Aggregator

A recent phishing campaign has revealed a sophisticated technique that exploits Microsoft Outlook’s unique handling of HTML emails to conceal malicious links from corporate users. The attack, initially appearing as a standard phishing attempt impersonating a Czech bank, leverages conditional HTML comments to display different content depending on the email client used to open the […]

The post Outlook Users Targeted by New HTML-Based Phishing Scheme appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

奢侈时尚品牌卡地亚（Cartier）近期其系统遭遇黑客入侵，致使客户个人信息被泄露。卡地亚在数据泄露通知中表示：“一个未经授权方临时访问了我们的系统，并获得了有限的客户信息。”

据卡地亚称，泄露的信息包括姓名、电子邮件地址和客户所在国家。但该公司强调，此次泄露并不包括更敏感的数据，如密码、信用卡号或银行详细信息。

卡地亚表示，已向执法部门通报了这一事件，并正在与一家外部网络安全公司合作修复这一漏洞。目前这一情况也已得到控制，并进一步加强了对其系统和数据的保护。然而，该公司警告称，被盗数据可能被用于有针对性的攻击，并要求客户对未经请求或可疑的通信保持警惕。

有媒体联系了卡地亚，以了解更多有关违规行为的信息，例如何时发生以及有多少人受到影响，但目前尚未收到回复。

时尚品牌频频遭受网络攻击

在此之前的一个月，其他时尚品牌也发生了类似的安全事件。今年5月，迪奥披露了一起数据泄露事件，此前黑客入侵了其系统，窃取了客户的联系方式、购买历史和偏好。

同样在上个月，阿迪达斯也表示，其第三方服务提供商遭到入侵，导致数据泄露。攻击者访问了联系信息，但没有获得任何付款细节或账户凭据。

上周，由于持续的安全事件，维多利亚的秘密关闭了其网站和一些商店服务。与卡地亚、迪奥和阿迪达斯一样，维密也已与网络安全专家展开了调查。

You must login to view this content

在数字化转型加速的今天，网络安全已成为企业生存与发展的核心基石。随着威胁态势的日益复杂，网络安全市场呈现出爆发式增长，新技术、新场景、新需求不断涌现，推动着行业向更精细化的方向演进。为了解这一蓬勃发展的产业格局，嘶吼安全产业研究院深入调研了400余家网络安全企业，结合市场营收规模、企业产品覆盖广度及技术趋势等多维数据，甄选出15个关键细分领域，精心编制本产品名录。

这份名录旨在为行业提供一份实用的参考指南。通过梳理各细分领域的代表厂商和主流产品，希望帮助甲方用户更高效地了解市场格局，辅助企业在产品选型、技术对标和生态合作时做出更精准的决策。

FIPS 140-3 and You, Part Three
divya
Thu, 06/05/2025 - 07:00

Last spring, in the second installment of this blog series, we were excited to announce that our Luna HSM product line was the first HSM in the industry to achieve FIPS 140-3 level 3 validation certificate.

This spring, in this third installment, we happily share the news that many of Thales Data Security solutions, including the Luna USB HSMs and High Speed Encryptors (HSE) are now also validated for FIPS 140-3. This marks a significant milestone as it means that Thales has achieved FIPS 140-3 validations across its Data Security product portfolio, demonstrating their commitment to the highest security standards

At the recent ICMC conference in Toronto, our certifications team were on hand to pick up their hard-earned reward for this achievement. Much of this work is invisible to our customers as we do everything we can to make the transition simple and easy, but this dedicated team put in significant time and effort to make this happen.

From left to right: Teresa Macarthur, Thales Security Certifications; Graham Costa, Thales Security Certifications; David Hawes, NIST CMVP Program Manager; Laurie Mack, Thales Security Certifications; Will Tung, Thales Security Certifications; Rebeca Shaw, Thales Security Certifications; Kailai Chen, CCCS CMVP Program Manager.

For many years the FIPS validations remained unchanged, which always begs the question, why change? Since FIPS 140-2 was established in 1998, technology has transformed significantly impacting everyone, including certifications. The FIPS 140-3 compliance mandate is more closely aligned to international standards and designed to match new and evolving technologies. It is more flexible and modular in its approach and serves as a de facto goalpost for many global entities.

FIPS 140-3 also introduces the ability to certify Post-Quantum Cryptography (PQC) algorithms. Implementing FIPS 140-3 validated security solutions is an essential part of building a quantum-safe crypto agile security posture, ensuring organizations stay protected today, as well as into the future.

For network encryption, Thales High Speed Encryptors (HSE) hardware network encryptors (CN Series) are now certified at Level 3, while the virtual encryptors (CV Series) are certified at Level 1, all aligning with the latest NIST requirements and continuing to validate our solutions to the highest standards. FIPS 140-3 introduces enhanced lifecycle security, stronger authentication, improved physical security, and stringent side-channel attack prevention, all of which Thales' network encryption solutions address. This certification underscores Thales' dedication to providing robust, compliant encryption solutions that surpass industry standards and ensure data in motion protection in demanding environments, positioning them as a leader in secure network encryption.

If you are new to understanding FIPS compliance and want to learn more about our market-leading data security solutions that help to make compliance easy, simply visit our FIPS 140-3 webpage or contact your local Thales representative. The webpage also provides more details about the differences between 140-2 and 140-3 and the benefits to customers from this changeover.

You can also read our previous blogs about the transition to FIPS 140-3:

FIPS 140-3 and You, Part Two

FIPS 140-3 and You, Part One

It's important to begin your transition from FIPS 140-2 to FIPS 140-3 now. The CMVP no longer accepts submissions for FIPS 140-2, and existing 140-2 certificates are slated to move to historical on September 21, 2026.

Organizations that need to maintain FIPS compliance must ensure that their cybersecurity solutions are FIPS 140-3 validated after this date. Ensure that your Luna Network and PCIe HSMs, and High Speed Encryptors are updated to the latest firmware that has this validation built in. For those of you with a USB HSM, begin your updates as soon as you can. Testing out these changes on your applications and/or network first is often recommended as a first step. Then simply go to the Customer Support Portal to get the latest firmware or software package for your product. If you ever have any questions throughout this process, the Thales team is always here to help.

As always, Thales is dedicated and unwavering in our commitment to pioneering crypto advancements and delivering top-tier protection for our customers’ most sensitive data.

Laurie Mack |
More About This Author > basic

The post FIPS 140-3 and You, Part Three appeared first on Security Boulevard.

6月5日，广州市公安局天河区分局发布悬赏通告，公开通缉网络攻击广州市某科技公司致重大损失案件的20名犯罪嫌疑人。经360数字安全集团与国家计算机病毒应急处理中心、计算机病毒防治技术国家工程实验室联合开展技术溯源，已锁定此次网络攻击源头为台湾民进党当局“资通电军”。随后，三方机构联合发布《台民进党当局“资通电军”黑客组织网络攻击活动调查报告》，起底台APT组织的攻击行径以及技战术特点，直指其针对大陆地区和港澳地区重要行业和单位实施长期网络攻击破坏活动，妄图破坏社会公共秩序、制造混乱局面。

台APT组织长期“作恶”：紧盯我国关键基础设施领域

报告显示，2022年至2024年期间，多个台 APT 组织多次将攻击矛头指向我国关键基础设施领域单位，发起大规模网络攻击，且活动频率与范围显著扩大。

事实上，360对中国台湾APT情况掌握较早，已独立发现并命名了5个中国台湾APT组织，分别是APT-C-01（毒云藤）、APT-C-62（三色堇）、APT-C-64（匿名者64）、APT-C-65（金叶萝）和APT-C-67（乌苏拉），这些组织均由台湾民进党当局支持，受台当局“国防部”下属“资通电军”部队指挥。

各组织攻击目标各有侧重，APT-C-01聚焦政府、国防军工、科研教育等领域，重点搜集国防科技成果、中美关系、两岸关系和海洋活动等敏感信息；APT-C-65以国防军工、航空航天、能源等为目标，实施数据窃取与渗透破坏；APT-C-67主要攻击大陆和港澳地区的物联网系统，尤其是视频监控系统，今年4月对广州某科技公司实施网络攻击的正是该组织。尽管各组织在攻击目标、技战术和活动周期性规律上有差异，但都服务于“倚外谋独”的政治诉求，妄图破坏社会公共秩序、制造混乱。

技术能力透视：“三线水平”暴露无遗

从技术层面看，台APT组织能力有限。近年来，它们利用公开网络资产探测平台，针对大陆10余个省份的1000余个重要网络系统（涉及军工、能源、水电、交通、政府等）开展大规模网络资产探查，搜集基础信息和技术情报，并通过发送钓鱼邮件、公开漏洞利用、密码暴力破解、自制简易木马程序等低端手法实施多轮次网络攻击。

360安全团队凭借十余年实战对抗经验，全面掌握其武器库和技战术特征，建立起基于行为模式分析的战术推演模型。在深入分析台APT组织相关攻击案例后发现，其攻击技战术处于较低水平，主要表现在：依赖已知漏洞攻击，缺乏自主漏洞发现和利用能力以及高级零日漏洞储备；高度依赖公开资源，缺乏自主网络武器和技战术开发能力；反溯源能力弱，相关组织人员缺乏专业化能力。

360集团创始人周鸿祎在央视采访中指出，台湾省APT组织技术水平整体处于全球APT组织中的“三线水平”。其攻击手法简单粗暴，骚扰破坏意图明显，具有强烈政治意味，试图窃取我国国防外交等领域的重大决策及敏感数据信息。这类攻击本质是“低成本骚扰”，虽技术水平不高，但政治目的明确，试图制造恐慌、干扰社会秩序，为“倚美谋独”提供情报支撑，暴露了台当局在网络空间的脆弱攻击性。

溯源台“资通电军”：政治化操弄的危险走向

此次攻击的幕后推手——台“资通电军”部队（全称“国防部资通电军指挥部”）成立于2017年，前身为台“国防部”“老虎小组”网络部队，旨在整合军方、“政府”与民间技术力量，实施所谓“网络作战反制”，被外界称为“台湾省最神秘的部队”。

经过溯源，360对台“资通电军”部队的组织架构、人员情况、主要任务、工作地点、支撑单位进行了起底。报告显示，该部队由多名少将级军官主导，近三年超30家企业为其提供技术培训与软硬件支持。台当局将资源投入到对抗性的网络攻击中，这种“危险行径”给台湾省带来不可预估的安全风险。

结语

360安全团队凭借十余年实战对抗经验，构建起覆盖“武器库分析-行为模式建模-溯源定位”的完整技术链条：通过持续追踪台APT组织攻击特征，建立基于行为模式的战术推演模型，并结合威胁情报共享机制，实现对相关攻击的快速识别与精准反制。这种技术压制能力，客观呈现了“业余化攻击”与“专业化防御”的差距。

此前，360已多次披露美国国安局和中央情报局等情报机构对我国关键基础设施单位的攻击窃密行为。截至目前，360累计发现并披露了58个境外APT组织，占国内所有发现APT总数的90%以上。

随着大模型的发展，APT攻击已进入“AI 时代”。我国政府、各大中小企业、科研机构以及重要基础设施单位等，如何拥抱智能化，以人工智能对抗人工智能，快速看见并处置尤为重要。

为此，360安全专家建议：尽快组织开展APT攻击自检自查工作，并逐步建立长效的防御体系；同时，发展实战应用的安全大模型，赋能高级威胁猎杀各个环节，实现全面系统化、智能化防治，抵御AI时代的高级威胁攻击。