DEF CON 33 Recap

I attended DEF CON 33 this year in Las Vegas and want to share a recap of my experiences and insights from the event. Whether you’re a seasoned security practitioner or just DEF CON-curious, I hope this gives you a helpful window into what goes on at one of the world’s largest hacker conferences.

🎯 Why I Attended

I went into DEF CON this year with a few goals in mind:

1️⃣ Stay up-to-date on emerging threats.

2️⃣ Find practical inspiration for security workflows at my organization.

3️⃣ Catch up with old friends and colleagues.

🔍 Favorite Talks & Villages

Talks

  • Amplifying Phishing Attacks with Generative AI

    • Speaker: Daniel Marques

    • What it was about: This talk examined how AI allows threat actors to automate key phases of phishing campaigns, including initial reconnaissance, crafting targeted communications, and establishing attack infrastructure.

    • Why it stood out: Threat actors can now easily scale and customize phishing campaigns using AI, which was previously more challenging with manual methods.

  • Zero Trust, Total Bust - Breaking into thousands of cloud-based VPNs with one bug

    • Speaker: David Cash & Rich Warren

    • What it was about: This talk highlighted how Zero Trust Network Access (ZTNA) solutions were exploited to bypass authentication, spoof device posture checks, and escalate privileges.

    • Why it stood out: This presentation aimed to highlight the vendor flaws of Zero Trust solutions. Do not inherently trust your Zero Trust solution; always monitor logs and keep your infrastructure updated.

Villages

  • Red Team Village

    • I learned about some new red team tools and methodologies I can leverage for an upcoming internal red team exercise.

  • Physical Security Village

    • This year I volunteered for the Physical Security Village and gained extensive knowledge of lock bypass techniques.

🔒 Practical Takeaways

Here are a few ideas or trends that stood out to me during the conference:

  • Teams should consider leveraging AI more to perform Log Analysis.

  • Prompt injections will become more prevalent with LLM adoption.

  • AI is enabling threat actors to launch hyper personalized, convincing, and adaptive phishing campaigns.

👀 Noteworthy Quotes

  • Sources for these quotes were smart folks at a happy hour I attended, but I didn’t catch their names.

We don’t have true artificial intelligence; we have a system skilled in pattern recognition that can provide relevant information.
Attackers have traditionally held the advantage in security, moving quickly and adapting swiftly. However, defenders using AI and automation are shifting this narrative.

💭 Final Thoughts

This was my fourth DEF CON and it’s always a bit overwhelming—in the best way. It’s a reminder of the creativity, curiosity, and persistence that defines the security community. Whether you’re trying to break things or protect them, it’s all about asking better questions.

I'm happy to chat more about anything I mentioned—or didn’t. If you're curious about any part of the experience, send me an email.

📸 Bonus: Photo Dump