Black Hat USA 2025

This year’s Black Hat felt MASSIVE. Keynotes were packed, the expo hall was buzzing from open to close, and the energy was back in full Vegas force. If there was one phrase floating through every hallway, booth, and coffee line, it was “AI in everything”  from offensive tooling to defensive automation, it is clear we have only scratched the surface of what is coming. 

Observers agree that AI is no longer a side topic. It has moved to the center of the cybersecurity conversation. Publications like CSO Online note that agent-driven AI is reshaping threat intelligence and response. Other analysts see it as a natural evolution in security operations.

Weather was classic August Vegas at the Mandalay Bay (triple digits, of course), but mercifully cooler than last year’s extremes. 

REGISTRATION

Check-in was smooth and fast this year. Whether attendees had the QR code or only their email address, the process was quick and well-organized. Compared to past years, the improved flow was a welcome change.

This year’s attendee backpack kept the familiar sleek black design with the Black Hat logo front and center. The lightweight build, dual mesh side pockets, and simple zippered compartments make it a functional yet understated conference staple.

EXPO HALL

Mandalay Bay’s Business Hall was buzzing with over 400 vendors and countless demos. AI-powered security tools were everywhere, from advanced cloud defense to demonstrations of deepfake detection and prompt injection attacks. Vendors presented new approaches to detection and response, while startups focused on fully autonomous solutions. Established companies showcased how they are layering AI into existing products.

Black Hat is always one of the best weeks of the year to catch up with old friends, make new ones, and get into real, unfiltered security conversations. At Booth #5739, we had a steady stream of pros stopping by to talk shop, check out our latest tools, swag, and share what they’re seeing out in the wild.

We kept the discussions focused on what matters most right now:

• Protect your critical assets with a zero-trust approach that closes identity gaps, reduces data sprawl, and pushes back against AI-driven threats

• Detect cyberthreats faster, cutting through alert noise to find the real attacks before they can spread

• Respond with speed and strategy to keep downtime, fines, and damage to a minimum

The vibe was energetic, the questions were sharp, and the takeaways were practical.  Black Hat was a solid reminder that the best security insights come from talking face-to-face with the people tackling these challenges every day.

Many vendors came to Black Hat with massive, eye-catching booth props, but this CVE-themed roulette table was the one that stood out to me. It was a clever way to spark conversations about vulnerability risk while adding a bit of Vegas flair. I love roulette, but I do not want to spin on this.

One of the highlights outside the sessions was an analyst dinner we hosted at a Paris restaurant, complete with a stunning view of the Bellagio fountains at night. It was a relaxed, high-value evening where conversations flowed easily across the table, mixing industry insights with plenty of laughs. 

BRIEFING SESSIONS

Before the expo hall even opened its doors, the real heart of Black Hat was already in full swing at the briefing sessions. These talks are where the cutting edge of security research, threat intelligence, and offensive techniques gets unveiled, often months before the rest of the industry catches on. From deep dives into criminal ecosystems to hands-on demonstrations of new exploits, the briefings deliver unfiltered insight straight from the researchers and practitioners who are shaping the next wave of cybersecurity challenges. While I attended a couple sessions, Grayson Millbourne attended and reviewed most of these sessions.

Settle in and get that scroll wheel ready because there is a lot to cover.

Jeff Moss: Navigating Chaos, Building Resilience - Rating 10/10

Jeff Moss opened with a wide-lens view of the challenges facing the tech and security industries today. He emphasized that technology is no longer a neutral tool but an arena shaped by politics, regulation, and shifting global conditions. His message focused on adaptability for both individuals and organizations, and on the value of investing in culture and community as strategic advantages in uncertain times.

Key Takeaways

• Tech is now political: Decisions are increasingly influenced by geopolitics, trade rules, and national security. Example: DEF CON needed to certify it had no Huawei equipment to host Department of Defense attendees.

• Global uncertainty is the norm: Disruptions from trade, climate, and talent migration are compounding rather than happening in isolation.

• Adaptability is critical: Over-optimization creates brittleness. Planning with options in mind is essential.

• Community as a strategic asset: Strong internal and external communities boost resilience, reduce crime, and speed recovery after crises.

• Culture eats strategy for breakfast: Organizational culture determines whether strategy can be executed. Leaders must align plans with the reality of their team’s values and behaviors.

Mikko Hypponen: Cybersecurity Is Securing Society - Rating 10/10

Mikko Hyppönen explored how artificial intelligence is reshaping both cybersecurity defense and cybercrime. He warned that attackers are adopting AI faster than many defenders, creating a widening skills and capabilities gap. Mikko stressed that AI is not just a tool for automation but a force multiplier that changes the economics of cyberattacks.

Key Takeaways

• AI as an equalizer for attackers: Criminals can now generate phishing campaigns, malware variants, and social engineering scripts at scale with minimal skill.

• Defensive opportunities exist: AI can help defenders detect anomalies faster, automate repetitive tasks, and simulate attack scenarios for training.

• The need for verification: Deepfakes, synthetic voices, and AI-generated content will erode trust in digital evidence, requiring stronger authentication methods.

• Data is the fuel: AI systems are only as good as the datasets they are trained on, which makes securing training data a critical defense priority.

• The arms race is accelerating: Organizations must prepare for a future where AI-driven attacks are constant, fast-moving, and increasingly difficult to attribute.

No Hoodies Here: Organized Crime in AdTech - Rating 9/10

This session pulled back the curtain on the criminal underbelly of the online advertising industry. The speakers detailed how groups like Vex Trio and Los Boyos manipulate ad networks to spread malware, run scams, and generate massive profits, often flaunting their success with private jets and luxury vacations. The presentation highlighted the commercial scale of these operations and the difficulty of tracking them due to their use of shell companies, fake apps, and constantly shifting infrastructure.

Key Takeaways

• Vex Trio’s reach: A traffic distribution system that compromised 40 percent of WordPress sites in 2024, redirecting visitors into their malware network.

• Affiliate marketing abuse: Groups like Los Boyos exploit smart links to promote scams such as fake antivirus, bogus dating sites, and “blank credit card” offers.

• Operational complexity: Networks span Eastern European, Italian, and other international groups, supported by crypto companies, payment processors, and energy firms.

• Fake app monetization: Scam apps appear in major app stores, generating revenue through misleading notifications and spam features.

• The lifestyle tells the story: Evidence of illicit profits is visible in their public display of luxury travel, high-end cars, and exclusive events.

Cybersecurity, AI, and Our Brains. A Fireside Chat with Cognitive Scientist and AI Expert Gary Marcus - Rating 7/10

This fireside chat covered the current state and future of artificial intelligence, focusing on AGI (Artificial General Intelligence), the limitations of LLMs (Large Language Models), the risks of AI deployment, and the cognitive and societal impacts of these tools. Gary Marcus took a balanced but critical stance, stressing the importance of neuro-symbolic AI, robust engineering, and evidence-based thinking in an industry too often shaped by hype.

Key Takeaways

• AGI is possible but far away: Marcus believes current generative AI is not the path to true AGI, which must be reliable and robust.

• LLMs are overhyped: They mimic rather than think, are vulnerable to attacks like prompt injection, and are increasingly being paired with symbolic reasoning tools.

• Neuro-symbolic AI as the future: Merging neural networks with symbolic systems could create better world models and more dependable AI.

• Investor-driven hype: Bold, unrealistic predictions often go unpunished and attract funding, sidelining accuracy.

• AI agents not production-ready: Real-world performance is hampered by edge cases and compounding errors.

• Cognitive and societal risks: Overreliance may lead to reduced critical thinking, vigilance, and social connection.

• Workforce impact: Fewer entry-level opportunities could weaken skill development.

• Human connection at risk: AI companionship may offer comfort but risks deepening isolation, particularly for youth.

LLMDYara: LLMs-Driven Automated YARA Rules Generation with Explainable File Features and DNAHash - Rating 8/10

This session introduced LLMDYara, a system that uses large language models to automate the generation of YARA rules. By combining explainable file feature extraction with DNAHash, the approach aims to create more accurate and understandable detection rules for malware analysis. The talk highlighted promising advancements but also acknowledged limitations in current implementation and scalability.

Key Takeaways

• LLM-assisted rule creation: Uses LLMs to produce YARA rules quickly, reducing the need for deep manual expertise in every case.

• Explainable features: Integrates explainable AI techniques to help analysts understand why specific rule conditions are generated.

• DNAHash integration: Employs DNAHash for robust file feature matching, enhancing detection accuracy.

• Time savings for analysts: Can streamline the creation of high-quality detection rules, freeing analysts to focus on higher-level threat hunting.

• Limitations remain: Current performance may struggle with highly obfuscated malware or edge cases.

• Future potential: Could be adapted to other detection rule languages and integrated into automated threat intelligence pipelines.

Use and Abuse of Personal Information – Politics Edition - Rating 7/10

This session examined how personal data is collected, weaponized, and exploited in political contexts. The talk explored real-world examples of how campaigns, third-party data brokers, and foreign actors use targeted information to influence voter perception and behavior. It emphasized the thin line between legitimate campaigning and manipulative disinformation, while offering guidance for detection and prevention.

Key Takeaways

• Massive data pipelines: Political entities leverage commercial data brokers, social media, and breached databases to compile detailed voter profiles.

• Microtargeting risks: Precision targeting allows tailored messaging to exploit individual biases, often without public accountability.

• Foreign interference parallels: Tactics mirror those used in past foreign election meddling, including content amplification and narrative shaping.

• Regulatory gaps: Data privacy laws remain inconsistent, leaving loopholes that enable abuse in political campaigns.

• Disinformation crossover: Personal data enables more believable and effective disinformation campaigns.

• Defensive measures: Greater transparency in campaign data practices, stronger privacy legislation, and improved detection tools are key to reducing abuse.

Firewalls Under Fire: China’s 5+ Year Campaign to Penetrate Perimeter Network Defenses - Rating 10/10

This session provided an in-depth analysis of a long-running Chinese state-sponsored campaign targeting enterprise firewall and VPN appliances. The presenters walked through intrusion timelines, toolsets, and infrastructure used to exploit zero-day and N-day vulnerabilities in perimeter devices. The talk combined technical detail with strategic context, showing how these attacks fit into broader espionage operations.

Key Takeaways

• Persistent targeting: The campaign has been active for over five years, with a focus on compromising perimeter defenses before moving laterally.

• Vendor-agnostic attacks: Multiple vendors’ products were targeted, including well-known firewall and VPN platforms.

• Exploitation chain: Operations often started with zero-day exploitation, followed by deployment of custom implants to maintain long-term access.

• Stealth and evasion: Attackers used “living off the land” techniques and avoided noisy malware to reduce detection risk.

• Operational objectives: The campaign appears focused on intelligence collection, not immediate disruption.

• Defensive actions: Regular patching of perimeter devices, aggressive monitoring of management interfaces, and out-of-band administration were strongly recommended.

The New Frontline: Cyber on the Precipice - Rating 8/10

This session explored how the global cyber threat landscape is shifting toward a true “frontline” role in geopolitical conflict and critical infrastructure protection. Speakers examined how cyber operations are now deeply intertwined with military, economic, and diplomatic domains. The conversation touched on state-backed threat actors, offensive cyber capabilities, and the increasing risk of escalation when cyber incidents bleed into physical consequences.

Key Takeaways

• Cyber is now a critical theater of conflict: Nation-states increasingly use cyber capabilities alongside traditional military power to project influence and disrupt rivals.

• Escalation risks are real: Cyber operations targeting critical infrastructure can trigger serious geopolitical consequences.

• Private sector as first responders: Companies, especially in sectors like energy, finance, and telecom, are on the “frontline” for detecting and mitigating nation-state threats.

• Public-private coordination is essential: Effective defense against advanced threats requires intelligence sharing, trust, and joint exercises between governments and industry.

• Cyber deterrence remains underdeveloped: Unlike conventional warfare, there is no universally accepted framework for deterrence in cyberspace.

Evil Digital Twin: The Next Generation of Wireless Threats - Rating 10/10

This session dove into the emerging threat of “Evil Digital Twin” attacks, where adversaries set up rogue wireless access points that perfectly mimic legitimate networks. Unlike basic Evil Twin attacks, these leverage advanced spoofing techniques, protocol manipulation, and even AI-driven signal optimization to evade detection. The presenters demonstrated how attackers can seamlessly insert themselves between users and trusted networks to harvest credentials, inject payloads, and monitor traffic.

Key Takeaways

• Next-gen Evil Twin attacks are stealthier: By perfectly replicating SSIDs, encryption settings, and signal patterns, attackers can fool even advanced detection tools.

• Target-rich environments: Conferences, airports, hotels, and enterprise campuses are prime hunting grounds due to high device density and trust in known networks.

• AI-assisted attack optimization: Machine learning can be used to automatically adjust signal strength and parameters to outcompete legitimate access points.

• Credential and session hijacking: Once connected, victims are vulnerable to stolen credentials, session cookies, and malicious payload injection.

• Defense requires layered detection: Organizations should combine wireless intrusion detection, network segmentation, and strong user education to counter the threat.

How to Secure a Unique Ecosystem Shipping 1 Billion+ Cores - Rating 6/10

This session explored the massive security challenge of protecting an ecosystem that ships over a billion processor cores annually. The speaker detailed the complexity of securing hardware, firmware, and software across diverse industries, including automotive, industrial control, and consumer electronics. The discussion highlighted how scale introduces unique attack surfaces, supply chain risks, and maintenance burdens — all while customers demand performance and low power consumption.

Key Takeaways

• Scale magnifies risk: Securing billions of cores means vulnerabilities have unprecedented reach and potential impact.

• Ecosystem diversity is a challenge: Supporting multiple industries and device types requires adaptable security architectures.

• Secure-by-design is critical: Embedding protections like secure boot, hardware root of trust, and encrypted firmware is essential from the earliest design stages.

• Supply chain security is non-negotiable: Vetting third-party IP, verifying firmware integrity, and securing manufacturing lines are critical steps.

• Continuous monitoring and patching: Long product lifecycles demand a strategy for delivering security updates over years or even decades.

Training Specialist Models: Automating Malware Development - Rating 9/10

This briefing showcased DANTE (Deep Adversarial Network for Threat Evasion), a proof-of-concept framework designed to train specialist AI models for malware generation and adaptation. The presenters demonstrated how DANTE fine-tunes models on specific malware families, enabling automated creation of polymorphic code, evasive payloads, and even on-the-fly adaptation to defensive measures. While the project was red-teamed and responsibly disclosed, it highlighted how AI could lower the skill barrier for cybercriminals and accelerate the pace of offensive cyber operations.

Key Takeaways

• Lowering the barrier to entry: With DANTE, attackers with minimal skills could create functional, complex malware.

• Polymorphism at scale: DANTE-trained models can endlessly rewrite code to bypass static detection.

• Adaptive evasion: The system can automatically adjust payloads after encountering sandboxes, antivirus, or EDR defenses.

• Rich training data: Public malware repos, leaked code, and underground sources feed these models.

• Dual-use risk: While built for research, DANTE underscores the urgent need to prepare for AI-generated threats.

That wraps up our Black Hat 2025 recap. From the opening keynotes to deep technical dives, this year’s event delivered a mix of cutting-edge research, practical insights, and thought-provoking discussions. Whether it was exploring the evolving AI landscape, uncovering new threat actor tactics, or swapping stories over dinner, the week offered plenty to bring back to our teams and community. Thanks for scrolling through this long recap, we will see you at the next one.