Toggle light / dark theme

Microsoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it’s also in the process of migrating the Entra ID signing service as well.

The disclosure comes about seven months after the tech giant said it completed updates to Microsoft Entra ID and MS for both public and United States government clouds to generate, store, and automatically rotate access token signing keys using the Azure Managed Hardware Security Module (HSM) service.

“Each of these improvements helps mitigate the attack vectors that we suspect the actor used in the 2023 Storm-0558 attack on Microsoft,” Charlie Bell, Executive Vice President for Microsoft Security, said in a post shared with The Hacker News ahead of publication.

The U.S. government is preparing to make moves to get food dyes out of what we eat– a plan which may spark curiosity across the nation as to what the potential health risks of artificial food dyes are.

MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry.

CVE, the most critical of the two, is maintained by MITRE with funding from the U.S. National Cyber Security Division of the U.S. Department of Homeland Security (DHS). CVE is crucial for providing accuracy, clarity, and shared standards when discussing security vulnerabilities.

The program is widely adopted across various cybersecurity tools, including vulnerability management systems, and it allows tracking all newly discovered vulnerabilities using CVE Identifiers (CVE IDs) assigned by CVE Numbering Authorities (CNAs) worldwide, with MITRE as the CVE Editor and Primary CNA.

🏭 Q: What upgrades are needed for the grid to handle increased energy demand by 2050? A: The grid needs to be upgraded to handle tripled energy throughput by 2050, requiring more power plants, wires, transformers, and substations to support increased demand from EVs, heat pumps, and AI. Innovative Charging Solutions.

🔋 Q: How do Electric Era’s charging stations reduce grid capacity requirements? A: Electric Era’s charging stations with batteries buffer the load, reducing grid capacity requirements by 70% and allowing for faster deployment in better locations like retail amenities and gas station parking lots.

⏱️ Q: What capabilities do Electric Era’s charging stations offer for energy management? A: Electric Era’s stations offer time of use charging and virtual power plant capabilities, storing energy upstream and providing the best time of use pricing to customers, making them more efficient and cost-effective. Energy Storage and Distribution.

☀️ Q: How can the “duck curve” phenomenon be addressed? A: The duck curve can be solved by building extra energy storage to store excess electrons, such as Tesla’s 10–12 GWh deployed last quarter and Electric Era’s smaller storage at more localized locations.

🔌 Q: What is the transformer scarcity problem and how can it be addressed? A: Transformers are being hoarded due to scarcity and strategic importance, exacerbating grid infrastructure issues. A strategic transformer reserve is needed to address this problem, according to Quincy from Electric Era. ## ## Key Insights ## Grid Infrastructure Challenges.

🔌 The 130-year-old grid infrastructure is antiquated and breaking apart, making it expensive and challenging to upgrade for increased energy demand.

The threat actor known as Paper Werewolf has been observed exclusively targeting Russian entities with a new implant called PowerModul.

The activity, which took place between July and December 2024, singled out organizations in the mass media, telecommunications, construction, government entities, and energy sectors, Kaspersky said in a new report published Thursday.

Paper Werewolf, also known as GOFFEE, is assessed to have conducted at least seven campaigns since 2022, according to BI.ZONE, with the attacks mainly aimed at government, energy, financial, media, and other organizations.

The Hunters International Ransomware-as-a-Service (RaaS) operation is shutting down and rebranding with plans to switch to date theft and extortion-only attacks.

As threat intelligence firm Group-IB revealed this week, the cybercrime group remained active despite announcing on November 17, 2024, that it was shutting down due to declining profitability and increased government scrutiny.

Since then, Hunters International has launched a new extortion-only operation known as “World Leaks” on January 1, 2025.

“No two ways about it,” Altepeter told Breaking Defense today. “The number of companies that we’re announcing is a surprise to me. I did not expect we would get this many.”

For the winning teams, the value of QBI is not just the money. Indeed, first-round grants like those being announced today have typically been under $1 million — small change not just for the Pentagon but for tech firms and venture capitalists already investing billions into quantum ventures. We suggested everybody apply for a million, [but] some people came in and said they were going to do it for less, Altepeter said.

The unique value of a QBI award is that it gives the winning companies access to a DARPA-led team of quantum experts, pulled from both US government labs, including the famous Los Alamos, and federally funded research institutions. Their job is to act as independent testers, fresh eyes, and devil’s advocates, rigorously scrutinizing each participant’s quantum strategy.