Universities have always been places of learning and innovation. Yet, in today’s digital world, they’re also prime targets for cybercriminals. From online learning platforms to student records, from research databases to financial systems, the amount of sensitive data that higher education institutions store has grown exponentially—and so have the risks. Between AI-fueled disruption, rising financial […]
The post Top Cybersecurity Tools for Higher Education: Protecting Institutions appeared first on Centraleyes.
The post Top Cybersecurity Tools for Higher Education: Protecting Institutions appeared first on Security Boulevard.
A recent phishing campaign has revealed a sophisticated technique that exploits Microsoft Outlook’s unique handling of HTML emails to conceal malicious links from corporate users. The attack, initially appearing as a standard phishing attempt impersonating a Czech bank, leverages conditional HTML comments to display different content depending on the email client used to open the […]
The post Outlook Users Targeted by New HTML-Based Phishing Scheme appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
奢侈时尚品牌卡地亚(Cartier)近期其系统遭遇黑客入侵,致使客户个人信息被泄露。卡地亚在数据泄露通知中表示:“一个未经授权方临时访问了我们的系统,并获得了有限的客户信息。”
据卡地亚称,泄露的信息包括姓名、电子邮件地址和客户所在国家。但该公司强调,此次泄露并不包括更敏感的数据,如密码、信用卡号或银行详细信息。
卡地亚表示,已向执法部门通报了这一事件,并正在与一家外部网络安全公司合作修复这一漏洞。目前这一情况也已得到控制,并进一步加强了对其系统和数据的保护。然而,该公司警告称,被盗数据可能被用于有针对性的攻击,并要求客户对未经请求或可疑的通信保持警惕。
有媒体联系了卡地亚,以了解更多有关违规行为的信息,例如何时发生以及有多少人受到影响,但目前尚未收到回复。
时尚品牌频频遭受网络攻击
在此之前的一个月,其他时尚品牌也发生了类似的安全事件。今年5月,迪奥披露了一起数据泄露事件,此前黑客入侵了其系统,窃取了客户的联系方式、购买历史和偏好。
同样在上个月,阿迪达斯也表示,其第三方服务提供商遭到入侵,导致数据泄露。攻击者访问了联系信息,但没有获得任何付款细节或账户凭据。
上周,由于持续的安全事件,维多利亚的秘密关闭了其网站和一些商店服务。与卡地亚、迪奥和阿迪达斯一样,维密也已与网络安全专家展开了调查。
You must login to view this content
在数字化转型加速的今天,网络安全已成为企业生存与发展的核心基石。随着威胁态势的日益复杂,网络安全市场呈现出爆发式增长,新技术、新场景、新需求不断涌现,推动着行业向更精细化的方向演进。为了解这一蓬勃发展的产业格局,嘶吼安全产业研究院深入调研了400余家网络安全企业,结合市场营收规模、企业产品覆盖广度及技术趋势等多维数据,甄选出15个关键细分领域,精心编制本产品名录。
这份名录旨在为行业提供一份实用的参考指南。通过梳理各细分领域的代表厂商和主流产品,希望帮助甲方用户更高效地了解市场格局,辅助企业在产品选型、技术对标和生态合作时做出更精准的决策。
FIPS 140-3 and You, Part Three
divya
Thu, 06/05/2025 - 07:00
Last spring, in the second installment of this blog series, we were excited to announce that our Luna HSM product line was the first HSM in the industry to achieve FIPS 140-3 level 3 validation certificate.
This spring, in this third installment, we happily share the news that many of Thales Data Security solutions, including the Luna USB HSMs and High Speed Encryptors (HSE) are now also validated for FIPS 140-3. This marks a significant milestone as it means that Thales has achieved FIPS 140-3 validations across its Data Security product portfolio, demonstrating their commitment to the highest security standards
At the recent ICMC conference in Toronto, our certifications team were on hand to pick up their hard-earned reward for this achievement. Much of this work is invisible to our customers as we do everything we can to make the transition simple and easy, but this dedicated team put in significant time and effort to make this happen.
From left to right: Teresa Macarthur, Thales Security Certifications; Graham Costa, Thales Security Certifications; David Hawes, NIST CMVP Program Manager; Laurie Mack, Thales Security Certifications; Will Tung, Thales Security Certifications; Rebeca Shaw, Thales Security Certifications; Kailai Chen, CCCS CMVP Program Manager.
Why the changes to FIPS?For many years the FIPS validations remained unchanged, which always begs the question, why change? Since FIPS 140-2 was established in 1998, technology has transformed significantly impacting everyone, including certifications. The FIPS 140-3 compliance mandate is more closely aligned to international standards and designed to match new and evolving technologies. It is more flexible and modular in its approach and serves as a de facto goalpost for many global entities.
FIPS 140-3 also introduces the ability to certify Post-Quantum Cryptography (PQC) algorithms. Implementing FIPS 140-3 validated security solutions is an essential part of building a quantum-safe crypto agile security posture, ensuring organizations stay protected today, as well as into the future.
For network encryption, Thales High Speed Encryptors (HSE) hardware network encryptors (CN Series) are now certified at Level 3, while the virtual encryptors (CV Series) are certified at Level 1, all aligning with the latest NIST requirements and continuing to validate our solutions to the highest standards. FIPS 140-3 introduces enhanced lifecycle security, stronger authentication, improved physical security, and stringent side-channel attack prevention, all of which Thales' network encryption solutions address. This certification underscores Thales' dedication to providing robust, compliant encryption solutions that surpass industry standards and ensure data in motion protection in demanding environments, positioning them as a leader in secure network encryption.
New to the topic?If you are new to understanding FIPS compliance and want to learn more about our market-leading data security solutions that help to make compliance easy, simply visit our FIPS 140-3 webpage or contact your local Thales representative. The webpage also provides more details about the differences between 140-2 and 140-3 and the benefits to customers from this changeover.
You can also read our previous blogs about the transition to FIPS 140-3:
Already a customer and wondering about next steps?It's important to begin your transition from FIPS 140-2 to FIPS 140-3 now. The CMVP no longer accepts submissions for FIPS 140-2, and existing 140-2 certificates are slated to move to historical on September 21, 2026.
Organizations that need to maintain FIPS compliance must ensure that their cybersecurity solutions are FIPS 140-3 validated after this date. Ensure that your Luna Network and PCIe HSMs, and High Speed Encryptors are updated to the latest firmware that has this validation built in. For those of you with a USB HSM, begin your updates as soon as you can. Testing out these changes on your applications and/or network first is often recommended as a first step. Then simply go to the Customer Support Portal to get the latest firmware or software package for your product. If you ever have any questions throughout this process, the Thales team is always here to help.
As always, Thales is dedicated and unwavering in our commitment to pioneering crypto advancements and delivering top-tier protection for our customers’ most sensitive data.
Laurie Mack |
More About This Author >
basic
The post FIPS 140-3 and You, Part Three appeared first on Security Boulevard.