Chesnot/Getty Images
|
In a report published March 20, the Cyber Safety Review Board said that a summer 2023 intrusion, in which Chinese threat actors compromised Microsoft’s cloud environment and inboxes belonging to 22 organizations and over 500 people globally, could have been prevented and “should never have happened.”
In the CSRB’s review, the board said it had identified “operational and strategic decisions” indicative of “a corporate culture that deprioritized both enterprise security investments and rigorous risk management.”
Gold rush. In May and June 2023, Storm-0558—threat actors linked to China and known to have “espionage objectives,” according to Microsoft—compromised multiple Microsoft Exchange Online mailboxes, with the CSRB noting that the threat actors struck “the espionage equivalent of gold” in its compromise.
The State Department was the first to uncover and notify Microsoft of the intrusion last year on June 16, with the report noting that the agency’s security operations center “detected anomalies in access to its mail systems” the day before.
Read more here.—AF
Do you work in IT or have information about your IT department you want to share? Email [email protected].
|
|
|
How? With Morning Brew’s engaged audience of 22m+ monthly readers, of course.
Our unique community of young, hard-to-reach readers (who are 1.7x more likely to have a household income of $150k+) can give your B2B offerings the valuable visibility you’re looking for.
B2B decision-makers know how crucial it is to get their business’s potential in front of the right  s, and the Brew’s paid advertising opportunities connect your brand to our audience by leveraging our popular B2B-centric franchise newsletters, specialized events, and skyrocketing cache of multimedia content.
Morning Brew is powered by the knowledge our readers trust us to deliver. From Retail Brew’s trending insights to Healthcare Brew’s timely updates, we’ve got a B2B Brew for you. Which one will you choose to grow with?
Advertise with us.
|
|
Mikhail Makarov/Getty Images
|
There hasn’t been a cyberattack on government agencies every day this year—it’s been more like every three days.
According to recent Q1 data from the research firm Comparitech, 2024’s cyber shakedowns are decreasing compared to the same quarter last year. One number holding steady, however? Attacks against the public sector.
“The government attacks seem to be staying pretty static and not going down,” Paul Bischoff, Comparitech editor, told IT Brew.
Ransomware in action. The group counted a total of 154 attacks as of March 2024, according to its collection of reports, news, and cybersecurity databases. The hundred-high figure, though likely depressing to security pros, is actually a significant decline from Comparitech’s Q1 numbers from last year: 337 attacks.
Government agencies made up 36 of 2024’s 154 first-quarter targets, which also included the additional sectors of business, education, and healthcare. Comparitech’s numbers for government agency attacks in 2023 totaled 202 for the year and 50 in its first quarter. In other words: Ransomware is down overall, since last year, just not if you’re in the public sector.
Read more here.—BH
Do you work in IT or have information about your IT department you want to share? Email [email protected].
|
|
Francis Scialabba
|
AI hype has mostly centered on massive, cloud-based generative AI services like OpenAI’s ChatGPT or Microsoft Copilot.
Yet many organizations may find running their own custom AI services on owned or rented hardware to be surprisingly accessible—and feasible—in the near future, experts told IT Brew. Other factors like European data regulations may also ultimately affect where companies deploy their services.
Up to speed. Brandon Jung, VP of ecosystem and business development for AI assistant developer Tabnine, told IT Brew the most costly up-front components of AI are training data and deep learning. Once both are in place, the game switches to making inferences (the actual outputs of AI) cheaper and more efficient.
While broad-purpose AI tools like ChatGPT or Copilot are expensive to train and run, Jung said, “If I have my own data, and I can build a custom model—yes, it won’t solve a bunch of problems, but it’s going to be very efficient and cost-effective, and bring a whole lot more value to the problem area that it’s addressing.”
Moreover, Jung said open-source AI like Llama 2 or Gemma that can be run on-premises are converging in performance with more popular proprietary AIs, and may soon be indistinguishable from the average users’ perspective.
Keep reading here.—TM
Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.
|
|
Francis Scialabba
Today’s top IT reads.
Stat: 22%. That’s how much Amazon’s stock is up this year, as the company weighs investments in AI and cost-cutting measures. (the Wall Street Journal)
Quote: “Apple detected that you are being targeted by a mercenary spyware attack.”—part of a text message sent by Apple, warning users in 92 countries of a potential hack (TechCrunch)
Read: Senator Mark Warner is calling for cybersecurity standards in the healthcare industry. (Recorded Future News)
Return here: Quickly retrieve laptops and monitors from remote employees with a little help from Retriever. Its SOC 2 Type 2 compliant API integrates with HRIS + IT asset management software—with no subscriptions, no contracts, and no stress.* *A message from our sponsor.
|
|
|
Break free from the job board cycle. CollabWORK connects you with relevant job openings curated specifically for communities you're already part of—like IT Brew. Find high-quality opportunities and land your next big break by joining CollabWORK today.
|
|
|
Share IT Brew with your coworkers, acquire free Brew swag, and then make new friends as a result of your fresh Brew swag.
We’re saying we’ll give you free stuff and more friends if you share a link. One link.
Your referral count: 2
Click to Share
Or copy & paste your referral link to others:
itbrew.com/r/?kid=9ec4d467
|
|
|
