Following decades of failed attempts and dashed dreams, the US Army is once again trying out powered exoskeletons to help soldiers haul munitions and equipment in the field.

After decades of research and development, the United States Army is taking yet another run at developing a powered exoskeleton to help soldiers carry heavy loads on the battlefield—but don’t expect a futuristic suit of combat armor straight out of _Starship Troopers_ or _Iron Man_ anytime soon.

Soldiers assigned to the Army’s 1-78 Field Artillery Battalion training unit at Fort Sill, Oklahoma, recently completed a three-day “proof of concept” evaluation of several off-the-shelf “exoskeleton suits” in late September and early October, officials confirmed to WIRED. The evaluation was overseen by the service’s Combat Capabilities Development Command (DEVCOM), the organization responsible for developing new technology for soldiers.

Official photos from the evaluation published to social media showed Advanced Individual Training students hauling artillery shells to and from a M109 Paladin self-propelled howitzer and M777-towed howitzer with telltale black exoskeleton harnesses contrasted against their camouflage uniforms, part of a field exercise undertaken “to assess the potential of human augmentation, improve soldier performance, and determine if these exoskeletons meet the demands of our warfighters,” as the service put it.

While a DEVCOM spokesperson declined to identify which commercially produced systems were evaluated by soldiers, the Army announced its intent in August to award a contract to exoskeleton maker SUITX to “give users experience of advanced soldier augmentation technologies,” according to a government notice. “This exoskeleton will serve as a critical tool for evaluating the potential benefits of robotic assistance in increasing soldier endurance, strength, and overall operational effectiveness.”

Increased strength and endurance are an alluring duo for an American fighting force used to hauling close to 140 pounds into combat, and the prospect of a sophisticated combat suit that delivers both to soldiers even more so. But DEVCOM officials strongly emphasized that, despite this recent testing, the US military has yet to even determine how to actually apply a powered exoskeleton in a military context, let alone outfit soldiers in an “Iron Man suit” the likes of which the Army has bragged about in years past. Indeed, service officials tell WIRED that an official requirement document—a formal outline of a potential program’s technical and logical preconditions—for the adoption and fielding of exoskeletons does not currently exist, despite the fact that officials previously stated back in 2020 that Army Futures Command, DEVCOM’s superior organization, was closing in on one.

“As of today, the Army has not determined what the primary purpose of a ‘military exoskeleton’ is,” says David Accetta, a DEVCOM spokesperson.

That the Army is taking another crack at a powered exoskeleton should come as no surprise. The US military has been pursuing such technology for potential tactical applications for decades, since around the same time that science fiction author Robert Heinlein introduced the world to his vision of a “mobile infantry” flitting across future battlefields clad in advanced robotic armor in his beloved 1959 military science fiction classic _Starship Troopers_. Where Heinlein imagined future soldiers operating a mechanized battlesuit reminiscent of “a big steel gorilla, armed with gorilla-sized weapons,” the ostensible advantage of powered armor wasn’t just its added strength and durability, but the fact that “you don’t have to control the suit; you just wear it, like your clothes, like skin.” No fancy control interface, no complicated training: Soldiers would ostensibly step into a notional apparatus and be ready to “fight tonight,” as US military planners are fond of saying.

With an eye to future conflicts on an atomic battlefield, the Cold War-era US Defense Department clearly drew at least some inspiration from _Starship Troopers._ One year after Heinlein’s novel published, the Army went on the hunt for a “power-operated mechanical suit or skeleton that would transform the ordinary GI into a Superman,” according to a 1960 issue of the service’s _Army Research & Development_ magazine, with future “servo-soldiers” hauling munitions and other heavy equipment “beyond the strength of a dozen men.” The servo-soldier “will wear a special suit which will have its own engine, enabling him to run faster, stop quicker, and lift bigger loads than ordinary mortals,” as _Armor_ magazine put it in 1961 when the Pentagon officially solicited the defense industry for potential exoskeleton solutions. “What is more, he will be immune to germ warfare, poison gas, and the heat and radiation from nuclear blasts.”

In the following decades, the Pentagon took several stabs at making the servo-soldier a reality. In the 1960s, Cornell University engineer Neil Mizen’s “Man Amplifier,” funded by an Office of Naval Research grant, offered service members a patchwork of robotic components intended “to help sailors manhandle torpedoes, bombs, and machinery in the cramped quarters aboard ships and submarines,” as _Popular Science_ described it in a November 1965 issue. In the later part of the decade, General Electric debuted its “Hardiman” exoskeleton, developed under a dual Army-Navy effort, a colossal, bulky apparatus that more closely resembled the P-5000 Powered Work Loader from the 1986 movie _Aliens_ than a sleek battlesuit like Iron Man’s armor. In the 1980s, Los Alamos National Laboratory Advanced Weapons Technology Group engineer Jeffery Moore offered the Pentagon its most futuristic vision of a powered exoskeleton yet with his proposed “Pitman” combat suit, a vision of robot armor so advanced it remained a mere concept without ever producing a prototype. Every decade, the Pentagon appears to stand up and quickly wind down an exoskeleton project without ever producing a feasible prototype.

While the Defense Advanced Research Projects Agency (Darpa) oversaw incremental advances in US military exoskeleton research in the early 2000s, the most recent concerted attempt at a suit of powered armor came in the last decade in the form of US Special Operations Command’s Tactical Assault Light Operator Suit (TALOS). Inspired by the death of a Navy SEAL during a hostage rescue effort in Afghanistan, TALOS sought to cloak elite US special operations forces in additional layers of ballistic armor, sensors, and an exoskeleton to boost their survivability and situational awareness to near-superhuman levels. But while the TALOS program did yield several novel technologies (a lower body exoskeleton among them), the effort was canceled in 2019 after just five years of research and development, felled by “complex subsystem interdependencies” between its various elements that failed to coalesce into a unified and intuitive suit that operators could “just wear,” as Heinlein envisioned decades earlier. (SOCOM would pivot to its “hyper enabled operator” concept, which focuses on “cognitive overmatch” rather than physical augmentation to give American commandos an edge on the battlefield.)

Wary of the technological complexity required to develop mechanized armor for infantry troops, the Pentagon has spent the better part of the last two decades, with the exception of SOCOM’s TALOS effort, scaling back its exoskeleton ambitions to better match the original duties of the servo-soldier: hauling munitions and other heavy equipment. The Army’s Robotics and Autonomous Systems strategy released in March 2017, for example, stated that the service would pursue exoskeleton research primarily “to lighten the soldier load in the future” as a near-term priority as the Pentagon began its pivot from counter-insurgency operations in the Middle East to “great power competition” with technologically-advanced “near-peer” adversaries like Russia and China. The following October, in a letter to senior officials laying out the Army’s core modernization priorities for the coming decades, General Mark Milley, then the Army chief of staff and later chairman of the Joint Chiefs of Staff, declared that the service would eventually field “load-bearing exoskeletons” as part of a renewed emphasis on “soldier lethality” (the next year, Milley directed DEVCOM to undertake “a detailed engineering analysis of existing and emerging exoskeleton products” for their potential military applications).

This newfound push appears to have yielded several fresh experiments with exoskeleton technology in recent years. In 2018, Lockheed Martin was awarded a $6.9 million contract to “enhance” its ONYX exosuit for future Army demonstrations (Accetta, the DEVCOM spokesman, tells WIRED that initiative was ended due to a “number of technical issues” and lack of funding). Similarly, the service has been testing the Dephy ExoBoot for at least the last several years. In August 2022, the Army unveiled an (unpowered) exoskeleton dubbed the Soldier Assistive Bionic Exosuit for Resupply (SABER) to reduce lower back pain and physical stress among service members in the field; according to a 2023 study, 90 percent of soldiers who used the exosuit during field artillery training exercises reported an increased ability to perform their assigned tasks. And the Army isn’t the only branch exploring exoskeletons: Later in 2022, the Air Force announced that the service was testing its own pneumatically powered exosuit developed by ROAM Robotics to help aerial porters load up cargo aircraft like the C-17 Globemaster III.

The Fort Sill exoskeleton trial isn’t just the latest installment in a seven-decade push to meld man and machine; it’s also representative of the service’s cautious, restrained approach to the technology. Although US military planners may have long aspired to build an army of those so-called servo soldiers to dominate the future battlefield, current exoskeleton research efforts appear laser focused on more modest and potentially attainable applications like logistics and resupply rather than combat engagements. Slowly but surely, the Pentagon is carefully examining whether a robotic assist will help service members carry more for longer downrange.

But the Pentagon doesn’t appear to have totally given up on its dream of a powered exoskeleton as the basis for an armored battlesuit just yet. The 2017 Army RAS strategy, despite its emphasis on lightening soldier loads, also posited the long-term goal of building a “warrior suit” with “integrated displays that aggregates a common operating picture, provides intelligence updates, and integrates indirect and direct fire weapons systems”—capabilities not unlike those imagined with a notional _Starship Troopers_ mobile infantry or Iron Man suit-clad operator and explored with the TALOS initiative. As of a few years ago, at least one Army official was still talking about such a suit as a long-term effort that could potentially become a reality sometime in the 2040s.

Today, however, that idea appears to be in hibernation, if not fully dead. When asked about the “warrior suit” effort, DEVCOM officials threw cold water on the entire concept as “the professional vision of one person” and “not to be considered (even at the time) as an official Army position,” despite its explicit mention in the 2017 RAS document.

“The ‘warrior suit’ never existed as such, it was never considered a ‘warrior suit’—at least not by the Army—but a proof of concept, meaning, ‘Would something like this help manage load while on the move?’’ Accetta says. “The number of technical, integration, design, power, ergonomic, and so on concerns were not trivial.”

“The project is not abandoned, it’s simply inactive,” he adds. “And if it ever were to become active, we doubt highly it would be called a ‘warrior suit.’”

The US Army's Vision of Soldiers in Exoskeletons Lives On

Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild.
The vulnerability that has been tagged with an "Exploitation Detected" assessment is CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw in partner.microsoft[.]com.
"An

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

A 59-year-old U.S. citizen who immigrated from the People's Republic of China (PRC) has been sentenced to four years in prison for conspiring to act as a spy for the country and sharing sensitive information about his employer with China's principal civilian intelligence agency.
Ping Li, 59, of Wesley Chapel, Florida, is said to have served as a cooperative contact for the Ministry of State

U.S. Citizen Sentenced for Spying on Behalf of China's Intelligence Agency

Just like Russia's Doppelgänger effort, the goal is to spread misinformation about Ukraine and Western efforts to help Ukraine in its war with Russia.

Source: PHOTOCREO Michal Bednarek via Shutterstock

Social Design Agency (SDA,) a Russian outfit the US government recently accused of operating a malign influence campaign dubbed "Doppelgänger," is running another similar campaign concurrently, targeting audiences in the US, Ukraine, and Europe.

The primary objective of the SDA's "Operation Undercut" campaign, much like Doppelgänger, is to erode support for Ukraine in its war with Russia. However, the campaign also extends its interference to other areas, including the ongoing Middle East conflict, internal EU politics, and matters related to the 2024 US presidential election

**Broad Effort**

"Operation Undercut is part of Russia's broader strategy to destabilize Western alliances and portray Ukraine's leadership as ineffective and corrupt," researchers at Recorded Future's Insikt Group said this week, after analyzing the campaign. "By targeting audiences in Europe and the US, the SDA seeks to amplify anti-Ukraine sentiment, hoping to reduce the flow of Western military aid to Ukraine." The campaign also has been attempting to portray the involvement of the US and EU in the campaign as largely ineffective and misguided, the researchers said.

Recorded Future found that Operation Undercut relies on AI-enhanced videos on social media platforms like X, as well as content that impersonated legitimate media outlets. The videos — in multiple languages, including English, Russian, and German — for the most part appeared well produced and seemed related to recent news events or depicted political figures making various pronouncements.

One video purported to show Ukrainian President Zelensky talking about NATO providing the country with Israel's annual supply of arms. Another portrayed Biden as wanting to escalate the war in Ukraine before Trump takes office while avoiding negotiations with Russia, and a third showed Trump forcing Zelensky to surrender. The campaign also included content that appeared to be sourced from credible media outlets such as UK's The Times and Germany's Die Welt that suggested growing global support for Russia and doubts over Ukraine's war efforts and strategies.

Recorded Future also found members of Operation Undercut amplifying misinformation from Storm-1516, a Russian influence network associated with spreading disinformation about the 2024 US elections, among myriad other topics. Examples included a fake story about Zelensky buying a villa in Italy during a 2024 summit of international leaders and a deepfake video of a Hamas leader threatening the 2024 Olympics.

**Limited Engagement**

The videos and the content appeared to have very limited engagement so far among the intended audiences. However, the US government has taken a serious view of such efforts and sought to actively curb them where possible. In September, the US Department of Justice moved to seize 32 Internet domains that it identified the SDA and others using as part of the Doppelganger campaign. "Among the methods Doppelgänger used to drive viewership to the cybersquatted and unique media domains were the deployment of 'influencers' worldwide, paid social media advertisements (in some cases created using artificial intelligence tools), and the creation of fake social media profiles posing as US (or other non-Russian) citizens," the DoJ motion noted.

Clément Briens, senior threat intelligence analyst for Recorded Future's Insikt Group, attributed Operation Undercut to the SDA after finding Undercut accounts sharing cartoons strongly resembling those found in SDA-leaked documents and those uploaded by Doppelgänger websites.

"We consider Undercut to be a distinct operation from Doppelgänger due to a divergence in \[tactics, techniques, and procedures\], notably in the type of content and distribution tactics each operation employs," he says. "While Doppelgänger relies on inauthentic websites and their promotion by automated accounts, Undercut accounts post content directly to social media platforms, using techniques like localized hashtag spam to amplify their content to targeted audiences."

**About the Author**

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.

'Operation Undercut' Adds to Russia Malign Influence Campaigns

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the CSV DB that contains the configuration mappings information via the VMobileImportExportServlet by directly calling the vstatConfigurationDownload.php script.

    ABB Cylon Aspect 3.08.01 (vstatConfigurationDownload.php) Config DownloadVendor: ABB Ltd.Product web page: https://www.global.abbAffected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio                  Firmware: <=3.08.01Summary: ASPECT is an award-winning scalable building energy managementand control solution designed to allow users seamless access to theirbuilding data through standard building protocols including smart devices.The addition of vSTAT, a Virtual Zone application, allows for authorisedusers to change temperature setpoints, occupancy status, fan status, and more.Delivering the power to control from any internet enabled device. With AspectFT,vSTAT can be customized to display and control custom points. Want to turn thelights on or off? vSTAT can be programed to do it remotely.Desc: The ABB BMS/BAS controller suffers from an unauthenticated configurationdownload vulnerability. This can be exploited to download the CSV DB thatcontains the configuration mappings information via the VMobileImportExportServletby directly calling the vstatConfigurationDownload.php script.Tested on: GNU/Linux 3.15.10 (armv7l)           GNU/Linux 3.10.0 (x86_64)           GNU/Linux 2.6.32 (x86_64)           Intel(R) Atom(TM) Processor E3930 @ 1.30GHz           Intel(R) Xeon(R) Silver 4208 CPU @ 2.10GHz           PHP/7.3.11           PHP/5.6.30           PHP/5.4.16           PHP/4.4.8           PHP/5.3.3           AspectFT Automation Application Server           lighttpd/1.4.32           lighttpd/1.4.18           Apache/2.2.15 (CentOS)           OpenJDK Runtime Environment (rhel-2.6.22.1.-x86_64)           OpenJDK 64-Bit Server VM (build 24.261-b02, mixed mode)Vulnerability discovered by Gjoko 'LiquidWorm' Krstic                            @zeroscienceAdvisory ID: ZSL-2024-5863Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5863.php21.04.2024--$ cat project                 P   R   O   J   E   C   T                        .|                        | |                        |'|            ._____                ___    |  |            |.   |' .---"|        _    .-'   '-. |  |     .--'|  ||   | _|    |     .-'|  _.|  |    ||   '-__  |   |  |    ||      |     |' | |.    |    ||       | |   |  |    ||      | ____|  '-'     '    ""       '-'   '-.'    '`      |____░▒▓███████▓▒░░▒▓███████▓▒░ ░▒▓██████▓▒░░▒▓█▓▒░▒▓███████▓▒░  ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓███████▓▒░░▒▓████████▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░ ░▒▓███████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░          ░▒▓████████▓▒░▒▓██████▓▒░ ░▒▓██████▓▒░          ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░░░░░░          ░▒▓██████▓▒░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒▒▓███▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░▒▓█▓▒░░▒▓█▓▒░▒▓█▓▒░░▒▓█▓▒░         ░▒▓█▓▒░░░░░░░░▒▓██████▓▒░ ░▒▓██████▓▒░ $ curl http://192.168.73.31/vstatConfigurationDownload.phpDisplayName,Path,SearchText,Users,Groups,GuestAccessAllowed,ReferenceText,Pin

ABB Cylon Aspect 3.08.01 vstatConfigurationDownload.php Configuration Download

The lessons I've learned soaring through the skies have extended far beyond the runway.

Source: Stanislav Duben via Alamy Stock Photo

COMMENTARY

As a child, airplanes fascinated me — I was taken by their gravity-defying magic, their technical wonders, their sleek designs, and the adventures they unlocked. I dreamed of flying one myself.

Although I pursued a career in cybersecurity, flying always inspired me — so I chased my lifelong dream of becoming a licensed pilot. I continue to fly light aircraft in the little spare time I get alongside my role as the CEO of a leading cyber-risk management company. 

**Always Have Backup**

A recent experience prompted me to think more closely about the interplay between my two passions. 

Not long ago, I completed an advanced course for pilots of two-engine planes. Previously, I had only flown planes with one engine, which is a risk: If the engine malfunctions, you're in big trouble. 

In the final training session, we practiced different responses in the event of an engine breaking down. As our instructor walked us through different tactics, one thought went through my mind: the critical need for a "defense in depth" approach to security. Just as the smooth functioning of an airplane relies on multiple mechanisms supporting one another, a modern cybersecurity platform also leverages numerous defensive techniques, so that if a threat slips through one layer, it will be caught by another. 

That was when I realized: While aviation and cybersecurity may appear as far apart as the heavens and earth, the skills I've learned from flying have profoundly influenced my career.  

**Know Your Environment**

Even at the beginning of my career, as a junior systems analyst and IT team manager, I understood that an organization's cybersecurity posture is much broader than any single tool or platform. Effective cybersecurity requires a thorough understanding of the operating environment and all the tools therein. Before an organization can identify vulnerabilities and secure itself against attacks, it needs a complete understanding of its internal and external assets, digital surfaces, devices, brand assets, and more. 

Likewise, becoming a pilot not only required me to master the practical skills of navigating an aircraft through various conditions but also necessitated a deep understanding of the equipment on board. Flying without a confident grasp of my instruments or expected flight environment is like playing Russian roulette: potentially fine … or lethal. 

In cybersecurity, just as in aviation, one can never be passive. Full visibility into a technology environment is required to be able to manage risks, quickly adjust course, identify and communicate issues, and fix those issues under pressure. 

**Continuous Learning and Testing**

In the modern cybersecurity landscape, threats are always evolving, and hackers are constantly honing their skills. That’s why I ensure my company continuously tests its defenses and my employees constantly learn new skills to keep pace with the rapidly changing threat landscape. 

During a recent performance review with one of my direct reports, the employee suggested that some of our threat simulations and training sessions were so time-consuming that they prevented his team from carrying out other deliverables. I acknowledged that learning and testing take up a lot of time, but doubled down on the importance of learning from past incidents to understand future threats and tactics. A cybersecurity company that prioritizes this will serve its customers better in the long run, even if it means a routine report or product update will be slightly delayed. 

**Muscle Memory and Task Execution**

A little-known insight into a pilot's mindset: When landing my aircraft, I barely think about what I am doing. That's because I have practiced and repeated the same maneuver hundreds of times, making complex tasks feel like second nature. 

It's just as vital to develop this sort of muscle memory among security professionals. Security teams should regularly practice routine protocols for any scenario. Conducting tabletop exercises and attack simulation drills allows teams to react quickly and effectively when a real threat emerges. 

By promoting constant preparedness, I aim to ensure that my teams can execute the best course of action without hesitation, even in high-pressure situations.

**Small Issues Become Big Ones**

After flying for a few years, I felt like I'd finally memorized the dozens of separate tasks that form part of a pre-flight checklist. In reality, I'd started to prioritize — I knew that I'd always have to check whether there was enough fuel in the tank to complete the journey, but making sure each seatbelt on the plane was fastened correctly seemed secondary. 

One time, I experienced a particularly bumpy landing. I asked a fellow pilot why that might have occurred, and he suggested checking the air pressure in the tires. I took a look and realized that I'd completely forgotten to check the tires before the flight. A tire low on air won't cause the plane to fall from the sky, but landing on a flat tire can be extremely dangerous. If a flat tire hits the runway, it could burst and send the plane swerving. Incidents like this can easily be avoided — by running through the correct procedures to identify any small issue before it becomes a big one. 

In cybersecurity, small vulnerabilities in a system can easily be overlooked and are therefore ripe for exploitation. In short, cybersecurity is not just about responding to attacks — it's about mitigating risks before they can cause damage. By implementing best practices and checklist procedures, security teams can do just that.  

**The Sky's the Limit**

The lessons I've learned soaring through the skies have extended far beyond the runway. 

Learning from my mistakes and internalizing the discipline it takes to be a pilot have allowed me not only to lead my company with clarity and resilience; it also has provided me with a new perspective on the ever-evolving landscape of cybersecurity. Incorporating these lessons into the flight plan of my professional life has helped foster a culture of continuous improvement at our workplace, which ultimately has helped our customers. 

**About the Author**

CEO, Cyberint

Yochai Corem is the CEO of Cyberint, a leading external cyber-risk management provider that supports hundreds of organizations around the globe in understanding and managing their threat exposure. 

Yochai is a seasoned executive and strategic cybersecurity leader and innovator, with more than 25 years of experience in driving business success for cyber security companies. 

Prior to Cyberint, Yochai held multiple executive positions at CYE, Cyberbit, 3i-Mind, and Verint in the areas of sales, product strategy and services. 

Yochai has registered multiple patents in the area of cybersecurity, which have been applied in commercial products, and is often invited to share insights on the Israeli cyber security innovation and leadership landscape. 

Yochai is a former officer of the Israeli Intelligence Unit 8200 and holds an MBA from the Reichman University (IDC) in Herzliya and a BSc in electrical engineering cum laude from Tel Aviv University.

How Learning to Fly Made Me a Better Cybersecurity CEO

GenAI's 30%-50% coding productivity boost comes with a downside — it's also generating vulnerabilities. Veracode's Chris Wysopal talks about what he finds out in this News Desk interview during Black Hat USA.

It's faster, for sure, but generative artificial intelligence (GenAI) is learning how to code just like a human developer would — and that means picking up mistakes along the way.

GenAI and large language models (LLMs) learn how to code based off of open source models, which themselves are flawed, explained Chris Wysopal, CTO and co-founder of Veracode, at this year's Dark Reading News Desk at Black Hat USA 2024.

"\[GenAI\] can write a lot more code a lot faster," he said. "So what you end up with is more code and more vulnerabilities per unit of time."

The trick then becomes finding and fixing vulnerabilities at the same pace.

In his research presented at the conference, "From HAL to HALT: Thwarting Skynet's Siblings in the GenAI Coding Era" (a titled itself written by an LLM), Wysopal proposes the best way forward is using AI to find and fix the vulnerabilities in AI-generated software code. But we're not there yet.

According to research, the current model that can write code the best is an LLM called StarCoder. That's not to say it writes code completely free of vulnerabilities, but it's the best thing going. ChatGPT 4.0 and ChatGPT 2.5 were also found to be fairy adept at writing secure code.

"A general purpose LLM can fix some security bugs, but it turns out it's not great at it," Wysopal says. "And so we're seeing specialized LLMs that are trained just to secure code."

Wysopal and his team at Veracode are working on that, as well as other companies, he adds.

News Desk 2024: Can GenAI Write Secure Code?

The preview version now includes multiple security-focused additions Microsoft had promised to add, such as SecureBoot, BitLocker, and Windows Hello.

Source: Mundissima via Shutterstock

Six months after announcing (and modifying and delaying) Windows Recall, Microsoft has released a first-look preview of a reworked version for Windows Insiders via its Dev Channel. 

The preview is available only to Windows Insiders with Qualcomm Snapdragon X Elite and Plus Copilot+ PCs. The build of Windows that includes Recall (preview) with Click to Do (Preview) is Windows 11 Insider Preview Build 26120.2415 (KB5046723), Microsoft said. Support for Intel- and AMD-powered Copilot+ PCs will be available at a later date.

Recall takes "snapshots" of a user's PC that can be searched at anytime, thus allowing users to "recall" any application action, website visited, or image or document previously accessed on the system. Recall uses optical character recognition (OCR) to extract the text in screenshots and saves both of the images and text into a searchable database. When users describe what they are looking for, Recall searches the database to help them find it. The built-in neural processing unit is capable of running artificial intelligence (AI) and machine learning workloads locally and does not store anything in the cloud. This means Microsoft doesn't have access to any Recall snapshots, and none of the snapshots will be used to train Microsoft's AI models.

Recall was initially scheduled to be released last summer, but Microsoft had repeatedly delayed it to address privacy concerns. In September, the company explained how it was working to secure Recall snapshots.

Several of the new security-focused additions are available in the preview. Those who download the preview must opt in to saving snapshots, which is a change from the original plan to make it an opt-out feature. Recall now requires BitLocker disk encryption and Secure Boot to be enabled. Users must also be enrolled in Windows Hello because they must reauthenticate with Hello each time they access Recall's database. Users have the ability to delete any snapshot they want, and the system can detect sensitive personal data, like credit card numbers, passwords, and PINs, and won’t save them.

Users can also opt out of using Recall on specific apps and websites or just uninstall it altogether. For enterprise and education users, Recall will be managed by IT administrators. Administrators can also completely uninstall Recall if they are concerned about data exposure. 

The purpose of the Windows Insider preview is to give users the ability to try out the feature in real-world scenarios and help Microsoft identify issues that need to be addressed. Users can submit their feedback of the preview versions of Recall and Click to Do (recognize text and images in Recall snapshots and then copy the text or save images out of the snapshots) via the Feedback Hub. Insiders are asked to provide feedback on Recall's "updated security and privacy architecture" through the Windows Insider Preview Bug Bounty Program. 

Microsoft did not say how long it plans to keep Recall in preview before it would be considered ready for general release.

Microsoft Finally Releases Recall as Part of Windows Insider Preview

Group-IB collaborated with INTERPOL and AFRIPO in a major crackdown on cybercrime in Africa for “Operation Serengeti.” This…

Group-IB collaborated with INTERPOL and AFRIPO in a major crackdown on cybercrime in Africa for “Operation Serengeti.” This article provides details of the operation, including the arrests, the tactics used to identify cybercriminals, and the impact on global cybersecurity.

Cybersecurity firm Group-IB has shared details of its contribution to a high-profile global effort to combat cybercrime. According to Group-IB’s press release, the company played a crucial role in INTERPOL and AFRIPOL’s “Operation Serengeti.”

It was a two-month operation conducted between September 2nd and October 31st, 2024, and led to the arrest of over 1,000 individuals suspected of involvement in various cybercriminal activities across Africa.

Suspects under custody (Screenshot: INTERPOL)

By analyzing complex cyberattacks Group-IB identified 10,000 DDoS attacks from African servers, over 3,000 phishing domains, and details of data stealers and actors who published **data leaks on Dark Web forums** to help agencies dismantle malicious infrastructure and bring cybercriminals to justice. INTERPOL’s Cyber Analytical Reports, informed by Group-IB’s insights, enabled law enforcement agencies to target the most significant cybercrime actors. 

“The information shared by participating countries about ongoing cases was incorporated into 65 Cyber Analytical Reports prepared by INTERPOL. These reports ensured that on-the-ground actions were intelligence-driven and targeted the most significant cybercrime actors,” Group-IB’s **press release** revealed.

Operation Serengeti resulted in the arrest of 1,006 suspects and the dismantling of 134,089 malicious infrastructure and networks. During this operation, authorities identified around 35,000 victims worldwide with financial losses of around US$193 million and provided them with support and assistance.

Operation Serengeti has had a stupendous impact, with arrests and disruptions across Africa, including Kenya, Senegal, Nigeria, Cameroon, and Angola. Kenyan law enforcement dismantled an online credit card fraud ring that stole over US$8.6 million, whereas Senegal arrested eight individuals, including five Chinese nationals, in a US$6 million **Ponzi scheme**.

In addition, Nigerian authorities apprehended a man running online investment scams and collecting over US$300,000 from victims. Cameroon dismantled a group involved in a multi-level marketing scam, and Angola disrupted a virtual casino operation, which had defrauded Brazilian and Nigerian gamblers, leading to 150 arrests.

Image via INTERPOL

“From multi-level marketing scams to credit card fraud on an industrial scale, the increasing volume and sophistication of cybercrime attacks are of serious concern,” Valdecy Urquiza, Secretary General of INTERPOL, said. “Operation Serengeti shows what we can achieve by working together, and these arrests alone will save countless potential future victims from real personal and financial pain.”

1.  INTERPOL Arrests 41, Takes Down 22,000 Malicious IPs
2.  Interpol Nets $300 Million, Arrests 3,500 in Cyber Crime Bust
3.  Op Narsil – INTERPOL Busts Decade-Old Child Abuse Network
4.  INTERPOL Dismantles Infamous ’16shop’ Phishing-as-a-Service
5.  Interpol Busts Human Traffickers Luring Victims with Fake Job Ads

INTERPOL Arrests 1,000 and Dismantles Cybercrime Networks Across Africa

With a focus on creating technologies for other markets, Israel continues to be a valued destination for venture capital in cybersecurity outside the US and Europe.

Source: thinkhubstudio via Shutterstock

Though funding for cybersecurity startups began slowing globally in late 2022, Israeli startups continue to win significant cybersecurity investments, even with the nation's ongoing military operation in Gaza and escalating regional tensions.

The continued investment shows that Israel continues to be one of the strongest hubs for tech innovation in the US outside of Silicon Valley, says Or Shoshani, CEO and co-founder of Tel Aviv-based Stream.Security. His company, a cloud detection and response firm, garnered its first round of funding — a $26 million Series A — in March 2022 at the tail end of the boom. Earlier this month, the company was awarded a Series B round for $30 million.

"I've been traveling more than I've been doing in the last four years. Why? Just to show that we are here to support our customers, and we have built a business that is truly resilient, regardless of where we are and regardless of the state \[of affairs\] Israel is experiencing."

Following a two-year drought, cybersecurity startup companies are seeing an uptick in investment internationally, with the value of deals expected to grow by 45% in 2024 — a reversal of fortunes compared to the 40% decrease in 2022 and 49% drop in 2023, according to data from cybersecurity investment-advisory firm Altitude Cyber.

Related:Microsoft VS Code Undermined in Asian Spy Attack

Following a peak in Q4 2021, investment in cybersecurity firms tapered off for two years. It's starting to return. Top: Number of deals. Bottom: Value of deals in billions of US$. Source: Altitude Cyber

The investment focus of Altitude Cyber's clients, for example, remains the US, Israel, and Europe, followed by the rest of the world, says Dino Boukouris, founder and managing partner at the firm.

"We don't anticipate that trend will change any time soon," he says. "Even with the geopolitical climate we're in, Israel has continued to deliver, the US cyber market remains as strong as ever, and Europe \[and the\] UK continue to innovate and produce really great cyber companies."

**Cybersecurity Springs Back**

Israel's research and development centers took off during the US regulatory assault on encryption in the 1990s and the migration of chip design to many of the technology parks around Tel Aviv and Haifa during the past two decades. On the cybersecurity side, the nation has developed "outsized" capabilities, according to a recent history of Israel's evolution in cybersecurity.

Similar to Silicon Valley, going out for a cup of coffee often means running into two or three entrepreneurs that are going to tell you about their latest idea, says Jacques Benkoski, general partner at US Venture Partners, an investor in Stream.Security.

With the country's focus on cybersecurity and the density of talent and education available in a small area, innovation naturally follows, he says. 

Related:Under-Resourced Maintainers Pose Risk to Africa's Open Source Push

"When you look at the history of venture capital, you have nodes of innovation that are characterized by a catalytic density of talent — you look at places like Silicon Valley, you look at places like Tel Aviv, and you just have a lot of people that are focused on the same thing," he says. "And from the acceleration through dialogues and the collisions \[of ideas\] between those people comes more innovation" than other parts of the world.

Yet, one aspect of Israel's venture-capital scene is that investors do not want to fund companies solving local problems. Instead, the focus is on creating technologies and businesses that address issues in the US, Europe, and worldwide, Benkoski say.

"We typically invest in companies that see the US as their primary market — it's actually an investment condition," he says. Second rounds of venture capital for companies like Stream.Security are often to develop a stronger presence in their primary market, he adds.

**Broadening Out Cybersecurity Investment**

While the country's cybersecurity ecosystem certainly has its adherents, other investors see a focus on local ecosystems to be desirable. Ukraine has historically had a strong cybersecurity community — albeit mixed with its share of cybercriminal groups — and that could see a resurgence if Russia ends its war, says Ron Gula, president of Gula Tech Adventures, an investment firm.

Related:Software Productivity Tools Hijacked to Deliver Infostealers

"I'm hopeful that the Ukraine war will end soon, and believe the tech ecosystem there will emerge as a rival to the Israeli ecosystem," he says.

Other areas of the world also offer substantial benefits for investment. In addition to expanding its investment into Israel, Forgepoint Capital plans to focus on Latin America and the Asia-Pacific regions, where the mobile-first ecosystem requires a tailored approach to cybersecurity, managing director J. Alberto Yépez says.

"Other geographies have more of a built-in enterprise industry infrastructure to support local innovation, with established institutions taking an active role to drive collaboration and better anticipate and address their customers' needs," he says, adding that the firm has partnered with global financial institutions to help innovate. "We aim to address a critical gap in growth funding for startups in Europe while expanding our purview into Latin America and Israel," he says.

One overhyped technology for investors? AI. While artificial intelligence has technology giants spending heavily — and nearly every cybersecurity firm boasts of AI features — the impact of AI startups on cybersecurity remains modest, says Altitude's Boukouris. But there have been some significant financing deals for AI-cybersecurity companies in past few years, including Protect AI ($60 million in Series B funding, HiddenLayer ($50 million, Series A), Witness AI ($28 million, Series A), and Cranium ($25 million, Series A), he says.

"Vendors specifically focused on security for AI/ML are still primarily in the early stages in terms of funding," he says. "We've only seen one significant M&A event so far, with Robust Intelligence being acquired by Cisco for around $300 million, which indicates that we are still in the early stages of security for AI."

**About the Author**

Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends.

Tag

#intel