By Ashwani Mishra, Editor-Technology, 63SATS
Cyber threats continue to escalate, forcing organizations to adopt stronger security measures. India’s RBI launched the “bank.in” domain to curb banking fraud, while HPE confirmed a data breach linked to Russian hackers. Sophos uncovered cybercriminals using SVG files to bypass email security, and PowerSchool admitted that 16,000 U.K. student records were exposed in a December cyberattack.
Meanwhile, a ransomware attack crippled the University of The Bahamas, disrupting online classes and payment systems. Cloudflare suffered a major outage after an employee mistakenly disabled a critical service while blocking a phishing URL. As cyber threats evolve, companies must prioritize AI-driven security, strong authentication, and proactive risk management to safeguard critical data and infrastructure.
RBI Launches “Bank.in” Domain to Combat Digital Banking Fraud
The Reserve Bank of India (RBI) has introduced a dedicated “bank.in” domain for Indian banks to enhance security and prevent digital fraud. This initiative aims to curb phishing attacks, improve online trust, and streamline financial services. The Institute for Development and Research in Banking Technology (IDRBT) will oversee domain registrations starting April 2025.
Additionally, the RBI plans to launch “fin.in” for non-bank financial entities. To further strengthen payment security, the central bank is rolling out Additional Factor of Authentication (AFA) for cross-border card-not-present transactions, reinforcing its commitment to safer digital banking.
HPE Confirms Data Breach by Russian Hackers
Hewlett Packard Enterprise (HPE) has begun notifying employees impacted by a May 2023 cyberattack linked to Russian state-sponsored hackers (Cozy Bear). Stolen data includes driver’s licenses, credit card numbers, and Social Security details. Breach notifications were sent to affected individuals in January 2025, with at least 16 confirmed victims so far.
Cozy Bear, associated with Russia’s Foreign Intelligence Service (SVR), has been linked to previous cyberattacks, including the 2020 SolarWinds breach. HPE stated that only a limited number of employee mailboxes were compromised, but the full scope of the breach remains under investigation.
Cybercriminals Exploit Graphics Files for Phishing Attacks
A new cyber threat tactic has emerged—attackers are embedding malicious links in graphics files to bypass security tools. Researchers at Sophos X-Ops found that hackers are using Scalable Vector Graphics (SVG) files to distribute phishing links and malware. Since SVGs are text-based and not flagged as threats by many email security systems, attackers exploit them to redirect victims to malicious websites.
SVGs also support embedded scripts and clickable links, making them a powerful tool for cybercriminals. Sophos warns organizations to scrutinize all file types in email attachments to prevent breaches.
PowerSchool Breach Exposes 16,000 Student Records
U.S.-based edtech giant PowerSchool has confirmed that a December 2024 cyberattack exposed personal data of 16,000 students in the U.K. Hackers gained access through compromised credentials used to breach PowerSchool’s customer support portal. The company began notifying international victims this week, with at least four U.K. schools affected.
While the total number of impacted students worldwide remains unclear, PowerSchool previously admitted that millions of students and teachers had their personal information accessed. Security experts warn that education platforms are increasingly targeted by cybercriminals due to their vast data repositories.
University of The Bahamas Faces Ransomware Attack, Disrupting Services
A ransomware attack has crippled the University of The Bahamas, disrupting email, online classes, and phone systems across its three campuses. The attack began on February 2, 2025, forcing administrators to cancel online classes, extend application deadlines, and shift to cash-only transactions.
Students and staff were urged to change passwords amid concerns over data exposure. Law enforcement and cybersecurity teams are working to contain the breach, but key services remain offline. As a temporary solution, the university has provided mobile contact numbers for critical offices, while the website was restored on February 9.
Cloudflare Outage Linked to Configuration Error
A configuration error at Cloudflare led to a major outage on February 9, 2025, disrupting multiple services for nearly an hour. The incident occurred when an employee attempted to block a phishing URL in Cloudflare’s R2 object storage platform but accidentally disabled the entire R2 Gateway service.
Cloudflare admitted the failure resulted from insufficient system controls and operator training. R2, a cloud storage service like Amazon S3, is designed for scalable and cost-effective data management. The company has since implemented new safeguards to prevent similar disruptions in the future.
