The company’s update comes amid reports of widespread exploitation, including several at several U.S. agencies that were breached as part of the attack. Cybersecurity researchers say ransomware groups have seized upon the vulnerability and are using it to exfiltrate data to compel victim organizations to pay the ransom.

In the advisory, dated June 16, Progress says it has discovered vulnerability in MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment.

“If you are a MOVEit Transfer customer, it is extremely important that you take immediate action as noted below in order to help protect your MOVEit Transfer environment,” the company says in the new advisory. “In Progress MOVEit Transfer versions released before 2021.0.8 (13.0.8), 2021.1.6 (13.1.6), 2022.0.6 (14.0.6), 2022.1.7 (14.1.7), 2023.0.3 (15.0.3), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an un-authenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint which could result in modification and disclosure of MOVEit database content.”

The incident, which was first identified in late May, now stretches well into June as organizations rush to patch their systems and protect their environment.

According to Progress Software, “All MOVEit Transfer customers must take action and apply the patch to address the June 15th CVE-2023-35708 vulnerability discovered in MOVEit Transfer. “

However, organizations have two paths to take, depending on if they applied the remediation and patching steps from the first MOVEit Transfer Critical Vulnerability (May 2023) advisory prior to June 15.

For those who have not yet applied the May 2023 patch, they should do so and follow the remediation steps immediately, the company says. This includes the newest patch for two separate vulnerabilities, including the original from May 31 (CVE-2023-34362) and another identified on June 9 (CVE-2023-35036).

Once that is taken care of, organizations should apply the June 15 patch (CVE-2023-35708).

If organizations have applied the May 31 and June 9 patch, they should now apply the June 15 patch, which will bring them fully up to date.

There is a lot of information coming out about these bugs, but cybersecurity firm Rapid7 has a detailed timeline of events, up until this new information.

May 27-28: Rapid7 services teams have so far confirmed indicators of compromise and data exfiltration dating back to at least May 27 and May 28, 2023 (respectively).

May 31: Progress Software publishes an advisory on a critical SQL injection vulnerability in their MOVEit Transfer solution.

May 31: Rapid7 begins investigating exploitation of MOVEit Transfer.

June 1: Rapid7 publishes initial analysis of MOVEit Transfer attacks after responding to incidents across multiple customer environments.

June 1: The security community publishes technical details and indicators of compromise.

June 1: Compromises continue; Rapid7 responds to alerts.

June 1: CISA publishes Security Advisory.

June 2: CVE-2023-34362is assigned to the zero-day vulnerability.

June 2: Mandiant attributes the attack to a threat cluster with unknown motives.

June 2: Velociraptor releases an artifact to detect exploitation of MOVEit File Transfer critical vulnerability.

June 4: Rapid7 publishes a method to identify which data was stolen.

June 4: Nova Scotian government discloses it is investigating privacy breach.

June 5: Microsoft attributes the attack to Lace Tempest, a Cl0p ransomware affiliate that has previously exploited vulnerabilities in other file transfer solutions (e.g., Accellion FTA, Fortra GoAnywhere MFT).

June 5: UK companies BA, BBC, and Boots disclose breaches as victims in MOVEit File Transfer.

June 5: Cl0p ransomware group claims responsibility for the zero-day attack.

June 6: Security firm Huntress releases a video allegedly reproducing the exploit chain.

June 6: The Cl0p ransomware group posts a communication on their leak site demanding that victim organizations contact them by June 14 to negotiate extortion fees in exchange for the deletion of stolen data.

June 7: CISA publishes #StopRansomware Cybersecurity Advisory regarding MOVEit File Transfer Vulnerability CVE-2023-34362.

June 9: Progress Software updates advisory to include a patch for a second MOVEit Transfer Vulnerability, which was uncovered by Huntress during a third-party code review. The vulnerability is later assigned CVE-2023-35036.

June 12: Rapid7 releases a full exploit chain for MOVEit Transfer Vulnerability CVE-2023-34362.

Organizations impacted should consult Progress Software, their cybersecurity services provider, and CISA for more information.

The post Progress Software Urges Further Action to Prevent MOVEit Exploitation appeared first on My TechDecisions.

According to the companies, the new partnership and integration announced during InfoComm 2023 is designed to take the complexity out of BYOD meeting room deployment, use and management.

Using the Airtame App, users can start a conference call on the Airtame Hub Once connected, the Airtame Hub hosts the call for all attendees in a conference room, providing a central processing unit where Stem Ecosystem devices can be integrated. This is designed to simplify audio and provide a consistent meeting experience, the companies say.

“Airtame is proud to provide a platform that is compatible with the highest quality technology available. Together, the Shure Stem Ecosystem and Airtame Hybrid Conferencing Solution provide a frictionless experience for collaboration in any setting to better support the future of work and communication,” said Jonas Gyalokay, Airtame Co-Founder, in a statement. “This strategic alliance provides end users with flexible, intuitive conferencing solutions that can adapt to shifting demands and hybrid work trends.”

Shure’s Stem Ecosystem devices provide a scalable audio solution for rooms of any size, and Stem Ecosystem devices require only a single USB connection with Airtame. This is designed to make it help IT managers avoid the time-consuming, difficult, and potentially expensive task of integration, according to Shure.

The Stem Ecosystem platform enables users to add each device to their local network and assign them within the room. With access to free software tools, the IT team can adjust device settings to the room’s unique audio environment and verify a successful installation, Shure says.

“As the need for hybrid meeting environments continues to evolve, IT managers are exploring scalable and flexible ways to create modern, BYOD conference rooms for end users,” said Julie Crawford, Manager of Global Integrated Systems Marketing at Shure, in a statement. “With our Airtame partnership, we’re thrilled to offer a convenient solution to these decision makers and end users collaborating in hybrid meeting spaces where impeccable audio and integration with their own devices are essential to success.”

The post Shure and Airtame Announce Integration to Simplify BYOD Conferencing appeared first on My TechDecisions.

The company, largely known for its line of all-in-one videoconferencing bars, announced the Poly Studio X52, a new all-in-one device designed for the mid-sized meeting space.

According to the company, new Poly DirectorAI smart camera technology in the X52 offers automated camera framing modes like group, speaker, and people framing. The 4K, 20MP camera is designed to provide clear visibility of every participant, even those far away from the camera in the farthest corners of a conference room.

Updates to the AI-driven software for group and speaker framing capabilities include the new Poly DirectorAI Perimeter feature and other audio enhancements. The Poly Studio X52 is certified for Google Meet, Microsoft Teams and Zoom, with pending certification for native support for BlueJeans by Verizon, GoTo, and RingCentral.

The Poly Studio X52 is expected to be available late summer, starting at $4,300.

The company also announced an update to its Poly Video OS software, launching version 4.1 to enable IT administrators to leverage Poly DirectorAI Perimeter technology to input room dimensions and define parameters accurately and prevent capturing faces beyond glass walls or windows.

Poly Video OS 4.1 is expected to be available worldwide across the Poly Studio X Series of video bars and the Poly G7500 modular video conferencing systems in late summer.

Additionally, Sound Reflection Reduction minimizes echo and reverberations caused by glass and hard surfaces, the company says.

Other video announcements include the ability to connect the Poly Studio E70 smart camera to the Poly G7500 modular videoconferencing systems via a standard Ethernet cable for flexible room configurations and easier installation, according to Poly.

The company’s TC10 touch control panel now supports meeting control for Microsoft Teams Rooms on Android, and it can also function as a room scheduling panel for Microsoft Teams, the company adds.

For large rooms, Poly announced a new bundle with the G7500 Modular Video Conferencing System and the Shure Microflex Large Room, which are jointly certified for Microsoft Teams Rooms on Android. This gives customers a multi-vendor solution that integrates video, compute and DSP audio solutions.

In addition, the Poly Studio E70 and HP Mini Conferencing PC have been certified for Zoom for large meeting rooms, the company says.

For audio features, Poly announced the Poly Voyager Surround 80 UC headset, which it calls the first boomless headset cerified for Microsoft Teams Open Office. The headset features the company’s audio and adaptive noise cancelling features with a more comfortable headset design, according to Poly.

The Poly Voyager Surround 80 is expected to be available worldwide in August, starting at $449.95.

To manage these devices, Poly offers its Poly Lens tool for remote device management so IT professionals can monitor and troubleshoot Poly devices, and the company is adding to that by expanding its API integration partners with Ubiqisense and Vyopta to deliver insights for customers leveraging Poly Lens on the Poly Studio X30 and Studio X50 video bars.

“HP is committed to delivering solutions that eliminate the barriers inside and outside the room so you can look and sound your best,” says Andy Rhodes, Division President of Hybrid Systems at HP. “We are thrilled to offer the next generation of audio and video technology, enhanced with innovative AI capabilities so everyone can be seen and heard with total clarity.”

The post Poly’s InfoComm 2023 Highlighted By New X52 Videoconferencing Bar appeared first on My TechDecisions.

That list of bugs that should be prioritized includes two remote code execution vulnerabilities in Microsoft Exchange Server, an elevation of privilege bug in Microsoft SharePoint, a trio of remote code execution flaws in Windows Pragmatic General Multicast, and a handful of others.

Based on input from security researchers from Zero Day Initiative (ZD), Tenable, Immersive Labs and others, here is a look at the vulnerabilities that warrant more attention for the June 2023 Patch Tuesday release.

CVE-2023-32031 – Microsoft Exchange Server Remote Code Execution Vulnerability

If this looks familiar, you aren’t alone. Microsoft has issued fixes for a number of Exchange Server remote code execution bugs in recent years, and this one is a bypass of fixes for CVE-2022-41082 and CVE-2023-21529, with the latter listed as being under active exploitation.

This vulnerability exists within the Command class, and the issue results from the lack of proper validation of user-supplied data, which can result in the deserialization of untrusted data. This bug requires the attacker to have an account on the Exchange server, but successful exploitation could lead to executing code with SYSTEM privileges.

CVE-2023-28310  – Microsoft Exchange Server Remote Code Execution Vulnerability

This is the other Exchange RCE bug listed this month, and like its twin this month, is rated as important but considered more likely to be exploited. This also requires an attacker to be authenticated, so an attacker will need valid credentials.

According to researchers, both Exchange Server bugs closely mirror the vulnerabilities identified as part of the ProxyNotShell exploits. Successful exploitation could result in an attacker gaining access to an organization’s email account, or even the ability to impersonate any user.

Since attackers are adept at stealing valid credentials via phishing attacks, these should not be ignored.

CVE-2023-29357 – Microsoft SharePoint Server Elevation of Privilege Vulnerability

According to researchers, this critical-rated vulnerability is used to bypass authentication due to a flaw within the ValidateTokenIssuer method. Microsoft lists enabling the AMSI feature to mitigate this flaw, but organizations are still urged to deploy the update as soon as possible.

Exploitation is achieved by sending a spoofed JWT authentication token to a vulnerable server, giving them privileged of an authenticated user on the target, researchers say.

CVE-2023-29363/32014/32015 – Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

This trio of vulnerabilities, all critical-rated, allow a remote, unauthenticated attacker to execute code on an affected system where the messag queuing service s running in a Pragmatic General Multicast (PGM) Server environment. This is the third month in a row that Microsoft has patched a critical-rated bug in this component.

For successful exploitation, a system must have message querying services enabled.

For further June 2023 Patch Tuesday analysis, consult research blogs from Zero Day Initiative, Tenable, Immersive Labs and others.

The post June 2023 Patch Tuesday: Exchange Server, SharePoint, PGM appeared first on My TechDecisions.

These requirements have given the all-in-one conferencing bar more importance in enterprise meeting rooms, which need bring functionality, ease of use and intelligent features that support hybrid meeting scenarios. These devices typically include a camera, microphone and speaker that offer intelligent framing, speaker tracking, noise suppression and a host of other AI features.

That is exactly where Biamp wants to play with the Parlé VBC 2500 Conferencing Video Bar, a new all-in-one camera, microphone and speaker bar designed to take the complexity out of setup, management and use.

The company says this device goes beyond others in its category by offering a premium AV experience for small and medium conference rooms. Based on our testing, we have no reason to say otherwise.

Setup

The Biamp Parlé VBC 2500 Conferencing Video Bar is bigger than some others in its category, but since it is designed for medium-to-large rooms, the form factor shouldn’t be an issue.

The device comes with three mounting options: table, wall and display, so it can be tucked away on a wall or simply installed on top of a conferencing display.

Along with a power cord, the bar can be plugged directly into a UC system with a single USB-C connection, but it can also be paired with a Devio SCR-10 for a bring-your-own device system, the company says. For our purposes, we plugged it directly into a laptop running Zoom and Microsoft Teams.

The device comes with the company’s Launch feature, which automatically analyzes the acoustic performance of the room and optimizes the audio. After one press of a button, the process only takes a few seconds to complete.

Read Next: 10 All-in-One Videoconferencing Bars For Huddle Spaces and Small Meeting Rooms

Audio

Just pressing the Launch button will give users a sense of the powerful audio capabilities of the Biamp Parlé VBC 2500. The bar’s speakers can handle anything thrown at it, from loud music to speech.

Two smart speakers use distortion compensation and dynamic bass enhancement technology to create room-filling audio with superior speech reproduction, the company claims.

Like others in its category, the bar uses AI and noise reduction algorithms to eliminate unwanted noise and focus solely on voices. In my office, my dogs’ nails on the wood floors and moving my chair around the room was not picked up at all. Only when I spoke did the bar pick up any audio.

The company says this is done with integrated Acoustic Echo Cancellation and AI Noise Reduction features, as well as a 27-element microphone array and Biamp Beamtracking technology to actively track and intelligently mix conversations from around the room.

Video

Speaking of AI-enabled features, the wide-angle 4K camera is specifically designed for conference room environments, using auto-framing technology to identify meeting participants and to adjust the focus and zoom to keep them in view.

The bar was simply placed at the far end of my desk, and it adjusted and framed me as I rolled around the room in my chair and walked around. Most of these all-in-one conferencing bars do this, but I found the Biamp Parlé VBC 2500 Conferencing Bar to be a bit quicker at reframing speakers and participants.

While nice to have in a home office, this feature is designed for conference rooms, helping to reframe participants as they enter or leave the room, or as they move around the room.

The camera also comes with an automatic privacy shutter, so organizations can be rest assured that video won’t be captured when the bar isn’t in use.

Bottom line

In an era when organizations are calling for all-in-one devices that are designed simple to deploy, easy to use and packed with features to support their hybrid meetings, the Biamp Parle VBC 2500 Conferencing Bar fits the bill. In fact, Biamp even goes a bit further than its competitors with the Launch feature and the powerful audio capabilities.

The post Review: Biamp Parlé VBC 2500 Conferencing Video Bar appeared first on My TechDecisions.

The vulnerability–tracked as CVE-2023-27997–is a heap-based overflow flaw that could allow a remote attacker to execute arbitrary code or commands via specially crafted requests, says the Sunnyvale, Calif.-based firewall and endpoint security firm.

According to Fortinet, its Product Security Incident Response Team, following a previous incident from January also impacting FortiOS SSL VPN with exploitation, initiated a code audit of the SSL-VPN module, leading to the identification of issues that have been remediated in the company’s patch.

The investigation found that CVE-2023-27997 “may have been exploited in a limited number of cases.”

In the company’s blog, Fortinet says the attacks mimic the activity of Volt Typhoon, a suspected China-sponsored hacking group that has been targeting critical infrastructure organization. However, Fortinet doesn’t go as far to link exploitation of the vulnerability to that group, but does expect Volt Typhoon and other threat actors to leverage the bug in unpatched software and devices.

FortiGate devices were identified by the U.S. National Security Agency as being targeted by Volt Typhoon as an initial intrusion vector.

Organizations should apply the patch immediately. If they aren’t able to do so, disabling SSL-VPN is a legitimate workaround, the company says.

These devices and other SSL VPN products from Citrix, Pulse Secure and others have been popular targets in recent years, says Satnam Narang, senior staff research engineer at vulnerability management firm Tenable.

According to Narang, these flaws have not only been exploited by ransomware groups but also by nation-state aligned threat actors with a particular focus on flaws in Fortinet devices.

“SSL-VPNs are attractive targets due to their internet-facing nature, providing access to a company’s intranet,” Narang says. “They became even more popular at the beginning of the pandemic, as organization’s shifted towards allowing for remote work.”

Narang adds that pre-authentication bugs like CVE-2023-27997 are especially valuable to remote attackers because they don’t need to have valid credentials.

“Despite patches being available, the inherent value of the flaw remains significant, considering the ongoing success threat actors achieve by exploiting known, unpatched vulnerabilities,” Narang says. “It’s not a question of ‘if’, but rather ‘when’ a public proof-of-concept exploit for this flaw is made public, that we can expect more widespread scanning and exploitation of vulnerable assets.”

The post Patch FortiGate SSL-VPN Devices Immediately appeared first on My TechDecisions.

Even though 80% of workers prefer the hybrid work model, a significant 58% often experience a lack of necessary infrastructure to effectively support their hybrid work-life. To successfully transition into a thriving hybrid workforce, IT teams need to thoroughly analyze their entire work communication experience and embrace new technologies that enhance productivity both at home and in the office. 

Here are seven ways organizations can ensure their long-term success in a future that is clearly very different from the past: 

1. Conduct a technology assessment: Organizations can conduct a thorough assessment of employees’ workstyles, technology needs, and preferences – identifying gaps in technology infrastructure and insights into the types of hardware, software, and peripherals that employees need. If in-office technology isn’t providing as optimal of an experience as working from home, it must be addressed.

2. Offer flexible hardware options: Provide employees with hardware options that suit their workstyles and workspace, enabling them to work more comfortably and efficiently.

3. Invest in collaboration tools: To facilitate effective communication and teamwork, organizations can invest in tools such as video conferencing, instant messaging, and project management platforms. In-office tools should be modernized to leverage recent advancements in technology and enhance the user experience.

4. Offer training and support: Boost employees’ confidence and productivity by providing training sessions, user guides, and help desk support to troubleshoot common tech issues.

5. Ensure secure remote access: To protect sensitive company information as more employees work from different locations, IT teams can implement security measures such as multi-factor authentication, virtual private networks (VPNs), and data encryption, to provide secure remote access to company resources.

6. Monitor and optimize network performance: IT teams can monitor network performance and identify any issues that may be impacting employee productivity. This can involve optimizing network settings, updating software and firmware, and troubleshooting network connectivity issues.

7. Request ongoing feedback: Finally, organizations should regularly ask for employee feedback on their experiences with their technology and work environments so changes can be made if necessary.

Hybrid work is a game-changer, offering employees flexibility and convenience. But it also requires seamless collaboration for both in-person and remote attendees. Companies that fail to adapt and offer modern technology and dedicated collaboration spaces risk being left behind. 

This shift in work models is the biggest in our lifetime, and companies must find new ways to maintain culture and drive productivity. By adopting robust strategies and learning from experiences, organizations can thrive. 

______________________________________________________________________________________________________________________________________

Andy Rhodes is General Manager and Global Head of HP Hybrid Systems & HyperX.

The post Seven Ways to Enable a Future-Ready Workforce  appeared first on My TechDecisions.

The Palto Alto, Calif.-based tech firm says the innovations are designed to advance the company’s commitment to deliver the “only holistic DEX solution” that increases productivity, provides faster issue remediation and enables higher employee engagement.

According to VMware, the general Availability of Digital Employee Experience Management (DEEM) for Windows devices managed by third-party solutions makes VMware’s entire DEX offering available for those devices. This includes customers that have standardized on other management solutions, giving them more flexibility in how they deploy and grow their DEX solution.

VMware also announced that DEEM is also generally available for VMware Horizon, allowing customers to measure and analyze end-user experiences using Horizon virtual apps and eskt4ops to bring together network performance, log on time and VM performance.

If the experience score for Horizon changes, IT will be proactively alerted with automated notifications, enabling teams to more efficiently resolve issues impacting employee productivity using the Horizon platform for work, the company says.

VMware is also extending the same experience data that IT views in Workspace ONE into ServiceNow via VMware’s ITSM Connector and is adding experience scoring, and expanded set of unified endpoint management actions, and the ability to trigger workflows created by IT teams in VMware Freestyle Orchestrator.

By leveraging experience scores, the service desk can proactively resolve other potential issues impacting a user before it escalates and hinders workflow, the company says.

VMware also announced Guided Root Cause Analysis (RCA) and Automation to enable a proactive approach to IT with AI-driven insights to help manage more with less.

According to VMware, Guided RCA is designed to give IT professionals immediate visibility into issues impacting employee productivity using statistical machine learning models to automatically detect and score anomalies in experience.

Guided RCA, now generally available, uses AI to identify the likely root cause of an issue with an associated confidence score, the company says.

“Organizations across industries are struggling to keep up with the increased IT incidents and growing employee turnover rates as they navigate the new challenges brought on by hybrid work. Successful organizations must prioritize technology that enables IT teams with the right tools to not only resolve issues faster, but prevent them from happening in the future,” said Shankar Iyer, senior vice president and general manager of end-user computing at VMware. “VMware’s comprehensive DEX solution uses automation to enable IT teams with data-driven insights that enable improved efficiency and great experiences for employees.”

The post VMware Enhances Digital Employee Experience Solution appeared first on My TechDecisions.

Barracuda Networks is urging organizations with Email Security Gateway appliances impacted by a remote command injection bug in the devices to replace them, even if they were patched.

The company’s recommendation comes after Barracuda was first alerted to anomalous traffic coming from Email Security Gateway (ESG) appliances on May 18, which prompted the company to begin an investigation with the help of cybersecurity firm Mandiant.

This week, Barracuda updated its notice, urging customers with impacted ESG appliances to replace them regardless of their patch version level.

“Barracuda’s remediation recommendation at this time is full replacement of the impacted ESG,” the company says in its advisory.

According to the advisory, Barracuda identified a remote command injection vulnerability in their ESG appliance one day after discovering the “anomalous traffic” and engaging Mandiant. A patch was released a day after that on May 20, but the patch is apparently not enough to prevent compromise of the affected devices.

The company is also releasing a “series of security patches” to all appliances.

Exploitation for 10 months

Alarmingly, Barracuda and other cybersecurity firms say exploitation of these ESG appliances has been discovered to date back to fall 2022, specifically October 2022.

According to Barracuda, the vulnerability existed in a module which initially screens attachments of incoming emails. The bug has been leveraged to obtain unauthorized access to a subset of ESG appliances, and malware was identified on a subset of appliances to give attackers a backdoor.

Evidence of data exfiltration was also identified, the company says.

The company notified users with impacted appliances to take action, but “additional customers may be identified in the course of the investigation,” the firm says.

About the vulnerability and malware

According to Barracuda, the vulnerability, CVE-2023-2868, stems from “incomplete input validation of user supplied .tar files as it pertains to the names of files contained within the archive.”

This allows a remote attacker to format file names in a particular manner that would result in “remotely executing a system command through Perl’s qx operator with the privileges of the Email Security Gateway product,” the company says.

Barracuda also identified three malware strains that make the backdoor possible.

Recommendations

Barracuda is recommending that organizations with ESG appliances ensure that the devices are receiving and applying updates and security patches, but the company is of course also recommending that organizations discontinue the use of compromised ESG appliances and contact the company’s support to obtain a new ESG virtual or hardware appliances.

In addition, organizations should rotate any applicable credentials connected to the ESG appliance, including:

• Any connected LDAP/AD
• Barracuda Cloud Control
• FTP Server
• SMB
• Any private TLS certificates

Organizations should also review their network logs for any of the indicators of compromise listed in Barracuda’s advisory. They should contact compliance@barracuda.com if any are identified, the firm says.

Barracuda’s official statement

The company’s official statement reads as such:

The latest information related to the Barracuda’s Email Security Gateway (ESG) vulnerability and incident has been published on Barracuda’s Trust Center (https://www.barracuda.com/company/legal). The product CVE is published here: https://nvd.nist.gov/vuln/detail/CVE-2023-2868. 

An ESG product vulnerability allowed a threat actor to gain access to and install malware on a small subset of ESG appliances. On May 20, 2023, Barracuda deployed a patch to ESG appliances to remediate the vulnerability. 

Not all ESG appliances were compromised, and no other Barracuda product, including our SaaS email solutions, were impacted by this vulnerability.

As of June 8, 2023, approximately 5% of active ESG appliances worldwide have shown any evidence of known indicators of compromise due to the vulnerability. Despite deployment of additional patches based on known IOCs, we continue to see evidence of ongoing malware activity on a subset of the compromised appliances. Therefore, we would like customers to replace any compromised appliance with a new unaffected device.

We have notified customers impacted by this incident. If an ESG appliance is displaying a notification in the User Interface, the ESG appliance had indicators of compromise. If no notification is displayed, we have no reason to believe that the appliance has been compromised at this time. Again, only a subset of ESG appliances were impacted by this incident.  

Barracuda’s guidance remains consistent for customers. Out of an abundance of caution and in furtherance of our containment strategy, we recommend impacted customers replace their compromised appliance. If a customer received the User Interface notification or has been contacted by a Barracuda Technical Support Representative, the customer should contact support@barracuda.com to replace the ESG appliance. Barracuda is providing the replacement product to impacted customer at no cost. 

If you have questions on the vulnerability or incident, please contact compliance@barracuda.com. Please note that our investigation is ongoing, and we are only sharing verified information. 

Barracuda has engaged and continues to work closely with Mandiant, leading global cyber security experts, in this ongoing investigation. 

We will provide updates as we have more information to share.

The post Barracuda: Replace Compromised ESG Appliances Immediately appeared first on My TechDecisions.

The company says these improvements have improved Bard’s accuracy to computation-based word and math problems by 30%.

According to Google, the company is introducing a new technique called “implicit code execution” to help Bard detect computational prompts and run code in the background. The intended result is a more accurate response to mathematical tasks, coding questions and string manipulation prompts. These improvements also come with a new features that allows users to export a table to Google Sheets.

In a blog, Google leaders overseeing Bard say the improvements will make the generative AI chatbot better at answering questions such as:

• What are the prime factors of 15683615?
• Calculate the growth rate of my savings
• Reverse the word “Lollipop” for me

In the blog, Google says large language models (LLMs) are like prediction engines. Essentially, LLMs generate a response to prompts by predicting what words are likely to come next.

“As a result, they’ve been extremely capable on language and creative tasks, but weaker in areas like reasoning and math,” write Google Bard leaders. “In order to help solve more complex problems with advanced reasoning and logic capabilities, relying solely on LLM output isn’t enough.”

This new method, however, allows Bard to generate and execute code to boost its reasoning and math abilities.

According to Google, this approach is inspired from “a well-studied dichotomy in human intelligence, notably covered in Daniel Kahneman’s book “Thinking, Fast and Slow” — the separation of “System 1” and “System 2” thinking.

“System 1 thinking is fast, intuitive and effortless,” the Bard experts write. “When a jazz musician improvises on the spot or a touch-typer thinks about a word and watches it appear on the screen, they’re using System 1 thinking. System 2 thinking, by contrast, is slow, deliberate and effortful. When you’re carrying out long division or learning how to play an instrument, you’re using System 2.”

LLMs have been essentially operating under System 1, producing responses quickly but without deep thought, leading to some issues like trying to solve complex math problems.

Meanwhile, traditional computation more closely aligns with System 2 thinking as it is formulaic and flexible, but can produce impressive results with the “right sequence of steps,” Google says.

With the latest update, Google is combining the capabilities of both LLMs and traditional code – which it compared to combining System 1 and System 2 thinking.

“Through implicit code execution, Bard identifies prompts that might benefit from logical code, writes it “under the hood,” executes it and uses the result to generate a more accurate response,” Google says. “So far, we’ve seen this method improve the accuracy of Bard’s responses to computation-based word and math problems in our internal challenge datasets by approximately 30%.”

The post Google: Bard Now 30% Better at Computation-Based Problems appeared first on My TechDecisions.