Weaponizing Apple AI for Offensive Operations

Apple's on device AI frameworks CoreML, Vision, AVFoundation enable powerful automation and advanced media processing. However, these same capabilities introduce a stealthy attack surface that allows for payload execution, covert data exchange, and fully AI assisted command and control operations. This talk introduces MLArc, a CoreML based C2 framework that abuses Apple AI processing pipeline for payload embedding, execution, and real time attacker controlled communication. By leveraging machine learning models, image processing APIs, and macOS native AI features, attackers can establish a fully functional AI assisted C2 without relying on traditional execution mechanisms or external dependencies. Beyond MLArc as a standalone C2, this talk explores how Apple's AI frameworks can be weaponized to enhance existing C2s like Mythic, providing stealthy AI assisted payload delivery, execution, and persistence. This includes the below list of Apple AI framework used for embedding Apfell Payload. CoreML - Embedding and executing encrypted shellcode inside AI models. Vision - Concealing payloads/encryption keys inside AI processed images and retrieving them dynamically to bypass detection. AVFoundation - Hiding and extracting payloads within high frequency AI enhanced audio files using steganographic techniques. This research marks the first public disclosure of Apple AI assisted payload execution and AI driven C2 on macOS, revealing a new class of offensive tradecraft that weaponizes Apple AI pipelines for adversarial operations. I will demonstrate MLArc in action, showing how Apple's AI stack can be abused to establish fileless, stealthy C2 channels that evade traditional security measures. This talk is highly technical, delivering new research and attack techniques that impact macOS security, Apple AI exploitation, and red team tradecraft. By: Hariharan Shanmugam | Lead Red Teamer Full Session Details Available at: https://ift.tt/d6lYhvI

source https://www.youtube.com/watch?v=UooCY59nQSQ

From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion

Gaining initial access to an intranet is one of the most challenging parts of red teaming. If an attack chain is intercepted by an incident response team, the entire operation must be restarted. In this talk, we introduce a technique for gaining initial access to an intranet that does not involve phishing, exploiting public-facing applications, or having a valid account. Instead, we leverage the use of stateless tunnels, such as GRE and VxLAN, which are widely used by companies like Cloudflare and Amazon. This technique affects not only Cloudflare's customers but also other companies. Additionally, we will share evasion techniques that take advantage of company intranets that do not implement source IP filtering, preventing IR teams from intercepting the full attack chain. Red teamers could confidently perform password spraying within an internal network without worrying about losing a compromised foothold. Also, we will reveal a nightmare of VxLAN in Linux Kernel and RouterOS. This affects many companies, including ISPs. This feature is enabled by default and allows anyone to hijack the entire tunnel, granting intranet access, even if the VxLAN is configured on a private IP interface through an encrypted tunnel. What's worse, RouterOS users cannot disable this feature. This problem can be triggered simply by following the basic VxLAN official tutorial. Furthermore, if the tunnel runs routing protocols like BGP or OSPF, it can lead to the hijacking of internal IPs, which could result in domain compromises. We will demonstrate the attack vectors that red teamers can exploit after hijacking a tunnel or compromising a router by manipulating the routing protocols. Lastly, we will conclude the presentation by showing how companies can mitigate these vulnerabilities. Red teamers can use these techniques and tools to scan targets and access company intranets. This approach opens new avenues for further research. By: Shu-Hao Tung | Threat Researcher, Trend Micro Presentation Materials Available at: https://ift.tt/2ldANpQ

source https://www.youtube.com/watch?v=terPgwzk3dc

Clustered Points of Failure - Attacking Windows Server Failover Clusters

Windows Server Failover Cluster (WSFC) implementations represent a critical yet underexamined attack surface in enterprise environments. This research exposes how WSFC's architectural design inadvertently creates exploitable abuse paths and presents novel attack methodologies demonstrating how the compromise of a single cluster node can lead to complete cluster takeover, lateral movement across clustered infrastructure, and ultimately, domain compromise. This Briefing will present previously undiscovered techniques for extracting and leveraging cluster credentials, manipulating Kerberos authentication, and exploiting excessive permissions granted to cluster objects. This "set it and forget it" high-availability infrastructure represents a significant blind spot for organizations. You will leave with a better understanding of WSFC's internal security architecture, strategies for enumerating and abusing these new attack paths, and concrete defensive guidance for protecting organizations from these new abuses. By: Garrett Foster | Senior Security Researcher, SpecterOps, Inc.

source https://www.youtube.com/watch?v=FSRmPwfMYs0

Out Of Control: How KCFG and KCET Redefine Control Flow Integrity in the Windows Kernel

Virtual Secure Mode, or VSM, on Windows marked the most significant leap in security innovation in quite some time, allowing the hypervisor to provide unprecedented protection to the Windows OS. With VSM features like Credential Guard, preventing in-memory credential theft and Hypervisor-Protected Code Integrity (HVCI), protecting against unsigned kernel-mode code, VSM has significantly reshaped the way many offensive security practitioners and threat actors alike think about tradecraft. In the exploitation world, similar shifts have occurred with both Control Flow Guard (CFG) and Intel Control Flow Enforcement Technology (CET) being readily available in user-mode. However, we don't hear or read much about their kernel-mode counter parts, KCFG and KCET. Why is this if CFG and CET are both relatively well-established exploit mitigations in user-mode? At the time when CFG in user-mode was first released, kernel mode was the highest security boundary available on Windows – therefore making the implementation of CFG, or any CFI mitigation in kernel mode, impossible. However, since we now have a higher security boundary on Windows, thanks to the hypervisor, it is now possible to robustly implement CFG and CET in the Windows kernel! This talk will cover what kernel mode CFI would look like without the presence of a hypervisor; why KCFG and KCET rely on VTL 1; how these mitigations differ from their user-mode counterparts; known limitations which exist today, including the recent deprecation of the next iteration of CFG known as eXtended Control Flow Guard (XFG); and the future of kernel-mode exploitation on Windows in the presence of KCFG and KCET. By: Connor McGarr | Software Engineer, Prelude Security Presentation Materials Available at: https://ift.tt/5jlwhHR

source https://www.youtube.com/watch?v=LflYlvJ4vSU

Keynote: From Script Kiddie to Cyber Kingpin: Preventing the Predictable Progression

What the cruelest hack in history can teach us about the pathway to serious cybercrime. The Vastaamo hack shocked the world but when the hacker behind it was unmasked it came as no surprise. What can the story of Julius Kivimaki teach us about teenage hacking culture and how we can end the cycle. It's a problem that's come back into the fore with high profile hacks from Scattered Spider as Cyber Correspondent and author Joe Tidy explains in this keynote talk. By: Joe Tidy | Cyber Correspondent, BBC Full Session Details Available at: https://ift.tt/m5A48ak

source https://www.youtube.com/watch?v=TPMXnZihZxg

AppleStorm - Unmasking the Privacy Risks of Apple Intelligence

Apple Intelligence, Apple's newest AI product, is designed to enhance productivity with AI while maintaining Apple's focus on user experience and privacy, often highlighting its use of localized models as a key advantage, combined with its Private Cloud Compute models. But how well do these assurances hold up under scrutiny? While Apple emphasizes privacy as a core principle, my findings challenge some of these claims, illustrating the importance of scrutinizing AI-driven assistants before widespread adoption. In this talk, we take a closer look at the data flows within Apple Intelligence, examining how it interacts with user data and the potential security and privacy risks that come with it. Using traffic analysis and OS inspection techniques, we explore many of the different flows within Apple Intelligence and answer: what information is accessed, how it moves through the system, and if and where it gets transmitted. We'll explore various interactions and features of Apple Intelligence. We'll show how some features are processed locally on the device, while others involve transmitting data to Apple's servers. While some of these data flows are legitimate and necessary, others raise privacy concerns that Apple has acknowledged. Covering topics from encrypted traffic to potential data leaks, this presentation offers practical insights for both users and security professionals. By: Yoav Magid | Senior Security Researcher, Lumia Security Presentation Materials Available at: https://ift.tt/6OVBzau

source https://www.youtube.com/watch?v=iL2McWODDnc

SecTor 2025 - Full Highlights Video

source https://www.youtube.com/watch?v=G7JprWhmZAc

Black Hat Europe 2025 | Secure Your Pass | 1 min

Black Hat Europe returns to the Excel in London with a four-day program this December 8-11, 2025. The event will open with two-and four-day options of specialized cybersecurity Trainings, with courses of all skill levels. The two-day main conference on December 10 & 11 boasts Briefings featuring the latest in research, developments, and trends in cybersecurity, along with dozens of open-source tool demos in Arsenal, a robust Business Hall, networking, and social events, and much more. View Pass Options » https://ift.tt/LEsXpzV

source https://www.youtube.com/watch?v=6S7SZ2NzXOQ

Keynote: The Once and Future Rules of Cybersecurity

Cybersecurity has always been built on rules — some that save us, and some that nearly ruin us. A few have held true for decades, like "your users are the weakest link." Others, like "change your passwords every month," aged badly and left us chasing the wrong problems. Rules reflect the world in which they were written, and the world keeps moving. In this session, I'll revisit the rules we lived by in the 2000s, reveal which ones still matter, which ones failed us, and what new rules we'll need to survive the future. By: HD Moore | Founder, runZero Full Abstract Available: https://ift.tt/5K3bu04

source https://www.youtube.com/watch?v=MP_HSMJegDk

Black Hat | Connect. Learn. Lead in Cybersecurity

Since 1997, Black Hat has been the global stage for cutting-edge cybersecurity. With events across the US, Europe, Asia, the Middle East & Africa, and Canada, we bring together top minds to share the latest research, trends, and innovations. Whether you're a seasoned pro, a rising talent, or a tech innovator—Black Hat delivers: • Expert-led Briefings & Trainings, handpicked by our independent Black Hat Review Board • Networking with thousands of security professionals • The latest Arsenal tools in our Business Hall • Career connections & exclusive Summits Join the community shaping cybersecurity’s next chapter. 🔗 blackhat.com #BlackHat #Cybersecurity #Cybersecurity #TechConference #BHEU #BHUSA #BHASIA #Sectorca #BlackHatTrainings

source https://www.youtube.com/watch?v=2G9dyPgnOUM

Dismantling the SEOS Protocol

In this talk, we present the first open source implementation of HID SEOS communication protocol over RFID. HID SEOS is a credential technology designed to provide enhanced security, flexibility, and convenience for access control and identity management applications. It's currently the leading access control solution for HID Global and is widely used in corporate, educational, healthcare, and government settings. The documentation for this card technology is not publicly available so no previous open source implementation exists. We will demonstrate how it works and give insights in our process of making this project happen. The source code has been incorporated into the Proxmark3 project. By: Iceman | Co-Founder, AuroraSec, RRG Adam (evildaemond) Foster | Senior Penetration Tester, Onestep Group Full Abstract and Presentation Materials: https://ift.tt/WUMR5CJ

source https://www.youtube.com/watch?v=mnhGx1i6x08