Small pieces of personal life shared publicly on social media can sometimes lead to big breaches, and executives in particular need to be careful about what they post.

Pen testers and ethical hackers told IT Brew that the tiniest bits of online info can lead to system access.

Rachel Tobac, co-founder and CEO of SocialProof Security—whom you might recall from her hacking demo on 60 Minutes—often sees execs leaving a trail of valuable data on Instagram, Twitter, and other social media sites.

Say an exec posts a LinkedIn photo of a quarterly retreat, with a whiteboard of notes in the background.

From there, Tobac said, a hacker can pretend to be a senior leader in the photo and call an executive assistant (also tagged in the photo), using contact details available on data brokerage sites and spoofing the number so the caller ID matches. A mention of a project name found on the whiteboard can boost trust and lead to transferred documents and credentials.

“Oftentimes, folks believe so many of those pieces to be internal that they automatically assume I’m legitimate and I gain access quickly. It sounds complex but takes me a few hours to set up and complete,” Tobac told IT Brew in an email.

Read more here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Want curated resources and expert help migrating and modernizing your on-premises infrastructure and data? How about advanced analytics and support for building AI-infused and custom cloud-native applications?

Look no further: Microsoft’s Azure Innovate is here to assist your advanced innovation needs. Infuse AI into your apps and experiences, get advanced analytics, and enjoy custom cloud-native applications.

Need a hand makin’ the move? Microsoft’s Azure Migrate and Modernize can navigate the exhaustive list of workloads for your transition to Azure, including Windows Server & SQL Server migration, SAP migration, Oracle databases, and mainframe migration.

But here’s the cherry on top: Both offerings are built for all, no matter the size of your business or industry. Plus, you’ll enjoy cost savings, increased efficiency, and improved security.

So, what are you waiting for? Prepare for liftoff.

OpenAI has a new CEO—again. Also it’s the old CEO, from a few days ago.

IT Brew reviewed the comings and goings in the tech industry C-suite last month.

OpenAI co-founder and CEO Sam Altman removed by board

Altman’s removal from OpenAI came on Friday, Nov. 17, and sent shockwaves through the tech industry. The decision, to put it mildly, backfired spectacularly. That evening, OpenAI co-founder and President Greg Brockman resigned. And on Monday, Nov. 20, more than 700 of the company’s 770 employees signed an open letter declaring they too would resign if Altman wasn’t reinstated.

Meanwhile…

Former Twitch CEO Emmett Shear takes over at OpenAI

Shear, the former CEO of streaming company Twitch, was named OpenAI’s interim CEO on Nov. 19, replacing prior interim CEO Mira Murati. During his extremely brief tenure, Shear raised questions about how Altman was removed in the first place, and threatened to himself step down if the explanations weren’t satisfactory.

That wouldn’t prove necessary, though, because…

Read more here.—EH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Amazon’s experimental generative AI is…not doing so hot, according to a recent report by Platformer.

The company announced its Q chatbot during Amazon Web Service’s (AWS) annual developer conference—and it’s already “experiencing severe hallucinations and leaking confidential data,” the site reported. The confidential data in question includes the location of AWS data centers, internal discount programs, and unreleased features, according to leaked documents obtained by Platformer.

One of the incidents was marked “sev 2,” referring to a bug so severe that Amazon contacted engineers during the night and made them work through the weekend to solve it, according to Platformer. While companies define their own incident severity levels, a ranking of 2 generally refers to an incident with a major impact.

Amazon is hoping to compete with similar AI offerings by Google and Microsoft-tied OpenAI, and recently announced a $4 billion investment in AI startup Anthropic. Those competitors have had their own issues with hallucinating AIs: Microsoft’s ChatGPT-supported Bing chatbot infamously went off the rails soon after release, while Google’s Bard served up incorrect information during its very first public demo. Yet Amazon’s pitch for Q included the claim that its approach would minimize the risk of losing control of sensitive internal data.

Keep reading here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.

Today’s top IT reads.

Stat: 92%. That’s the percentage of tech industry poll respondents who said their organization has accelerated AI initiatives in the last year, despite 90% of executives saying they don’t completely understand their teams’ AI proficiency. (Pluralsight)

Quote: “Made to be less hated.”—HP’s awkward new tagline in printer ads (Ars Technica)

Read: Spotify’s struggles could have serious consequences for the rest of the podcast scene. (TechCrunch)

In the digital landscape, security and privacy reign supreme, and Tech Brew is sitting down with Elise Houlik, CPO at Intuit, and Saz Kanthasamy, Principal Researcher for the IAPP, to shed light on the critical balancing act. We will explore how experts navigate the challenges of pushing tech boundaries without compromising essential privacy priorities.

Register now!