☕ Are you on the list?

To:Brew Readers

IT Brew // Morning Brew // Update

CYBERSECURITY

Escalate this!

Phone with a digital lock floating above

Francis Scialabba

Unlike judges on a cooking competition show, threat actors aren’t picky when it comes to the ingredients they use as part of their cyberattack schemes.

A recent report from mobile security firm Zimperium unveiled some of the ways attackers are performing privilege escalation, a type of cyberattack wherein a threat actor gains unauthorized access to higher-level permissions through seemingly legitimate apps.

Escalator. According to Zimperium researchers, some attackers are performing privilege escalations through original equipment manufacturer (OEM) permissions. OEM permissions can be abused when a malicious app pretends to be a system application, or when a regular app is compromised and leverages inherited OEM permissions.

Zimperium noted that attackers may target preinstalled apps for privilege escalation attacks because they often have “elevated privileges.” Kern Smith, Zimperium VP of global solutions engineering, told IT Brew that attackers may be attracted to attacks that rely on these apps because they can be performed at scale.

How privileges lead to potential attacks.—BM

a message from IBM

Turn complexity to clarity

SIXT—a leading provider of high-quality mobility services—is at the forefront of developing innovative digital products and services for its customers. But the IT environments are complex. How does observability technology help SIXT deliver with stability and reliability?

To help achieve its goals, SIXT needed robust observability for great end-to-end visibility, early problem detection, fast problem resolution, and a deeper understanding across environments. SIXT turned to IBM Instana® Observability for support in terms of visibility and simplicity.

IBM Instana Observability was also important for the company’s cloud migration project when performance issues were detected, enabling the team to quickly investigate and resolve those issues.

Get the real-world implementation details.

CYBERSECURITY

Strong social game

Illustration: Anna Kim, Photo: Adobe Stock

While some recent cyberattacks targeting retailers—like Victoria’s Secret, Dior, North Face, Adidas, Whole Foods, and the UK’s Co-op—have involved moves like credential stuffing and network reconnaissance, some cyber tactics are more theatrical than technical.

A data breach of UK retailer Marks & Spencer, its CEO said, reportedly involved social engineering and tricking a third-party provider into providing access.

The cybercriminal collective Scattered Spider, which the UK’s National Crime Agency is currently eyeing as it investigates the wave of retailer breaches, is known for its effective impersonations. (In a memorable 2023 attack against Las Vegas’s Caesars Entertainment and MGM Resorts, one that many attribute to Scattered Spider, a “smooth-talking” hacker reportedly duped a help-desk worker to hand over credentials.)

Pros who spoke to IT Brew recommended ways to prep teams for aggressive social engineering.

Why social engineering is everyone’s problem.—BH

CLOUD

Check, please!

Amelia Kinsinger

A cloud bill is likely not a one-page print. And if yours is, you may just be at your local CVS.

The cost-management homepage for Amazon Web Services features windows, bar graphs, recommended actions, summaries, and trends.

Such a data-filled view can be a “scary-looking dashboard,” according to George Crosby, founder of Cogito Group, a consultancy that tries to ease the fright and find ways for clients to cut cloud costs.

Crosby and Deloitte Principal Chris Hughes spoke to IT Brew about how to be ready for the cloud check when it arrives.

Use it or lose it! Cloud costs can include a variety of computing, network, and storage services. Crosby recommends searching a platform’s dashboard for top drivers and then drilling into their causes.

A cost-management homepage prominently features monthly cost breakdowns, with colors for each service used: Say, the computing platform Amazon Elastic Compute Cloud (EC2), Amazon Relational Database Service, or application-deployment tool Red Hat OpenShift Service on AWS.

Cutting cloud costs can get complicated.—BH

Together With Fortra

Want cybersecurity superpowers? IT teams don’t (yet) have the power to conjure force fields around their distributed teams. In the meantime, thankfully, Fortra can help keep employees safe. They protect hybrid workforces from endpoint to cloud, helping security teams maintain visibility + control over company data. Learn more.

PATCH NOTES

Francis Scialabba

Today’s top IT reads.

Stat: 80%. That’s Nvidia’s estimated share of the global AI chip market, as the behemoth moves aggressively into the cloud computing space. (the Wall Street Journal)

Quote: “Prediction markets remind me of crypto 15 years ago: a new asset class on a path to trillions.”—Matt Huang, Paradigm co-founder and managing partner, on why companies like Kalshi are hitting billions in valuation (TechCrunch)

Read: OpenAI’s Sam Altman talked Trump, lawsuits, and the future of AI with the hosts of the podcast Hard Fork. (the New York Times)

Gaining visibility: From commercial vehicle rentals to ride-sharing and ride-hailing, SIXT provides high-quality mobility services. To manage the complex IT environment, SIXT turned to IBM Instana Observability. Learn more.*

^{*A message from our sponsor.}

JOBS

Ready to move your career forward without endless scrolling? CollabWORK connects you with jobs in the communities you’re already part of—like IT Brew. Experience community-powered hiring and discover the opportunities that suit you best. Click this link to browse jobs hand-selected for IT Brew!

Cloud Service Engineer – AWS at MegazoneCloud (in person)
Software Architect, Agent Evaluation & Core Framework at Datagrid AI (remote)
Founding Security Engineer (Security Generalist) at a Series A startup (in person)

SHARE THE BREW

Share IT Brew with your coworkers, acquire free Brew swag, and then make new friends as a result of your fresh Brew swag.

We’re saying we’ll give you free stuff and more friends if you share a link. One link.

Your referral count: 5

Click to Share

Or copy & paste your referral link to others:
itbrew.com/r/?kid=9ec4d467

✤ A Note From IBM

A message from IBM

Written by Brianna Monsanto, Billy Hurley, and Patrick Lucas Austin

Was this email forwarded to you? Sign up here.

Take The Brew to work

Marketers: Marketing Brew
Corporate: CFO Brew HR Brew Revenue Brew
Tech: Tech Brew
Retailers: Retail Brew
Healthcare: Healthcare Brew

Get smarter in just 5 minutes

Business News: Morning Brew
Money & Career: Money With Katie Bossy Brew Markets The Playbook

Interested in podcasts?

Check out ours here

ADVERTISE // CAREERS // SHOP // FAQ

Update your email preferences or unsubscribe .
View our privacy policy .

Copyright © 2025 Morning Brew Inc. All rights reserved.
22 W 19th St, 4th Floor, New York, NY 10011

Top insights for IT pros

From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.