Security & Privacy

Highlights from RSA Conference 2023: AI, Malware, and More

Posted on by

In April, I had the opportunity to attend RSA Conference 2023 in San Francisco. RSA Conference (RSAC for short) is an annual convention, exhibition, and gathering place for cybersecurity practitioners. Named after cryptographers Rivest, Shamir, and Adleman, RSA Conference has expanded to cover a wide range of information security topics. This year was the 32nd annual RSAC event.

I attended as many keynotes and talks as I could, and browsed the expo halls and booths. As always, my focus was to find the things that were most relevant to the Apple ecosystem.

Here are my top takeaways from RSA Conference 2023.

In this article:

All eyes on AI

Unsurprisingly, much of the conversation at RSAC this year revolved around artificial intelligence (AI). Since the public launch of ChatGPT in November, and with other technologies like Midjourney making a big splash, everyone wants to know how AI could hinder or help the cybersecurity space.

One of the most important annual presentations was the SANS Institute panel, “The Five Most Dangerous New Attack Techniques.” One of the presenters this year was Stephen Sims, who focuses on offensive operations. Sims emphasized how AI and machine learning (ML) can be used from an attacker’s perspective. Since ChatGPT’s public release, Sims has been experimenting with using it to find zero-day vulnerabilities and to write malware.

Leveraging ChatGPT to write malware

Sims talked about how an attacker could, at first, leverage ChatGPT to write malware with little to no finagling; ask and ye shall receive. But OpenAI, the company behind ChatGPT, quickly put up guardrails to prevent such queries. Ever since, there has been a cat-and-mouse game between OpenAI and users who come up with increasingly clever ways to trick or “jailbreak” ChatGPT to get it to do whatever they want. (I wrote about this topic back in February, including about ChatGPT’s alter ego, DAN: “Do Anything Now.”)

Then Sims also explained how, by cleverly re-asking questions, users can often trick ChatGPT into providing potentially malicious code. Why? Ultimately, it boils down to what I mentioned in February: Good or evil intent is difficult for an AI to determine. Like any tool, computer code can be used to benefit us or to cause harm. Users can get ChatGPT to provide code that could potentially be used for harmful purposes, simply by asking in a way that sounds like it’s for a positive use case. And thus, one can use AI itself for benevolent or malicious purposes.

ChatGPT can find zero-day vulnerabilities

Finally, Sims spoke about how a threat actor can input code into ChatGPT, and ask it to find potentially exploitable code segments. One can use this technique to find previously undiscovered (zero-day) vulnerabilities. A user can either provide this information to the product’s maker (ideally to receive a bug bounty), or to a vulnerability broker, or directly to a government agency or a black-market buyer. Of course, some of those options may be ethically questionable from a certain viewpoint. But in any case, a knowledgeable AI wrangler (or AI sherpa, if you prefer) can potentially earn a lot of money with AI’s assistance.

Skoudis, Nickels, Ullrich, Sims, and Mahalik at the SANS panel, The Five Most Dangerous New Attack Techniques. Photo: RSAC.

Using ChatGPT for more effective phishing

Heather Mahalik focused on how attackers can use ChatGPT for social engineering. Attackers can leverage ChatGPT (and other AI technologies) to defraud or manipulate their targets, for example to develop much more convincing phishing campaigns. Imagine that English isn’t your native language and you don’t write it very well, but your target is highly fluent in English. In that scenario, it might be difficult to write a convincing phishing message, even using existing technology like Google Translate. However, ChatGPT takes things to a whole new level. With a clever prompt or two, you can get ChatGPT to write a very convincing phishing e-mail, text message, or even a series of messages. Thanks to AI, attackers can now have a much higher probability of successfully scamming or deceiving victims than ever before.

Mitigating Mac malware

I was pleasantly surprised that RSAC hosted three different presentations focusing on Mac malware. (Three out of 350 sessions isn’t a lot, percentage-wise, but RSAC often only hosts one presentation that’s specifically about macOS malware.)

On the first day of RSAC 2023, Patrick Wardle gave a presentation titled “Making oRAT Go …Further” (video | slides PDF). In this re-hash of his Objective by the Sea v5.0 talk, Wardle explained how he reverse-engineered a macOS remote access Trojan (RAT) written in the Go programming language. (Intego previously discussed oRAT in our article on the top 20 most notable Mac malware threats of 2022.)

Later in the week, Jaron Bradley and Matt Benyo presented “macOS Behavioral Detections Using Apple Endpoint Security API” (video | slides PDF). Among other things, they discussed various techniques that threat actors use to try to evade detection that can, in some cases, be used to generically detect malware. For example, a lot of malware tries to disguise its method of persistence (LaunchAgent or LaunchDaemon) using a filename starting with but lacking Apple’s code signature.

Bradley and Benyo also discussed how malware has been able to exploit past vulnerabilities to bypass Gatekeeper or TCC. This serves as a good reminder of the necessity of keeping macOS on the latest version at all times. Older macOS versions get limited patches, but thankfully there are ways to run the latest macOS on much older hardware than Apple officially supports.

Advanced threat actors have been increasingly targeting macOS

Last but not least, Dmitry Bestuzhev and Ismael Valenzuela Espejo presented “macOS: Tracking High Profile Targeted Attacks, Threat Actors & TTPs” (video). (TTPs is short for tactics, techniques, and procedures.) They spoke about advanced persistent threats (APT groups). One of those emphasized was Lazarus Group, specifically its 2018 AppleJeus campaign and its 2023 supply chain attack on 3CX VoIP software for Mac. Bestuzhev and Valenzuela also talked about XLoader malware from 2021 and the non-functional LockBit ransomware from 2023. Finally, they wrapped up by talking about some ways that organizations can try to defend themselves from such attacks.

Software supply chain attacks

More than a dozen presentations focused on the recent increase in software supply chain attacks. We mentioned one common supply chain attack method multiple times in our coverage of the Mac malware of 2022: typosquatting. Two separate attacks in May (CrateDepression and Pymafka), and a third attack in December (SentinelSneak), leveraged such a technique. These attacks tried to prey on developers who might mistype, or in some other way encounter, a malicious software repository with a very similar name to the legitimate repository. In some cases, the goal of these attacks may be to directly target developers and their systems. In other cases, the intent may be to further spread malware via those developers’ reuse of infected code.

RSAC talks on supply chain attacks

Following are just a couple of examples of RSAC presentations that focused on supply chain attacks.

Charlie Jones presented about “The Rise of Malware Within the Software Supply Chain” (video | slides PDF). He primarily focused on maliciously injected code in open-source components and third-party libraries.

Later, Ilay Holdman and Yakir Kadkoda presented about “Exploiting Vulnerabilities and Flaws to Attack [the] Supply Chain” (video | slides PDF). In part, they focused on how malicious software can be a nearly identical lookalike to genuine software in a repository. Even a fairly thorough examination of a package doesn’t always give any obvious clues that it’s a malicious lookalike.

Holdman and Kadkoda also discussed a technique called repojacking. If a legitimate developer renames their organization in a code repository, it could cause an intentional URL change. Until late 2022, GitHub allowed other developers to re-use old organization names. This enabled malicious third parties to steal a legitimate organization’s previous URL path. Thus, malicious code could end up at the exact-same URL where the legitimate code once was.

Other noteworthy topics and presentations

The Five Most Dangerous New Attack Techniques

As I mentioned earlier, The Five Most Dangerous New Attack Techniques (video) is always one of the most interesting panels of the conference. Ed Skoudis moderated the panel, and Katie Nickels, Johannes Ullrich, Stephen Sims, and Heather Mahalik shared the five attacks.

Nickels talked about the increasing prevalence of malicious search engine optimization (SEO) and malicious ads (malvertising).

Ullrich spoke about ways that developers are increasingly being targeted (such as the software supply chain attacks mentioned above).

Sims and Mahalik explained how attackers can use AI to develop malware, discover vulnerabilities, or develop more effective phishing campaigns (as discussed earlier).

The Cryptographers’ Panel

Another annual RSAC feature is The Cryptographers’ Panel (video). This year, Whitfield Diffie (known for the Diffie-Hellman key exchange protocol) led the discussion. He was joined by Adi Shamir (the “S” of RSA), as well as Anne Dames, Clifford Cocks, and Radia Perlman.

Diffie, Shamir, Dames, Cocks, and Perlman at The Cryptographers’ Panel. Photo: RSAC.

This year, the cryptographers’ panel discussed topics including how quantum computing may impact cryptography and security in general. (As a fun aside, by chance I happened to have the opportunity to watch this panel with Bruce Schneier, another noted cryptographer.)

Celebrity presenters

Each year, some of the keynote presentations and interviews include folks who aren’t necessarily known for cybersecurity, but have interesting things to share. My favorite from this year was Christopher Lloyd, who played Doc Brown in the Back to the Future movies; his interview closed out the conference.

I also enjoyed the thoughts shared by Dr․ Michio Kaku, a theoretical physicist and futurist; here is an excerpt from his presentation.

Presentations on miscellaneous topics

Other notable presentations included:

An interesting product: a wearable ring for biometric MFA

After browsing all the vendor booths at RSA Conference, one product stood out to me personally as one of the most unique and innovative. (To be clear, this is not a sponsor or a paid endorsement.)

A company called Token showed off its “Token Ring” biometric multi-factor authentication (MFA) product. As the name implies, it’s a wearable ring. (“Token Ring” was also the name of a networking technology in the 1980s.)

The inside of the ring has a fingerprint sensor to first confirm the wearer’s identity, and then the ring slips onto the finger. Until the ring is removed, it continues to behave as a FIDO-compliant multifactor authentication token. The booth representative claimed that it’s very difficult to pull off a “ring swap,” where an attacker pulls the ring from a victim’s finger onto their own without breaking the connection. It’s quite an interesting concept, in theory. I did not get to personally test the product.

Token Ring, a biometric MFA product. Image: Token.

Theoretically more secure and convenient than a YubiKey

One can attach typical FIDO dongles (like a YubiKey) to a keyring, where they may become scratched or damaged. Worse, some people keep their FIDO dongles loose, leaving them more prone to getting lost or stolen. But a wearable ring could potentially solve both of those problems.

The biometric aspect makes it all the more compelling—again, in theory. It’s not just “something you have,” like most 2FA dongles; it also verifies “something you are.” The company claims that the ring can operate for up to 20 hours on a single charge, which should make it practical for all-day use.

Unfortunately, the product is not available to consumers; Token only sells is ring to organizations. According to the booth representative, the Ring was originally conceived as a consumer product, but it didn’t catch on in that market.

I hope we’ll soon see other competitors in this space, with products available to consumers. I like the idea of a FIDO-compliant, biometric MFA product that can be worn conveniently and naturally. Perhaps Yubico and other major players in this space will take notice and develop such a product.

How can I learn more?

For lots more videos more RSA Conference presentations, check out the RSAC YouTube channel.

We discussed a few of my takeaways from RSAC 2023 on episode 290 of the Intego Mac Podcast. Read the transcript or listen to learn more.

Each week on the Intego Mac Podcast, Intego’s Mac security experts discuss the latest Apple news, including security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to follow the podcast to make sure you don’t miss any episodes.

You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: Follow Intego on Twitter Follow Intego on Facebook Follow Intego on YouTube Follow Intego on Pinterest Follow Intego on LinkedIn Follow Intego on Instagram Follow the Intego Mac Podcast on Apple Podcasts

About Joshua Long

Joshua Long (@theJoshMeister), Intego's Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master's degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple ID authentication vulnerability. Josh has conducted cybersecurity research for more than 25 years, which has often been featured by major news outlets worldwide. Look for more of Josh's articles at and follow him on X/Twitter, LinkedIn, and Mastodon. View all posts by Joshua Long →