Aggregator

6月26日，东进后量子密码白皮书及Q系列新品发布会在深圳成功举办。东进技术管理层及技术专家，合作伙伴，以及密码行业从业者通过线上线下的方式汇聚一堂，共同见证后量子密码白皮书及Q系列新品的重磅发布。

坚守定位：核心和基础产品提供商

东进技术总经理贺建楠在开场致辞中表示，东进技术始终坚持“核心和基础产品提供商”的定位，做好幕后英雄，为客户成功和行业发展筑牢根基。截至目前，东进技术有超过500家的软件和系统开发商客户，为超过10000家的用户提供产品和服务。

（图：东进技术总经理贺建楠）

贺建楠进一步表示，对领先技术和创新的追求是东进技术生存的根本，公司坚持高强度研发投入和技术创新，研发、技术型工程师占比超60%，每年研发投入占比超40%，累计取得包括PCT国际专利在内的300多件知识产权，构建起完整的商用密码产品矩阵，产品覆盖云、管、边、端，且全部自研，能够一站式满足软件和系统开发商的各类需求。

与此同时，东进技术紧跟国内外技术发展趋势，紧跟客户需求。在Gartner发布的2025十大战略技术趋势中，后量子密码被列入其中。面对这一趋势，东进技术迅速响应、积极探索，研发出国内第一款商业化的PQC密码卡。该密码卡采用了与以往截然不同的技术架构，东进技术期望通过这一创新，在应对时间紧迫性和提升敏捷性方面做出有益探索。

白皮书：洞察后量子密码技术发展脉络

随着量子计算的迅猛发展，传统公钥密码体系面临严峻威胁。因此，开发能够抵御量子攻击的后量子密码技术，成为当前网络安全领域的新课题。

（图：东进技术研发总监刘义鹏）

为了帮助从业者和用户深入理解后量子密码技术，东进技术研发总监刘义鹏发布并解读了《后量子密码技术白皮书（2025版）》。该白皮书全面深入介绍了量子计算技术及其对传统密码的威胁，详细梳理现有后量子密码的多种技术路线，重点关注美国和中国后量子密码发展现状，包括标准化进程、政府战略部署、产业应用及学术研究等多个层面。

基于对后量子密码技术的深入理解和实践探索，东进技术在白皮书中阐述了其后量子密码策略：一是定位密码基础产品供应商；二是紧跟密码硬件最新技术；三是紧跟后量子密码标准化；四是致力于提供敏捷的后量子密码产品；五是以开放协同驱动产业链协同，共筑后量子密码安全新生态；六是高度重视供应链安全。

创新突破：国内第一款商业化后量子密码卡亮相

东进技术基于多年密码行业深耕及对后量子密码的理解，聚焦技术创新，研发出Q系列后量子密码产品，该系列产品旨在量子计算威胁到来前，为关键行业的安全提前构筑新防线。其包括三大核心产品，后量子密码卡 Q400/Q500、后量子服务器密码机 SCM-5000Q以及后量子云服务器密码机 CSCM-5000Q。东进技术产品总监罗漫在会上详解上述新品的产品特点及性能表现。

（图：东进技术产品总监罗漫）

后量子密码卡Q400/Q500是东进推出的国内第一款公开发布的商业化后量子密码卡，全面兼容后量子密码算法（如ML-KEM/ML-DSA/FN-DSA/SLH-DSA/XMSS/XMSSMT和LMS等）和多种经典密码算法（如SM1/SM2/SM3/SM4/SM9/RSA/AES/SHA系列等），具备PQC算法敏捷性、高性能与高可靠性等特点，能够满足不同用户和行业标准的多样化密码运算需求。

Q系列密码卡是基于通用可编程SOC构建的全新架构，以高度灵活的编程能力为核心亮点，具备集成度高、性能强、低功耗等优势，可快速响应算法多样化需求，用户无需更换硬件即可对密码卡进行算法升级，实现个性化的功能定制与拓展。

后量子服务器密码机SCM-5000Q和云服务器密码机 CSCM-5000Q是国内第一款搭载后量子密码卡的密码机产品，具备高可用、高性能和快速整合新的安全技术与算法的能力，能全面兼容后量子密码算法（如ML-KEM/ML-DSA/FN-DSA/SLH-DSA/XMSS/XMSSMT和LMS等）和多种经典密码算法（如SM1/SM2/SM3/SM4/SM9/RSA/AES/SHA系列等），真正实现了新旧密码技术的无缝对接与融合，可为用户提供面向未来的和可持续升级演进的安全防护能力。

东进后量子密码白皮书及Q系列新品发布会的成功举办，标志着东进技术在后量子密码领域取得重大突破。未来，东进技术将继续加大研发投入，不断创新和完善后量子密码产品体系，为量子时代的信息安全筑牢新防线。

扫描下方二维码填写信息，即可获赠《后量子密码技术白皮书（2025版）》电子版。

In recent conversations with prospective customers, one request keeps rising to the top: “Can you monitor Snowflake?” At first, it felt like a coincidence. But over multiple engagements, that urgency isn’t random – it reflects a deeper industry concern. Security leaders are increasingly prioritizing Snowflake as a high-risk, high-value SaaS application. And they’re right to. The breach playbook has changed and Snowflake has already served as a proving ground for modern identity-driven attacks. Snowflake was breached last year by UNC5537, a financially motivated threat group. According to Google Mandiant, this campaign affected roughly 165 customer instances, with attackers leveraging stolen credentials to exfiltrate sensitive data and demand ransom.  Around the same time, the group known as Scattered Spider (also tracked as UNC3944) became notorious for socially engineered help‑desk intrusions: impersonating insiders, gaining access to valid credentials and multifactor reset paths. They then used those credentials to log into SaaS platforms like Okta and AWS, moving freely and quietly, and exfiltrating data undetected.   A couple of months ago, Scattered Spider attacked major retailers in the UK and US.  And most recently, that same playbook has expanded into the U.S. insurance sector, indicating this isn’t an isolated tactic, it’s the new mainstream. These are not brute-force breaches. These are post-login campaigns. Once inside, the attackers encounter little resistance. Logging is inconsistent, behavioral monitoring is absent, and access to sensitive data is rarely flagged. The result? Highly scalable, nearly invisible data theft enabled not by technical exploits, but by gaps in post-authentication identity and SaaS monitoring. This shift is hard-hitting, and it’s validated in the Google M-Trends 2025 report: These stats paint a stark reality: attackers aren’t rushing in with exploits, they’re walking through front doors. Snowflake is a prime target because of the data it holds. It’s the engine behind analytics, finance, customer intelligence, and more. It’s federated through identity providers, widely accessible by technical teams, and often under-monitored once a user is authenticated. In other words, it’s an attacker’s dream…and a detection blind spot. At Reveal Security, we’ve written extensively about this gap. In “Snowflake and the Continuing Identity Threat Detection Gap”, we laid out why perimeter-based defenses don’t work in SaaS, and why post-authentication behavior monitoring must become a security priority. The reality is this: SaaS identity abuse is the new ransomware. It’s scalable, stealthy, and extremely difficult to detect using traditional tools. And as attackers increasingly use GenAI to impersonate users and automate social engineering, the problem will only get worse. So what are top-tier security teams doing? Security leaders aren’t just worried about perimeter defenses anymore. They’re focused on identity-driven attacks in data-rich SaaS platforms and Snowflake ranks high on their watch list.  At Reveal, we’re helping security teams close the gap in Snowflake and other critical SaaS applications.  If this is a growing area of concern for your organization, let’s talk. – Kevin

The post Why Are CISOs Prioritizing Snowflake Security? The Breach Playbook Has Changed. appeared first on RevealSecurity.

The post Why Are CISOs Prioritizing Snowflake Security? The Breach Playbook Has Changed. appeared first on Security Boulevard.

Proofpoint threat researchers have exposed an active account takeover (ATO) campaign, dubbed UNK_SneakyStrike, exploiting the TeamFiltration pentesting framework to target Microsoft Entra ID user accounts. Since December 2024, this malicious operation has impacted over 80,000 user accounts across hundreds of organizations, achieving several successful breaches. UNK_SneakyStrike Campaign The attackers have weaponized TeamFiltration a tool originally […]

The post Cybercriminals Use TeamFiltration Pentesting Framework to Breach Microsoft Teams, OneDrive, Outlook, and More appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.