Google is pushing a new update to its generative AI tool Bard, improving its logic and reasoning skills. This update makes the service better at mathematical tasks, coding questions, and string manipulation. Bard is also getting support for exporting tables to Google Sheets.
Google developed a new technique to improve Bard’s logic skills
In March, Google incorporated PaLM (Pathways Language Model) into Bard for improved math and logic capabilities. The company said that it would continue to develop advanced logic skills for the AI tool in the coming months. As promised, it has now updated the service with capabilities for solving complex mathematical tasks and coding questions.
According to Google, a new technique called “implicit code execution” helps Bard detect computational prompts. In response, it runs code in the background to solve the question and give you accurate answers (it may get things wrong occasionally). With this update, Bard can detect and solve computational and logical prompts like:
The angle of elevation of the top of a building from the foot of the tower is 30 degrees and the angle of elevation of the top of the tower from the foot of the building is 60 degrees. If the tower is 50m high, find the height of the building.
A is older than B. C is older than B but younger than A. D is younger than E and B. B is older than E. If they sit in the increasing order of their age, who is in the middle?
Google says Bard’s improved logic and reasoning skills rely on a combination of large language models (LLMs) and traditional code. The method has improved the accuracy of Bard’s responses to computation-based word and math problems by about 30 percent. The AI tool may not always get it right, but it is getting better at such problems.
Bard now lets you export tables to Google Sheets
This update for Bard comes just a few days after Google added precise location support to the service. That addition followed a host of updates in May, including the ability to export content to Google Docs and Gmail complete with formatting. It’s now gaining support for Google Sheets export as well. If you prompted Bard to generate a table for some data, or it automatically responded with a table for your question, you can export that table to Google Sheets.
Google will likely push several more updates to Bard in the coming weeks. It is working on a host of new features for the AI tool, including chat history, refining responses according to specific tones, file uploading support, and text-to-speech. We will let you know when the company rolls out these features to Bard.
May saw a record number of 556 reported ransomware victims, the unusual emergence of Italy and Russia as major targets, and a significant rise in attacks on the education sector.
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, “known attacks” are those where the victim didn’t pay a ransom. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.
In May, Lockbit, usually the reigning king of ransomware, found a fierce competitor in MalasLocker. Last month also witnessed a record number of 556 reported ransomware victims, the unusual emergence of Italy and Russia as major targets, and a significant rise in attacks on the education sector.
Let’s jump right in with MalasLocker, who burst onto the scene last month with 171 total victims—beating out LockBit (76) by almost 100 known attacks.
Known ransomware attacks by gang, May 2023
This isn’t the first time this year a gang has overhauled LockBit and climbed to the top spot on our monthly charts. In April Cl0p rose to the number one spot by compromising over 100 victims with a zero-day vulnerability in the widely-used managed file transfer software GoAnywhere MFT.
This month, MalasLocker’s meteoric rise to the top can be explained along similar lines.
MalasLocker attacked vulnerabilities in Zimbra servers, including CVE-2022-24682, to enable remote code execution (RCE). Zimbra Collaboration, formerly known as the Zimbra Collaboration Suite (ZCS) is a collaborative software suite that includes an email server and a web client.
What sets MalasLocker most apart, however, is its unique ‘charitable’ twist. Rather than demanding ransoms, it asked victims to donate to its approved charities.
MalasLocker: The Robin Hood of ransomware?
Needless to say, it is highly unusual for a ransomware gang to purport to attack organizations on altruistic grounds. We haven’t seen it once since keeping track of gangs in early 2022.
“Unlike traditional ransomware groups, we’re not asking you to send us money. We just dislike corporations and economic inequality,” reads the MalasLocker ransom note README.txt.
One might assume that a ransomware gang principally opposed to corporations and economic inequality might disproportionately target larger and more wealthy organizations, but this isn’t necessarily the case. The gang’s blog suggests it’s open to targeting businesses of all sizes, so long as they aren’t located in “Latin America, Africa, or other colonized countries.”
We are completely unmoved by MalasLocker’s supposed altruism. Ransomware gangs (and cybercriminals in general) have a long and storied history of writing long and tedious tracts justifying their criminal activity with grandiose claims.
MalasLocker is no different. We read its manifesto so you don’t have to, and the only line you need to pay any attention to is the one that reads “so we will become just another ransomware group.”
So far, we have no confirmation that MalasLocker is keeping its word for a decryptor when a victim donates money to a charity.
Known ransomware attacks by country, May 2023Known ransomware attacks by industry sector, May 2023
Italy and Russia emerge as targets
The upswing in ransomware activity in Italy and Russia in May is striking. Both countries were propelled into the top three most targeted nations in May, a list typically dominated by the USA and the UK.
Italy saw more than a six-fold increase from the month before, and Russia went from zero reported attacks to 50 in a single month. For comparison, Italy had only eight reported ransomware incidents in April, while Russia wasn’t even listed. Similarly, in March, Russia had no reported incidents, and Italy had just eight.
The surge in attacks on these two countries is entirely due to MalasLocker, which hit more targets in Russia and Italy than anywhere else. We assume that this is not a matter of deliberate targeting but simply a matter of where there were vulnerable targets.
Either MalasLocker isn’t based in the CIS and therefore doesn’t fear the Federal Security Service (FSB), or they are going to have a very short stay in the ransomware charts.
Increased ransomware attacks on Education
The increase in ransomware attacks on the education sector in May is particularly concerning. May saw 30 known attacks—the highest we’ve seen in a single month since we started keeping records in early 2022, and the continuation of a trend that has seen a sustained increase over the past twelve months.
Known ransomware attacks against education, June 2022-May 2023
Ransomware gangs seem to be adopting a new modus operandi: Exploiting known vulnerabilities for multi-target attacks. This year we have seen Cl0p and MalasLocker attack multiple targets simultaneously with (presumably automated) targeting of specific system weaknesses, expanding the scale and impact of their ransomware operations.
Cl0p, for example, has a history of exploiting platforms like Accellion FTA and GoAnywhere MFT. In April, it shifted its focus to a vulnerability in another popular platform, PaperCut.
In June, as we prepared this report, it emerged that Cl0p was been exploiting yet another vulnerability, this time in the widely used file transfer software MOVEit Transfer. The gang started exploiting the vulnerability on May 27th, during the US Memorial Day holiday.
A security bulletin released on May 31, 2023 by Progress Software states:
“A SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an un-authenticated attacker to gain unauthorized access to MOVEit Transfer’s database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or delete database elements.“
This approach is unusual and should concern us all because it has the potential to make ransomware attacks more scalable.
New players
BlackSuit
BlackSuit is a new ransomware that is strikingly similar to Royal, sharing 98% of its code. Last month, BlackSuit targeted both Windows and Linux hosts.
BalckSuit could be a new variant developed by Royal’s authors, a mimicry attempt using similar code, an affiliate of the Royal ransomware gang running its own modifications, or even a breakaway group from the Royal ransomware gang.
Rancoz
Rancoz is a new ransomware variant which shares similarities with Vice Society. Its sophistication lies in its ability to modify existing code from leaked source codes to target specific industries, organizations, or geographic regions, increasing its attack efficacy and ability to evade detection.
8BASE
8Base is a newly discovered ransomware gang which, despite only recently gaining attention, has been in operation since April 2022. In May, it had a total of 67 victims.
Predominantly targeting small and medium-sized businesses (SMBs), 8Base has attacked mainly companies within the Professional/Scientific/Technical sector, comprising 36% of known attacks, followed by Manufacturing at 17%. Geographical analysis of the victims suggests a concentration in America and Europe, with the United States and Brazil being the most targeted countries.
RA Group
RA Group is a new ransomware primarily focusing its attacks on pharmaceutical, insurance, wealth management, and manufacturing firms located in the United States and South Korea.
The RA Group employs an encryptor derived from the leaked source code of Babuk ransomware, an operation that ceased in 2021. The encryptor employs intermittent encryption, which alternates between encrypting and not encrypting sections of a file to expedite the encryption process, but leaves some data partially recoverable.
Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
Stop malicious encryption. Deploy Endpoint Detection and Response software like Malwarebytes EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.
Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
For Father’s Day, Best Buy is discounting both versions of the Google Pixel Buds – Pixel Buds a-series and Pixel Buds Pro. Currently, the Pixel Buds a-series are discounted to $79, while the Pixel Buds Pro are now $159.99. That’s going to save you $20 and $40 respectively.
This also makes these some of the cheapest, but good, truly wireless earbuds. So definitely a good time to pick them up.
The Google Pixel Buds A-Series and Pixel Buds Pro are two of the best wireless earbuds on the market. They offer great sound quality, comfortable fit, and a variety of features that make them a great choice for anyone looking for a new pair of earbuds.
The Pixel Buds A-Series are the more affordable option, but they still offer a lot of value. They have a snug and secure fit, thanks to their flush-to-ear design and three included eartip sizes. They also have touch controls that let you answer calls, play, pause, and skip between tracks easily. And thanks to their IPX4 water resistance rating, you don’t have to worry about them getting wet in the rain or from sweat.
The Pixel Buds Pro offer a more premium experience, with features like active noise cancellation, transparency mode, and spatial audio. Active noise cancellation uses microphones to detect and cancel out ambient noise, so you can focus on your music or podcast without being interrupted. Transparency mode lets you hear what’s going on around you without taking your earbuds out. And spatial audio creates a surround sound experience that makes you feel like you’re right in the middle of the action.
Both the Pixel Buds A-Series and Pixel Buds Pro are great choices for anyone looking for a new pair of wireless earbuds. The Pixel Buds A-Series are a great option for budget-minded buyers, while the Pixel Buds Pro offer a more premium experience.
Here is a table that summarizes the key features of the two models:
Generative AI is the engine that’s going to power the future, and there’s a lot of potential for it to do great things. However, the people who’ll be developing the technology in the future are using it to generate their college essays today. Fortunately, The University of Kansas has a tool that can tell if your report was generated using AI.
With the rise of AI-generated essays, there has been a rise in tools designed to detect them. The thing about generative AI is that the results are meant to sound as human as possible. So, to the untrained ear, an AI-generated essay can sound just like a human wrote it. This means that, ironically, people need to use AI to detect if someone used AI to write their essays.
The University of Kansas developed a tool to detect essays generated by AI
A tool like this is one that comes in handy when grading reports. It doesn’t have a name at the time. However, what’s important is that it’s really accurate. The researchers stated that this tool can detect AI-generated content with 99% accuracy. That’s insane seeing how close chatbots can get to the real thing.
The researchers took 64 perspective articles and used them to generate 128 articles using ChatGPT. This is what they used to train the tool with. With these articles, the tool was able to correctly identify AI-written content with 100% accuracy. Also, it was able to identify specific paragraphs in the articles with 92% accuracy.
Tools like these are crucial
Anyone could see this situation from a mile away. Since AI now gives us the power to pretty much create anything by typing in just a few words, there’s a high chance that half of what you read on the internet was typed up by a language model. Sure, there are people who use it as a springboard and inspiration, but there are also people who will use it to gain an unfair advantage over true creators.
Tools like these are crucial to detect when people are using AI excessively. Not only are people using it to generate college essays, but people are using it to win competitions, author books, make money, and even scam people.
The fire has already been lit; the bad side of generative AI has already been revealed. All we can do now is rely on tools like these to help as much as they can.
A former executive at TikTok’s parent company ByteDance has claimed in court documents that the Chinese Community Party (CCP) had access to TikTok data, despite the data being stored in the US.
A former executive at TikTok’s parent company ByteDance has claimed in court documents that the Chinese Communist Party (CCP) had access to TikTok data, despite the data being stored in the US. The allegations were made in a wrongful dismissal lawsuit which was filed in May in the San Francisco Superior Court.
The former executive is Yintao “Roger” Yu, who worked as head of engineering for ByteDance. Yu worked for ByteDance between 2017 and 2018. According to his claims, the CCP had its own office inside ByteDance’s headquarters.
In the lawsuit he also accuses ByteDance of pushing nationalistic content that served to both increase engagement on ByteDance’s websites and to promote support of the CCP, and that the Communist Party could access American user data through what he called a backdoor channel in the code.
That statement was supported by recent events. The Australian Financial Review has been shown a sample of code to secretly suppress or elevate content that supports Communist Party narratives or sows division within democracies. This is exactly the reason why General Paul Nakasone, Director of the National Security Agency (NSA) called TikTok a loaded gun. Speaking at a US Senate hearing, the general said “one third of Americans get their news from TikTok,” adding “one sixth of American youth say they’re constantly on TikTok.”
Even more shocking is the claim that the CCP not only could access US user data via a backdoor channel in the code but also that some members of the ruling Communist Party used data held by the company to identify and locate protesters in Hong Kong.
Hong Kong is a semi-autonomous region in China with its own government. TikTok is no longer available there. Anyone who tries to open TikTok from within Hong Kong will see a message that reads “We regret to inform you that we have discontinued operating TikTok in Hong Kong.”
He also accused ByteDance of scraping data from competitors, mainly Instagram and Snapchat, without users’ permission.
After being banned from devices of employees of several—mostly government—organizations, TikTok is battling to convince politicians that it operates independently of ByteDance, which has deep ties to the CCP. Yu’s suit alleges that ByteDance was aware that if the Chinese government’s backdoor was removed from the US version of the app, the Chinese government would likely ban the company’s valuable Chinese-version apps.
Responding to Yu’s allegations, ByteDance said it will “vigorously oppose what we believe are baseless claims and allegations in this complaint.” It is “committed to respecting the intellectual property of other companies” and obtains data “in accordance with industry practices and our global policy.”
Malwarebytes EDR and MDR removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.
Streaming services are great, but they’re only useful if you have an internet connection. There come those times when you lose a connection and you want to listen to your music. Well, Spotify wants to address this with Offline Mix.
There are plenty of ways that you can prepare for when the internet goes out. If you’re an avid podcast listener, you can have podcast episodes automatically downloaded to your device. If you want to know how to do this, you can read right here.
The Spotify Offline Mix will be there for you when you lose a connection
Daniel Ek, the CEO of Spotify, posted a short and sweet tweet about this upcoming feature. He didn’t go too much into detail about it, but it’s pretty axiomatic. The tweet showed a picture of how the playlist will look and a quick explanation of this.
The app will automatically download the most recent tracks that you listened to and compile them into a playlist. Then, when it detects that you’ve lost connection, you’ll be able to listen to those offline. “A mix of your recently played songs for when the vibe is high, but your connection is low.”
Right now, the company is testing this out, so you won’t be able to see this feature. However, we’re not sure how widespread the test is. If it turns out that the company is testing it out with a limited selection of people, then there could be a slim chance that you’re part of the test, but don’t count on it.
The feature is similar to YouTube Music’s Smart Download function. It will automatically download your recently played tracks so that you can access them when you don’t have a connection.
These are great features to have because, most of the time, we can’t anticipate those times when our connections die on us. Having access to downloaded music could make the experience less awful.
Meta CEO Mark Zuckerberg confirmed that the future of his company revolves around generative AI. He added “every single one” of Meta products will come with generative AI, including Messenger and WhatsApp.
Many companies are trying to incorporate AI into their products and services following the hype after the ChatGPT launch. Some online services have successfully added AI-driven features, with more yet to come. Some Big Tech companies like Apple, Google, and Microsoft also have established plans for AI. But what about Meta? Zuckerberg answered this question in a company-wide all-hands meeting this week.
The outlet reports that Zuckerberg has laid out his AI vision for the employees and the company, arguing that generative AI will be incorporated into “every single one of our products.”
Generative AI is coming to all Meta products
Zuckerberg briefed employees about the AI features that will come to the company’s products. Some will be used internally, but most of them will launch to the customers. The first in-works AI feature is a photo editing tool for Instagram that allows users to edit their photo with a text prompt and share it on Instagram.
Another feature would be an AI agent for Messenger and WhatsApp. The agent reportedly has 30 different personalities to help and entertain users. It remains to be seen whether the feature comes with Instagram. Earlier this week, app researcher Alessandro Paluzzi spotted an AI chatbot on Instagram that’s capable of answering questions and helping users.
Moreover, Meta’s internal AI initiatives are a July hackathon focused on generative AI, publishing research, and sharing AI technologies with the open-source community.
In a statement to Axios, Meta CEO noted that “In the last year, we’ve seen some really incredible breakthroughs — qualitative breakthroughs — on generative AI, and that gives us the opportunity to now go take that technology, push it forward, and build it into every single one of our products.”
Despite efforts to put generative AI at the heart of every Meta product, the company stays committed to its Metaverse project. For Meta, generative AI will complement and strengthen the Metaverse plans.
For a long time now, the Google Assistant speaking style on various smart devices has been growing in number. However, most users feel that depending on the language of the user, the speaking style can vary from region to region. But that idea is wrong as there are a bunch of speaking styles that are available for use on the Google Assistant feature and two new options have just been added.
Before the addition of the two new speaking styles, there were ten available options users could pick between. Having this many speaking styles allowed users to customize their experience. This will help stand out your Google Assistant from that of other users who might not be knowledgeable on how to change their speaking style.
Asides from the new Google Assistant speaking style, there are also some new additions to the voice assistant service. Part of these new features is the ability to set up voice matches for easy recognition and get personalized results. In this article, we will learn how to activate speaking style and other features on Google Assistant for your smart home devices.
Here’s how to set up the Google Assistant speaking style for your smart device
In a recent blog post, Google announced that it is rolling out new speaking styles and other features. These new additions will make the usage of Google Assistant on your smart device more interesting. Asides from setting your assistant’s voice, you can also train it to recognize your voice and give your results to your requests.
To set up the speaking style of your Google Assistant, you need to head over to the settings page. Open your settings app and then on the search bar type ‘assistant settings’ and select the first option to pop up. On the next interface, scroll till you find the ‘Assistant voice & sounds’ option on the list.
Tap on that option, and you’d find 12 speaking styles, each having its colour code. To select the voice you want, scroll sideways between the various options and stop scrolling on your desired choice. As long as the Google Assistant on that device is linked with the Google account on all your devices, it’d automatically sync with other devices.
The new speaking style options are Lime and Indigo and they both sound great. To set up the Voice Match feature, simply select the ‘Hey Google & Voice Match’ option on the assistant settings page. From the next interface, you can retrain your voice assistant to recognize your voice whenever you say “Hey Google.”
If it can recognize your voice, it will give you more personalized responses. This might include your playlist, stored contacts, and other details that concern you. These features are here to make the everyday usage of Google Assistant more pleasant.
It’s no secret that the launch of generative AI models like ChatGPT and Google Bard has ushered in a new era of AI-generated content, which, in hindsight, is almost indistinguishable from its human-written counterpart. Now, in an effort to address this issue, the European Union (EU) has asked big tech, including Google and Facebook, to label content and images generated by AI.
The EU’s concerns stem from the ongoing Russian AI-generated misinformation campaigns in Eastern Europe, which aim to spread fake information about Russia’s invasion of Ukraine with the hope of influencing public opinion. And although the current version of the Code does not require the identification and labelling of deep fakes, Vera Jourova, the EU’s commissioner for values and transparency, highlighted the risks and negative consequences associated with the creation and dissemination of misinformation.
Furthermore, Jourova proposed two possible approaches for integrating measures for AI-generated content into the Code. The first approach involves companies like Google and Microsoft implementing measures to prevent bad actors from using their services to spread misinformation. The second approach focuses on EU countries collaborating with platforms capable of disseminating AI-generated misinformation and developing tools to identify and clearly label such content for users.
“I said many times that we have the main task to protect freedom of speech. But when it comes to AI production, I don’t see any right for the machines to have freedom of speech. And that’s why we want to work further on that also under the Code of Practice based on this very fundamental idea,” said Vera Jourova.
Twitter is on the verge of substantial penalties
During the same meeting, the EU also issued a warning to Twitter for recently withdrawing from the EU’s voluntary code of practice, putting itself at risk of substantial penalties. Currently, the penalties could amount to up to 6% of the company’s global revenue, potentially resulting in a £145 million fine. Moreover, the company could face a complete ban in the EU if it fails to operate within the desired framework.
“Twitter has chosen the hard way. They chose confrontation. I know the code is voluntary but make no mistake, by leaving the code, Twitter has attracted a lot of attention, and its actions and compliance with EU law will be scrutinised vigorously and urgently,” said Jourova.
As previously revealed, Instagram, owned by Meta (formerly Facebook), is reportedly developing a new app that will be a direct competitor to Twitter. Last month, we got some initial info on what this new Instagram feature would like, and now even more details have surfaced.
In yet another leak, reported on by The Verge, more screenshots were shared internally to Meta employees by top management, which have made their way to the media. These screenshots show in more detail what the UI will look like and the internal project name. Additionally, quotes from what was said inside that meeting were also revealed.
Image Source – The Verge
Project 92, the assumed internal name for the app that has been rumored to be publicly called “Threads,” looks pretty much like a Twitter clone. It is unclear, though, how separate the two apps (Instagram and “Threads”) will be and if Meta will follow its Instagram rule of requiring that users post a photo or video in order to engage. However, it does look like “Threads” will enable Instagram users to engage in public and private conversations with ease.
“Project 92” or “Threads” will use Instagram’s existing account system to automatically populate a user’s information, which will ensure zero friction for users that may want to try it out. Several people of note are also rumored to be on board, such as Oprah and the Dalai Lama.
The app is being built on the open-source protocol “ActivityPub,” which aims to facilitate real-time communication. ActivityPub, already utilized by Mastodon, enables different platforms to interact and exchange messages, promoting a decentralized approach to social media. By adopting this protocol, this new app is aligning itself with the broader federated social media ecosystem.
In the internal meeting, Meta chief product officer Chris Cox, was overheard calling this feature “our response to Twitter.” Furthermore, he added that “We’ve been hearing from creators and public figures who are interested in having a platform that is sanely run, that they believe that they can trust and rely upon for distribution,” a quote that can only be described as a jab at Twitter and its management, but mostly Elon Musk.
We’ve been hearing from creators and public figures who are interested in having a platform that is sanely run, that they believe that they can trust and rely upon for distribution
Coding on the new feature reportedly only just started in January, which means that it isn’t ready yet to be revealed to the world. However, so far “Threads” looks poised to rival Twitter’s real-time social networking platform, and it signals Meta’s ambition to expand beyond its traditional social media dominance.
