Thriving Thursday! Look folks, it’s almost the end of the year. I’m running low on alliterative intros.
In today’s edition:
I’ll be in my server!
Holiday hacked
Fake work
—Billy Hurley, Eoin Higgins, Brianna Monsanto, Patrick Lucas Austin
|
|
SOFTWARE
Gone are the days of 2022, when we brought our biggest questions to one giant, occasionally hallucinating platform like ChatGPT.
Cloud vendors are increasingly offering “agents,” or AI tools that perform very specific tasks, like booking a flight or turning $10 into $1,000 through investment—those are two examples that Matt Wood, PwC global and US commercial technology and innovation officer, shared with CNBC this month. Google’s new platform Agentspace aims to help enterprise users get their questions answered from the array of today’s agentic AI.
“In addition to the applications we’ve been using for years, enterprises now feel like they need to leverage new generative AI tools and technologies just to stay competitive. So, switching across multiple apps to find and stitch together data can slow productivity,” Raj Pai, VP of product management for cloud AI at Google Cloud, said last week in a press conference before the release of the product on December 13. “Every time a new tool is added, we introduce more risk from a privacy and data leakage perspective.”
With an employee prompt, Agentspace provides info across multiple connected enterprise systems, with pre-built connectors to agents from third-party applications like Microsoft SharePoint, ServiceNow, and Jira.
“It’s finding the most relevant results across those data sources with the access controls and permissions so I can only see search results that I am authorized to see,” Kalyan Parmathy, group product manager for generative AI and search, told reporters on the prelaunch call.
Read the rest here.—BH
|
|
|
|
Presented By Akamai
And in the day, evening, and weekend. Basically, APIs are bad news, and they’re not taking any days off.
Akamai’s 2024 API Security Impact Study surveyed 1,200+ security leaders to get their take on APIs. They demonstrated eye-opening consensus on:
- seeing API security incidents rise for three years and counting
- spending more than half a mil recovering from said incidents
- feeling the human toll and reputational damage
While APIs are clearly a growing attack vector, respondents offered mixed reviews on the completeness of their API inventories. Turns out the traditional tools they’re relying on to protect APIs don’t fully cover the risk.
Need solutions, strategies, and advice from like-minded pros? Kick APIs out of the driver’s seat with Akamai’s 2024 API Security Impact Study.
|
|
CYBERSECURITY
Hack for the holidays? Some Rhode Islanders have found themselves compromised, just in time for Christmas.
State officials announced Dec. 14 that hackers had accessed RIBridges, a services portal that residents can use to apply for public benefits. The system helps Rhode Islanders apply for SNAP, TANF, Medicaid, and other programs.
RIBridges is managed by Deloitte, which announced the breach on Dec. 13. Deloitte believes an international criminal gang was behind the attack and added that the company is working with law enforcement to track down the threat actors responsible.
Bell, rung. Jim Routh, chief trust officer at cloud access management company Saviynt, told IT Brew in an email via PR rep Tila Pacheco that attackers “first got access to an online account and then moved laterally to attack replication infrastructure (servers that run data management and replication applications).”
“Once they accomplish this, they exfiltrate data from core applications before encrypting the data,” Routh added. “They increase their probability of getting an extortion payment by leaking the data from core systems publicly. All of these steps are designed to encourage the victim enterprise to pay the ransom.”
The company is now facing a number of class-action lawsuits. Peter Wasylyk, a former state representative who is the attorney for plaintiffs in one suit, said that the “incident is just another example of the critical need for entities to take strong measures to safeguard such sensitive personal information.”
Read more here.—EH
|
|
|
|
CYBERSECURITY
The plot has thickened on this week’s episode of, Is your remote IT worker secretly trying to defraud you?
Last week, a federal court in St. Louis, Missouri, indicted 14 North Korean nationals who it claims were part of a six-year fake IT worker scheme that generated at least $88 million in illicit revenue.
Operation F.A.K.E. According to the indictment, the scam is estimated to have taken place between April 2017 and March 2023. During this period, the named defendants were said to have sought out remote IT work with the assistance of stolen, borrowed, and purchased identities. To better deceive the businesses they applied to, the group allegedly embellished their résumés with roles at fake US-based companies, which had sham websites that were purchased and designed by the schemers to accompany them.
When successfully securing interviews, the defendants on some occasions sought the help of US-based workers to aid their ruse by making them sit in their place for the scheduled meeting and guiding them through the process. The indictment further claims that the group also tapped Americans to receive work laptops from the US businesses they were employed by to create the “false appearance” that they were working in the country. Once employed, the accused group extorted payments from some of their employers by threatening to expose sensitive information.
Keep reading here.—BM
|
|
|
|
A message from IBM
Can data make a difference? Only if you know how to use it. Learn how to use your proprietary data to customize AI models to help unlock your full potential in this video series from Business Insider that’s sponsored by IBM. Tune in for insights from Maryam Ashoori, director of product management for watsonx.ai at IBM. |
|
PATCH NOTES
Today’s top IT reads.
Stat: 61%. That’s how much crypto theft in 2024 was done by North Korean hackers, according to a Chainalysis report. (TechCrunch)
Quote: “If Apple were to have to grant all of these requests, Facebook, Instagram, and WhatsApp could enable Meta to read on a user’s device all of their messages and emails.”—Apple, facing EU fines if it fails to allow rivals to interoperate with its services, accusing Meta of attempting to nefariously access software tools (the Wall Street Journal)
Read: A free VPN is allowing users to surf the network—and access other people’s homes. (Wired)
Science stories: Looking for inspiring stories from some of the greatest minds in science and literature—like award-winning science journalist Amy Maxmen? Sign up for the free newsletter Nautilus, the foremost literary science magazine. Get your free subscription.* *A message from our sponsor.
|
|
|
Interested in speaking at an IT Brew event? Get your name on the list for our virtual events calendar before it’s too late! We’re looking for industry experts with compelling stories and valuable experience, a commitment to educating and engaging audiences, and, of course, a sense of humor. Whether you’re an expert in cybersecurity strategy, combatting AI sprawl, or anything in between, we want your voice to be featured at our next event.
|
|
|
JOBS
Ready to move your career forward without endless scrolling? CollabWORK connects you with jobs in the communities you’re already part of—like IT Brew. Experience community-powered hiring and discover the opportunities that suit you best. Click this link to browse jobs hand-selected for IT Brew!
|
|
|
SHARE THE BREW
Share IT Brew with your coworkers, acquire free Brew swag, and then make new friends as a result of your fresh Brew swag.
We’re saying we’ll give you free stuff and more friends if you share a link. One link.
Your referral count: 0
Click to Share
Or copy & paste your referral link to others: itbrew.com/r/?kid=b897a7f5
|
|
|
ADVERTISE
//
CAREERS
//
SHOP
//
FAQ
Update your email preferences or unsubscribe
.
View our privacy policy
.
Copyright ©
2024
Morning Brew. All rights reserved.
22 W 19th St, 4th Floor, New York, NY 10011
|
|