across its workforce, a key milestone under its Secure Future Initiative. Abilene, Texas, shut down city systems after a cyberattack, while Baltimore City schools revealed a February ransomware attack exposed data of over 1,150 students and numerous staff members.
RBI Mandates ‘.bank.in’ Domain to Fortify Cybersecurity
The Reserve Bank of India has directed all banks to migrate to a dedicated ‘.bank.in’ domain by October 31, 2025, aiming to boost trust and cybersecurity in digital banking. Financial institutions not classified as banks will move to ‘.fin.in’. This shift, overseen by IDRBT and NIXI under MeitY, ensures only verified banks use the reserved domain, reducing phishing and spoofing risks.
RBI urged all banks to start their migration immediately. The move aligns with global cybersecurity norms and is expected to significantly enhance the safety of online banking for Indian consumers and businesses alike.
Marks & Spencer Responds to Cyber Incident with Operational Safeguards
UK retail giant Marks & Spencer has confirmed a cybersecurity breach, prompting temporary operational adjustments. In a notice signed by CEO Stuart Machin, the company assured customers that its stores, website, and app remain functional. External cybersecurity experts are investigating the scope of the incident, and data protection authorities have been informed.
While the full nature and impact of the attack remain undisclosed, Marks & Spencer emphasized customer protection as a top priority. The breach underscores the increasing frequency of retail-targeted cyberattacks disrupting operations and raising concerns about data privacy and continuity.
Russia Targets Dutch Infrastructure in Escalating Hybrid Attacks
The Netherlands’ military intelligence agency (MIVD) has warned of intensified Russian hybrid operations targeting Dutch public services and critical infrastructure. The annual report highlights a surge in cyber threats with potential for sabotage and disinformation. MIVD noted these activities have increased even as the Russia-Ukraine conflict continues, with risks likely to persist post-conflict.
While specific agencies targeted were not disclosed, the findings reflect broader concerns across Europe regarding state-sponsored cyber aggression. Experts caution that the line between cyberwarfare and espionage is becoming increasingly blurred, demanding higher levels of vigilance and cybersecurity collaboration across allied nations.
Microsoft: 92% of Employee Accounts Now Use Phishing-Resistant MFA
Microsoft has announced that 92% of employee productivity accounts now use phishing-resistant multifactor authentication (MFA), a major milestone under its Secure Future Initiative (SFI). The SFI, launched in late 2023 following high-profile cyberattacks by nation-state actors from China and Russia, is focused on hardening cybersecurity across all operations.
Microsoft called the MFA adoption “a significant milestone” in combating social engineering and identity-based threats. The move follows last year’s Storm-0558 and Midnight Blizzard attacks, which targeted access credentials. Microsoft is pushing for industry-wide MFA adoption to reduce compromise risks and strengthen digital identity protection.
Cyberattack Forces Texas City to Take Services Offline
Abilene, Texas, is recovering from a cyberattack that forced city officials to take multiple systems offline. The breach was discovered after internal servers became unresponsive. In response, cybersecurity experts were hired, and emergency services remain operational. However, the city has suspended card-based transactions, urging residents to pay using cash, checks, or online options.
No unauthorized financial activity has been detected so far. Officials assured residents that utility services will not be disrupted due to payment delays. The incident highlights the growing threat to local governments and the need for robust cyber response and resilience plans.
Baltimore School Cyberattack Exposes Data of Students and Staff
Baltimore City Public Schools has confirmed that a ransomware attack in February compromised personal data of thousands of students, teachers, and staff. A breach notice revealed criminal actors accessed sensitive documents, affecting about 1.5% of students—over 1,150 individuals—as well as current and former employees, volunteers, and contractors.
Officials confirmed no ransom was paid. The breach underscores the vulnerability of educational institutions, which often hold extensive personal data but lack advanced cybersecurity defenses. The district is providing support and monitoring services, while investigators work to determine the full extent of the data exposure.
