Saturday , March 15 2025
domain

India to launch new domain name for banks to combat digital fraud

India’s central bank to launch a special “.bank.in” domain for banks in April 2025 to fight digital payment fraud and enhance trust in online banking.

The Reserve Bank of India announced that the Institute for Development and Research in Banking Technology (IDRBT) will exclusively manage the new “fin.in” domain for non-bank financial institutions.

Researcher found non protected database form ESHYFT containig 86000 records

Cybersecurity researcher Jeremiah Fowler found and reported a non-password-protected database with over 86,000 records belonging to ESHYFT, a New Jersey-based...
Read More
Researcher found non protected database form ESHYFT containig 86000 records

CVE-2024-55591 and CVE-2025-24472
New SuperBlack ransomware exploits Fortinet flaws

Forescout Research- Vedere Labs identified a series of intrusion based on two Fortinet vulnerabilities which began with the exploitation of...
Read More
CVE-2024-55591 and CVE-2025-24472  New SuperBlack ransomware exploits Fortinet flaws

CVE-2025-25291 & CVE-2025-25292
Attention! GitLab Patched Critical Authentication Bypass Flaws

GitLab has released versions 17.9.2, 17.8.5, and 17.7.7 for its Community and Enterprise Editions to fix security vulnerabilities, including a...
Read More
CVE-2025-25291 & CVE-2025-25292  Attention! GitLab Patched Critical Authentication Bypass Flaws

CVE-2025-20138
Cisco released High Security Alert for IOS XR Software

Cisco has issued a security advisory for a high-severity vulnerability in its IOS XR Software, labeled CVE-2025-20138, with a CVSS...
Read More
CVE-2025-20138  Cisco released High Security Alert for IOS XR Software

400+ IPs Exploiting Multiple SSRF Vulnerabilities

GreyNoise warns of a coordinated increase in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities across various platforms. "At least...
Read More
400+ IPs Exploiting Multiple SSRF Vulnerabilities

NVIDIA has released update for NVIDIA Riva

NVIDIA has released a software update for Riva to fix security vulnerabilities that could allow privilege escalation, data tampering, denial...
Read More
NVIDIA has released update for NVIDIA Riva

CVE-2025-24201
Apple fixes 0-day exploited in “extremely sophisticated attack”

On Tuesday, Apple fixed a critical zero-day vulnerability affecting nearly all supported iPhones and iPads. The company noted that it...
Read More
CVE-2025-24201  Apple fixes 0-day exploited in “extremely sophisticated attack”

Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws

Microsoft's March 2025 Patch Tuesday update fixes 57 flaws, including seven zero-day exploits, six of which are actively being exploited....
Read More
Microsoft’s March 2025 updates fix 7 zero-day, 57 flaws

Ballista Botnet infects 6000 Unpatched TP-Link Routers

Cato CRTL team said, a new botnet campaign dubbed Ballista target the unpatched TP-Link Archer routers. CVE-2023-1389 is a serious...
Read More
Ballista Botnet infects 6000 Unpatched TP-Link Routers

CVE-2025-24813
Flaw in Apache Tomcat Exposes Servers to RCE

A critical vulnerability, CVE-2025-24813, has been found in Apache Tomcat, which could let attackers execute remote code, leak sensitive data,...
Read More
CVE-2025-24813  Flaw in Apache Tomcat Exposes Servers to RCE

“Increased instances of fraud in digital payments are a significant concern,” said RBI governor Sanjay Malhotra, adding that the new domain system aims to reduce cybersecurity threats and malicious activities like phishing. The move comes as India grapples with a surge in digital payment frauds and predatory lending apps.

The central bank will provide banks with guidelines for a new initiative aimed at helping users identify legitimate banking websites from fraudulent ones.

How the ‘.bank.in’ & ‘fin.in’ domain will work:

Starting April 2025, all approved Indian banks must use websites ending in ‘.bank.in’ to enhance customer security and help distinguish legitimate banking sites from fraudulent ones.

Indians lost Rs 485 crore to UPI fraud in 632,000 incidents during FY25 (up to September). From 2022-23, total UPI fraud losses reached Rs 2,145 crore in 2.7 million cases, with FY24 alone accounting for Rs 1,087 crore from 1.34 million incidents.

To tackle this fraud, the government has blocked over 669,000 SIM cards and 132,000 IMEIs, as well as 1,700 Skype IDs and 59,000 WhatsApp accounts. The Union Home Ministry reports saving more than Rs 3,431 crore from 994,000 complaints.

The RBI will implement extra verification for international digital transactions to offshore merchants to enhance consumer protection, reduce unauthorized payments, and prevent card fraud.

Using 2.8 millions IPs, massive brute attack ongoing

Check Also

CYFIRMA

FinStealer Malware Targets Indian Bank’s Mobile Users, Stealing Credentials

CYFIRMA analysis reveals a sophisticated malware campaign that exploits a major Indian bank’s brand through …

Leave a Reply

Your email address will not be published. Required fields are marked *