Skip to main content

Cyber Pulse September 2023

Dear Cyber Pulse Subscribers,




I hope this message finds you well, and I'm delighted to connect with you through our latest edition of Cyber Pulse. As the world of cybersecurity continues to evolve at an unprecedented pace, it's crucial that we stay informed and vigilant. In this edition, we’ll like to highlight some of the most significant developments and trends in the realm of cybersecurity, as well as shed light on the growing importance of cybersecurity in the burgeoning FinTech sector in India.


The past year has seen a surge in ransomware attacks, highlighting the increasing sophistication of cybercriminals. It's imperative that businesses invest in robust cybersecurity measures to protect their data and operations. Additionally, AI-driven cybersecurity is becoming a game-changer, with machine learning algorithms identifying threats in real-time and adapting to evolving attack strategies.


On the other hand, India's FinTech sector has been remarkable, reshaping the financial landscape with innovations in digital payments, lending, and investments. However, this rapid growth also brings increased cybersecurity risks, particularly concerning data protection, fraud prevention, customer education, and regulatory compliance. In this edition of Cyber Pulse, we will look at the rise of FinTech in India and the cybersecurity concerns it faces.


At ReBIT, we understand the significance of staying ahead of these cybersecurity challenges, not only for ourselves but for our clients as well. Our commitment to cutting-edge technology and unwavering dedication to cybersecurity excellence drive us to provide the best possible solutions to safeguard your digital assets.


In the coming months, we will continue to explore these topics in more detail, providing you with actionable insights to bolster your cybersecurity posture and thrive in the ever-changing digital landscape.




Santhosh George




In recent years, India has experienced a seismic shift in its financial landscape, marking the dawn of a new era in the country's financial services sector. FinTech, short for financial technology, has not only revolutionised the way people in India manage their finances but has also played a pivotal role in enhancing financial inclusion. Advancements in technology, particularly in the realms of digital payments, lending, and wealth management, have revolutionised the way Indians manage their finances.


However, this rapid evolution has also brought forth its own set of challenges, including concerns about cybersecurity that must be addressed to sustain its growth. In this article, we will explore the positive impact of FinTech on financial inclusion in India, the pressing cybersecurity concerns that accompany this rapid transformation, and a glimpse into the promising future of FinTech in the nation.




Advancements in Technology in FinTech



India has seen a significant leap in technological advancements, which has been a key driver of the FinTech boom. The proliferation of smartphones, widespread internet access, and the government's Digital India initiative have played pivotal roles in making financial services more accessible to the masses. Digital wallets, payment apps, and mobile banking services have become an integral part of daily life for millions of Indians.


One of the most notable innovations in FinTech has been the Unified Payments Interface (UPI). UPI has revolutionised digital payments by allowing users to link their bank accounts to mobile applications, enabling instant, secure, and convenient person-to-person, or person-to-merchant transactions. The success of UPI has not only streamlined everyday payments but has also paved the way for financial inclusion.



FinTech and Financial Inclusion


Accessibility to Financial Services: One of the most significant contributions of FinTech in India has been the accessibility it offers to financial services. Digital wallets, mobile banking apps, and payment gateways have made it possible for millions, including those in remote rural areas, to access banking and payment services without needing to visit physical bank branches. This has played a vital role in bridging the financial inclusion gap.


Reduced Transaction Costs: Traditional banking often comes with high transaction costs, making it less viable for individuals with lower incomes. FinTech solutions have drastically reduced these costs, making financial services affordable to a wider range of people.


Microfinance and Peer-to-Peer Lending: FinTech platforms have facilitated microfinance initiatives and peer-to-peer lending, allowing individuals and small businesses to access credit and investment opportunities that were previously out of reach.


Insurance and Investments: FinTech has made insurance products and investment opportunities more accessible and understandable, empowering individuals to secure their financial futures.




The Cybersecurity Challenges


While FinTech has opened doors to financial inclusion, it has also brought along cybersecurity concerns that cannot be ignored.


Data Security: FinTech companies handle vast amounts of sensitive customer data, making them attractive targets for cybercriminals. Data breaches can result in financial losses and breaches of personal privacy.


Phishing Attacks: Phishing remains a significant threat in the FinTech sector, with cybercriminals using increasingly sophisticated methods to trick users into divulging their login credentials or other sensitive information.


Malware and Ransomware: Malicious software can infect FinTech systems and compromise user data. Ransomware attacks have been on the rise, where attackers encrypt a company's data and demand a ransom for its release.


Fraud Prevention: FinTech firms need to constantly develop and implement fraud prevention mechanisms. This includes monitoring transactions for suspicious activities, identifying patterns of fraudulent behaviour, and implementing real-time fraud detection systems.


Regulatory Compliance: FinTech companies must navigate complex regulatory environments, balancing innovation with the need for robust security measures. Ensuring compliance with cybersecurity regulations is a constant challenge.


Evolving Threat Landscape: Cyber threats are continually evolving, and FinTech companies must stay ahead of the curve by investing in advanced cybersecurity technologies like AI-driven threat detection and blockchain-based security measures.


Despite the rapid growth and promise of FinTech in India, several challenges persist. One of the primary obstacles is the digital divide, with many rural areas still lacking access to reliable internet and financial services. Bridging this gap is crucial for ensuring financial inclusion and the equitable distribution of FinTech benefits.


Balancing Progress and Security


To sustain the positive impact of FinTech, industry players, regulatory bodies, and users must work collaboratively to address the cybersecurity challenges. FinTech companies must prioritise data security, invest in cutting-edge cybersecurity technologies, and foster a culture of cybersecurity awareness among their employees and users.


The Reserve Bank of India (RBI) has been actively involved in enhancing cybersecurity in the banking sector. It has issued guidelines and regulations aimed at safeguarding customer data and ensuring the resilience of financial systems. FinTech companies, as an outsourced technology partner, are required to adhere to these standards to safeguard the entire banking ecosystem.


In conclusion, FinTech's dual role in enhancing financial inclusion and presenting cybersecurity challenges underscores the need for a comprehensive and proactive approach to secure the future of India's digital financial ecosystem. By striking the right balance between progress and security, India can continue to reap the benefits of FinTech's transformative power while safeguarding its financial system against cyber threats.


The Future of FinTech in India


The future of FinTech in India holds immense promise. The sector is expected to continue expanding as more Indians embrace digital financial solutions. Some key trends to watch out for include:


AI and Machine Learning: FinTech companies will increasingly leverage AI and machine learning to enhance customer experiences, offer personalised financial advice, and streamline processes like credit assessment.


Blockchain Technology: The adoption of blockchain technology is likely to gain momentum, offering faster and more efficient cross-border transactions.


Financial Inclusion: FinTech will play a pivotal role in furthering financial inclusion by reaching underserved and unbanked populations through innovative products and services.


Regulatory Evolution: Regulatory frameworks will continue to evolve to accommodate FinTech innovations while ensuring consumer protection and security.


FinTech in India is indeed at the dawn of a new era, driven by technological advancements, and has the potential to transform the financial services landscape further. While challenges, especially in cybersecurity and regulation, exist, the industry's resilience and innovation have demonstrated its ability to overcome obstacles. As we move forward, the future of FinTech in India looks bright, promising greater financial inclusion, convenience, and security for all.






By 2030, India to contribute almost 13% of global fintech revenue 

At the recently held Global Fintech Fest (GFF) 2023, the Governor of the Reserve Bank of India (RBI), Shri. Shaktikant Das, stressed the importance of the progress made by the fintech sector in India. He said that technology innovation opportunities in India are created due to the strong synergy between the digital public and infrastructures, institutional structures, and policy actions. He also spoke about the growing footprint of microfinance, inclusive banking, and digital payments in India.


Read more


New UPI features launched by NPCI


The RBI Governor at GFF event also announced new UPI features as part of the next generation of digital payment innovation in India. These included Credit Line on UPI, UPI LITE X, UPI Tap and Pay, and Hello! UPI. A record 10 billion monthly transactions were recorded on UPI in August 2023.

Read more





RBI asks fintech players to set up a self-regulatory organization 

The Governor, Reserve Bank of India (RBI), Shri. Shaktikant Das has invited fintech players to form a self-regulatory organization (SRO) as a step to help fintech industry set up codes of conduct among its members. He suggested the role of SRO as that of an observer to promote transparency, consumer protection, and encourage members to adopt responsible and ethical practices.

Read more


UN Convention on Cybercrime (UNCC) by 2024 

The UN Convention on Cybercrime is set to receive ratification by the UN General Assembly by 2024. India has proposed that the transfer of ‘personal data' under the Convention should be done in accordance with domestic laws. India’s proposal is currently in the draft phase.  

Read more






Cyber Security



Australia discusses Cyber Security Strategy 2023-2030 

The government unveiled its initial strategy for Australia Cyber Security Strategy 2023-2030 built on six cyber shields. These include such as safer technology adoption, world-class threat-sharing and blocking system, access to critical infrastructure, sovereign capability through cyber skills and undertaking coordinated global action and pushing for a more resilient region. 

Read more


Deepfakes get more sophisticated with generative AI 

The threat of deepfakes has grown exponentially, presenting a new challenge to users of technology and communications, according to a recent CSI (Cybersecurity Information Sheet) published by the CISA (Computer Security Information Agency). The CSI contextualizes the threats of deepfakes to organizations, providing an overview of the threats of synthetic media, their techniques and trends. 

Read more




DIST develops cybercrime investigation tool to track cyber attacks

In order for cybercrime investigation to be successful, there was a need for a framework that could extract crucial information from the victim’s FIR, give investigators enough information about the reported cybercrime so that they can categorize it in a systematic and exhaustive manner, guide the investigation based on existing crime patterns, map evidence to the steps to be taken to decide the next step, and finally bring criminals to justice. 


Read more

















Silent Skimmer campaign targets online payment businesses in APAC 

A new payment card theft campaign has been detected against online payment businesses across Asia-Pacific (APAC) and Latin America. The attack leverages known vulnerabilities and infected web servers to gain initial access. Payment scraping tools are used by the attacker to extract sensitive financial data from infected sites. The attack targets companies across a variety of industries and sectors. E-commerce platforms and Point of Sale (PoS) systems providers.


Read more





Cyber Fraud



Inter-state cyber fraud nexus targeting NRI bank accounts

A police investigation involving large-scale money laundering scams in Ludhiana, Punjab led to the arrest of an interstate cyber-fraud gang that was using NRI bank accounts of customers for money transactions. They hacked into the NRI customer's net banking using OTPs for illegal money transfers.


Read more



Cyber fraudsters scam ₹19 crore task fraud using WhatsApp in Pune  

The modus operandi involved sending WhatsApp messages to the victims, asking them to register for an online task for a promised payment. The victim is asked to send a screenshot of the liked video. The gang would then ask victims to invest more money and scam them.


Read more




77.41% of India's total cybercrime consists of online financial frauds

FCRF’s paper ‘A deep dive into cybercrime trends impacting India’ covers the period from January 2020 to June 2023 in which cybercrime data was collected and analysed. The data was sourced from various sources, including government websites like the NCRB, parliamentary statistics, and media reports.


Read more







Sri Lanka's government email domain comes under attack

Lanka Govt Cloud (LGC) was recently hit by a ransomware attack. The Sri Lanka Computer Emergency Readiness Team and Coordination Center (CERT|CC) is carrying out a detailed investigation into the attack. CERT|CC estimates that all 5000 email addresses that use the “gov” email domain, including those of the Cabinet Office, have been affected by the attack.

Read more


UK Police hit by a ransomware attack 

In a recent ransomware attack incident UK police officers' personal detail was stolen from an identity card company. The attackers stole details from identity badges, warrant cards, and other documents including names, photographs, identity numbers, and police collar numbers.

Read more






A new Xenomorph malware campaign targets financial institutions globally

The Xenomorph malware has resurfaced in another distribution campaign, targeting more than 30 U.S. banks and financial institutions around the world. Cybersecurity analysts recently uncovered this new campaign, which used phishing web pages as Chrome updates to lure victims into downloading malware-encrypting applications.   

Read more

The Cyber Strike is a section dedicated to providing you with a summary of the most significant cyber-attacks that occurred over the past month. With the increasing prevalence of technology in our daily lives, cyber-attacks have become a constant threat to business and individuals alike.


It is important to stay informed about the latest cyber threats and attacks to protect ourselves and our organisations from potential harm.


Let’s dive in and explore the most significant cyber-attacks of the month.



APT36 uses fake YouTube apps to distribute CapraRAT


Impact: This cyber espionage campaign by APT36 could have severe consequences for organizations, including data breaches, compromised communications, and potentially damaging espionage activities. It poses a significant threat to the security and confidentiality of sensitive information, particularly in military, government, and diplomatic sectors in India and Pakistan.


Overview: The Threat Actor APT36 (Transparent Tribe) has used deceptive Android apps mimicking YouTube to spread their CapraRAT spyware. This campaign targets Indian and Pakistani military, government, and human rights entities, with malicious apps distributed outside of Google Play. CapraRAT, once installed, records audio/video, accesses sensitive data and overrides device settings.


Recommended Actions:


  • Stick to official app stores: Refrain from installing Android applications from sources other than the official Google Play store. This minimizes the risk of downloading malicious apps.
  • Exercise caution with social media apps: Be cautious when encountering new social mediapplications promoted within social media communities. Investigate their legitimacy before downloading.
  • Review app permissions: Always scrutinize the permissions requested by an application, especially if it's unfamiliar. Assess whether these permissions align with the app's intended functionality and if they pose security risks.
  • Avoid third-party versions: Do not install third-party versions of apps already present on your device. Stick to official and regularly updated versions from trusted sources to mitigate the risk of malware infiltration.




Access Bypass vulnerability in mail login module of Drupal


Impact: Drupal version prior to 2.8.0


Overview: A vulnerability exists in the Mail-Login module which allows a remote attacker to gain unauthorized access to otherwise restricted functionality. This vulnerability exists due to improper access restrictions and non-replication of flood control. A remote attacker can perform brute-force attacks on the target system.


Recommended Actions: Update to the latest version Mail Login 8.x-2.8




Unauthorized access control vulnerability in Uniview IP camera


Impact: Multiple software versions installed in Uniview IP Camera Model IPC322LB-SF28-A


Overview: A vulnerability has been reported in Uniview IP Camera, which could allow remote attacker to modify user credentials and take control of the targeted device. The vulnerability exists in Uniview IP Camera due to identification and authentication failure at its web-based management interface. A remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.


Recommended Actions: Obtain the fixed version and upgrade




New HTTPSnoop malware backdoors telecom providers in the Middle East


Impact: The impact of these cyberattacks on organizations, especially telecommunications providers, could include severe disruptions to services, potential data breaches, compromised network integrity, and reputational damage. Additionally, the sophisticated nature of the malware tools and their state- sponsored origin highlight the ongoing threat to critical infrastructure and underscore the need for robust cybersecurity measures and preparedness.


Overview: A series of cyberattacks targeting Middle Eastern telecommunications providers has unveiled two potent malware tools, HTTPSnoop and PipeSnoop, both attributed to the 'ShroudedSnooper' intrusion set. HTTPSnoop interfaces with Windows HTTP kernel drivers to execute content through specific HTTP(S) URLs while masquerading as Palo Alto Networks Cortex XDR security components. PipeSnoop operates as a backdoor mechanism within compromised networks.


Recommended Actions:


  • Utilize advanced endpoint protection solutions to prevent the execution of malware and other malicious software
  • Incorporate web scanning tools to prevent access to malicious websites and detect malware hidden in web content
  • Invest in robust email security solutions to block malicious emails sent by threat actors, reducing the risk of email-based attacks
  • Deploy next-generation firewall appliances to detect and prevent malicious activity within your network
  • Leverage malware analytics tools to identify and protect against malicious binaries, adding an extra layer of security




Security restriction bypass vulnerability in Python


Impact: Python version 3.11.4 and earlier


Overview: A vulnerability has been reported in Python which could allow an attacker to bypass security restrictions on the targeted system. This vulnerability exists in Python due to a flaw in the os.path.normpath() function. An attacker could exploit this vulnerability by sending a specially-crafted path.


Recommended Actions: Apply appropriate security updates







References: Link 1  |  Link 2  |  Link 3  |  Link 4  |  Link 5

ReBIT is an ambitious, employee-first organisation that believes in empowering our employees to grow alongside the organisation's goals and perform to their full potential. We are fascinated by technology, and we admire our employees. We house exceptional talent that contributes to ReBIT's mission.


We’re looking for candidates who have a zeal for technology and innovation. Check out our careers page for opportunities to work with us!



We'd love to hear from you!

Share your thoughts with us at or leave us a feedback by clicking on the button below.


502, Building No 1, Mindspace Juinagar, Nerul,Navi Mumbai – 400706


You are receiving this email as you signed up for our newsletter.

Want to change how you receive these emails?

You can Unsubscribe here.