{"id":98099,"date":"2023-05-31T07:29:08","date_gmt":"2023-05-31T14:29:08","guid":{"rendered":"https:\/\/www.intego.com\/mac-security-blog\/?p=98099"},"modified":"2023-06-09T11:52:50","modified_gmt":"2023-06-09T18:52:50","slug":"highlights-from-rsa-conference-2023-ai-malware-and-more","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/","title":{"rendered":"Highlights from RSA Conference 2023: AI, Malware, and More"},"content":{"rendered":"<p><img loading=\"lazy\" class=\"size-full wp-image-98103 aligncenter\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-600x300-1.jpg\" alt=\"\" width=\"1000\" height=\"500\" \/><\/p>\n<p>In April, I had the opportunity to attend RSA Conference 2023 in San Francisco. <a href=\"https:\/\/www.rsaconference.com\/\" target=\"_blank\" rel=\"noopener\">RSA Conference<\/a> (RSAC for short) is an annual convention, exhibition, and gathering place for cybersecurity practitioners. Named after cryptographers Rivest, Shamir, and Adleman, RSA Conference has expanded to cover a wide range of information security topics. This year was the 32nd annual RSAC event.<\/p>\n<p>I attended as many keynotes and talks as I could, and browsed the expo halls and booths. As always, my focus was to find the things that were most relevant to the Apple ecosystem.<\/p>\n<p>Here are my top takeaways from RSA Conference 2023.<\/p>\n<p><em>In this article:<\/em><\/p>\n<ul>\n<li><a href=\"#ai\">All eyes on AI<\/a>\n<ul>\n<li><a href=\"#gptmal\">Leveraging ChatGPT to write malware<\/a><\/li>\n<li><a href=\"#gptvuln\">ChatGPT can find zero-day vulnerabilities<\/a><\/li>\n<li><a href=\"#gptphish\">Using ChatGPT for more effective phishing<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#macmal\">Mitigating Mac malware<\/a><\/li>\n<li><a href=\"#supply\">Software supply chain attacks<\/a><\/li>\n<li><a href=\"#noteworthy\">Other noteworthy topics and presentations<\/a>\n<ul>\n<li><a href=\"#noteworthy\">The Five Most Dangerous New Attack Techniques<\/a><\/li>\n<li><a href=\"#crypto\">The Cryptographers&#8217; Panel<\/a><\/li>\n<li><a href=\"#celeb\">Celebrity presenters<\/a><\/li>\n<li><a href=\"#misc\">Presentations on miscellaneous topics<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"#ring\">An interesting product: a ring for biometric MFA<\/a><\/li>\n<li><a href=\"#learnmore\">How can I learn more?<\/a><a name=\"ai\"><\/a><\/li>\n<\/ul>\n<h3>All eyes on AI<\/h3>\n<p>Unsurprisingly, much of the conversation at RSAC this year revolved around artificial intelligence (AI). Since the public launch of <a href=\"https:\/\/openai.com\/product\/chatgpt\" target=\"_blank\" rel=\"noopener\">ChatGPT<\/a> in November, and with other technologies like <a href=\"https:\/\/www.midjourney.com\/\" target=\"_blank\" rel=\"noopener\">Midjourney<\/a> making a big splash, everyone wants to know how AI could hinder or help the cybersecurity space.<\/p>\n<p>One of the most important annual presentations was the SANS Institute panel, &#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/The%20Five%20Most%20Dangerous%20New%20Attack%20Techniques\" target=\"_blank\" rel=\"noopener\">The Five Most Dangerous New Attack Techniques<\/a>.&#8221; One of the presenters this year was Stephen Sims, who focuses on offensive operations. Sims emphasized how AI and machine learning (ML) can be used from an attacker&#8217;s perspective. Since ChatGPT&#8217;s public release, Sims has been experimenting with using it to find zero-day vulnerabilities and to write malware.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/tOLpSjN8SFA?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p><a name=\"gptmal\"><\/a><\/p>\n<h4><strong>Leveraging ChatGPT to write malware<\/strong><\/h4>\n<p>Sims talked about how an attacker could, at first, leverage ChatGPT to write malware with little to no finagling; ask and ye shall receive. But OpenAI, the company behind ChatGPT, quickly put up guardrails to prevent such queries. Ever since, there has been a cat-and-mouse game between OpenAI and users who come up with increasingly clever ways to trick or &#8220;jailbreak&#8221; ChatGPT to get it to do whatever they want. (I wrote about this topic back in February, including about <a href=\"https:\/\/www.intego.com\/mac-security-blog\/chatgpt-is-malware-makers-new-a-i-partner-in-crime\/\">ChatGPT&#8217;s alter ego, DAN<\/a>: &#8220;Do Anything Now.&#8221;)<\/p>\n<p>Then Sims also explained how, by cleverly re-asking questions, users can often trick ChatGPT into providing potentially malicious code. Why? Ultimately, it boils down to what I mentioned in February: <strong>Good or evil intent is difficult for an AI to determine.<\/strong> Like any tool, computer code can be used to benefit us or to cause harm. Users can get ChatGPT to provide code that could potentially be used for harmful purposes, simply by asking in a way that sounds like it&#8217;s for a positive use case. And thus, one can use AI itself for benevolent or malicious purposes.<a name=\"gptvuln\"><\/a><\/p>\n<h4><strong>ChatGPT can find zero-day vulnerabilities<\/strong><\/h4>\n<p>Finally, Sims spoke about how a threat actor can input code into ChatGPT, and ask it to find potentially exploitable code segments. One can use this technique to find previously undiscovered (zero-day) vulnerabilities. A user can either provide this information to the product&#8217;s maker (ideally to receive a bug bounty), or to a vulnerability broker, or directly to a government agency or a black-market buyer. Of course, some of those options may be ethically questionable from a certain viewpoint. But in any case, a knowledgeable AI wrangler (or AI sherpa, if you prefer) can potentially earn a lot of money with AI&#8217;s assistance.<\/p>\n<div style=\"width: 810px\" class=\"wp-caption alignnone\"><a title=\"2023-04-26_Keynotes_161207\" href=\"https:\/\/www.flickr.com\/photos\/rsaconference\/52851361569\/\" data-flickr-embed=\"true\"><img loading=\"lazy\" src=\"https:\/\/live.staticflickr.com\/65535\/52851361569_4326835fae_c.jpg\" width=\"800\" height=\"534\" \/><\/a><p class=\"wp-caption-text\">Skoudis, Nickels, Ullrich, Sims, and Mahalik at the SANS panel, <a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/The%20Five%20Most%20Dangerous%20New%20Attack%20Techniques\" target=\"_blank\" rel=\"noopener\">The Five Most Dangerous New Attack Techniques<\/a>. Photo: <a href=\"https:\/\/www.flickr.com\/photos\/rsaconference\/52851361569\/\" target=\"_blank\" rel=\"noopener\">RSAC<\/a>.<a name=\"gptphish\"><\/a><\/p><\/div>\n<h4><strong>Using ChatGPT for more effective phishing<\/strong><\/h4>\n<p>Heather Mahalik focused on how attackers can use ChatGPT for social engineering. Attackers can leverage ChatGPT (and other AI technologies) to defraud or manipulate their targets, for example to develop much more convincing phishing campaigns. Imagine that English isn&#8217;t your native language and you don&#8217;t write it very well, but your target is highly fluent in English. In that scenario, it might be difficult to write a convincing phishing message, even using existing technology like Google Translate. However, ChatGPT takes things to a whole new level. With a clever prompt or two, you can get ChatGPT to write a very convincing phishing e-mail, text message, or even a series of messages. Thanks to AI, attackers can now have a much higher probability of successfully scamming or deceiving victims than ever before.<a name=\"macmal\"><\/a><\/p>\n<h3>Mitigating Mac malware<\/h3>\n<p>I was pleasantly surprised that RSAC hosted three different presentations focusing on Mac malware. (Three out of 350 sessions isn&#8217;t a lot, percentage-wise, but RSAC often only hosts one presentation that&#8217;s specifically about macOS malware.)<\/p>\n<p>On the first day of RSAC 2023, Patrick Wardle gave a presentation titled &#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/Making%20oRat%20GoFurther\" target=\"_blank\" rel=\"noopener\">Making oRAT Go \u2026Further<\/a>&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=Ml7DKLSQMhw\" target=\"_blank\" rel=\"noopener\">video<\/a> | <a href=\"https:\/\/static.rainfocus.com\/rsac\/us23\/sess\/1667832277308001vPM8\/finalwebsite\/2023_USA23_HTA-M03_01_Making-oRAT-Go-Further_1682006019961001uMhI.pdf\" target=\"_blank\" rel=\"noopener\">slides PDF<\/a>). In this re-hash of his Objective by the Sea v5.0 talk, Wardle explained how he reverse-engineered a macOS remote access Trojan (RAT) written in the Go programming language. (Intego <a href=\"https:\/\/www.intego.com\/mac-security-blog\/20-top-apple-malware-threats-in-2022\/#apr\" target=\"_blank\" rel=\"noopener\">previously discussed oRAT<\/a> in our article on the <a href=\"https:\/\/www.intego.com\/mac-security-blog\/20-top-apple-malware-threats-in-2022\/\">top 20 most notable Mac malware threats of 2022<\/a>.)<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/Ml7DKLSQMhw?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p>Later in the week, Jaron Bradley and Matt Benyo presented &#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/MacOS%20Behavioral%20Detections%20using%20Apple%20ESF%20Endpoint%20Security%20Framework\" target=\"_blank\" rel=\"noopener\">macOS Behavioral Detections Using Apple Endpoint Security API<\/a>&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=Qj_YXwxrD1c\" target=\"_blank\" rel=\"noopener\">video<\/a> | <a href=\"https:\/\/static.rainfocus.com\/rsac\/us23\/sess\/1665000412782001UMSJ\/finalwebsite\/2023_USA23_TECH-W02_01_MacOS-Behavioral-Detections-using-Apple-Endpoint-Security-API_1682538101021001bVSm.pdf\" target=\"_blank\" rel=\"noopener\">slides PDF<\/a>). Among other things, they discussed various techniques that threat actors use to try to evade detection that can, in some cases, be used to generically detect malware. For example, a lot of malware tries to disguise its method of persistence (LaunchAgent or LaunchDaemon) using a filename starting with <code>com.apple<\/code> but lacking Apple&#8217;s code signature.<\/p>\n<p>Bradley and Benyo also discussed how malware has been able to exploit past vulnerabilities to bypass <a href=\"https:\/\/www.intego.com\/mac-security-blog\/topic\/gatekeeper\/\">Gatekeeper<\/a> or <a href=\"https:\/\/www.intego.com\/mac-security-blog\/new-top-level-domains-zip-and-mov-geacon-malware-and-goggle-to-delete-dormant-accounts\/#:~:text=TCC%20stands%20for\">TCC<\/a>. This serves as a good reminder of the necessity of keeping macOS on the latest version at all times. <a href=\"https:\/\/www.intego.com\/mac-security-blog\/apples-poor-patching-policies-potentially-make-users-security-and-privacy-precarious\/\">Older macOS versions get limited patches<\/a>, but thankfully there are ways to <a href=\"https:\/\/www.intego.com\/mac-security-blog\/how-to-keep-older-macs-secure-a-geeky-approach\/\">run the latest macOS on much older hardware<\/a> than Apple officially supports.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/Qj_YXwxrD1c?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<h4><strong>Advanced threat actors have been increasingly targeting macOS<\/strong><\/h4>\n<p>Last but not least, Dmitry Bestuzhev and Ismael Valenzuela Espejo presented &#8220;macOS: Tracking High Profile Targeted Attacks, Threat Actors &amp; TTPs&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=_v8Df8sFnnA\" target=\"_blank\" rel=\"noopener\">video<\/a>). (TTPs is short for tactics, techniques, and procedures.) They spoke about advanced persistent threats (APT groups). One of those emphasized was <a href=\"https:\/\/www.intego.com\/mac-security-blog\/topic\/lazarus-group\/\">Lazarus Group<\/a>, specifically its <a href=\"https:\/\/www.intego.com\/mac-security-blog\/operation-applejeus-and-osxlazarus-rise-of-a-mac-apt\/\">2018 AppleJeus campaign<\/a> and its <a href=\"https:\/\/www.intego.com\/mac-security-blog\/smoothoperator-3cx-voip-app-spreads-mac-malware-by-lazarus-group-apt\/\">2023 supply chain attack on 3CX VoIP software for Mac<\/a>. Bestuzhev and Valenzuela also talked about XLoader malware from 2021 and the <a href=\"https:\/\/www.intego.com\/mac-security-blog\/sideloading-on-ios-lockbit-ransomware-on-mac-and-zero-day-chrome-vulnerabilities-intego-mac-podcast-episode-288\/\">non-functional LockBit ransomware from 2023<\/a>. Finally, they wrapped up by talking about some ways that organizations can try to defend themselves from such attacks.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/_v8Df8sFnnA?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p><a name=\"supply\"><\/a><\/p>\n<h3>Software supply chain attacks<\/h3>\n<p>More than a dozen presentations focused on the recent increase in software supply chain attacks. We mentioned one common supply chain attack method multiple times in our coverage of <a href=\"https:\/\/www.intego.com\/mac-security-blog\/20-top-apple-malware-threats-in-2022\/\" target=\"_blank\" rel=\"noopener\">the Mac malware of 2022<\/a>: typosquatting. Two separate attacks in <a href=\"https:\/\/www.intego.com\/mac-security-blog\/20-top-apple-malware-threats-in-2022\/#may\">May<\/a> (CrateDepression and Pymafka), and a third attack in <a href=\"https:\/\/www.intego.com\/mac-security-blog\/20-top-apple-malware-threats-in-2022\/#dec\">December<\/a> (SentinelSneak), leveraged such a technique. These attacks tried to prey on developers who might mistype, or in some other way encounter, a malicious software repository with a very similar name to the legitimate repository. In some cases, the goal of these attacks may be to directly target developers and their systems. In other cases, the intent may be to further spread malware via those developers&#8217; reuse of infected code.<\/p>\n<h4><strong>RSAC talks on supply chain attacks<\/strong><\/h4>\n<p>Following are just a couple of examples of RSAC presentations that focused on supply chain attacks.<\/p>\n<p>Charlie Jones presented about &#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/The%20Rise%20of%20Malware%20Within%20the%20Software%20Supply%20Chain\" target=\"_blank\" rel=\"noopener\">The Rise of Malware Within the Software Supply Chain<\/a>&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=Y-IVXsyAFPA\" target=\"_blank\" rel=\"noopener\">video<\/a> | <a href=\"https:\/\/static.rainfocus.com\/rsac\/us23\/sess\/1665409017634001AS0i\/finalwebsite\/2023_USA23_HT-R01_01_The-Rise-of-Malware-Within-the-Software-Supply-Chain_1681999231597001OUd3.pdf\" target=\"_blank\" rel=\"noopener\">slides PDF<\/a>). He primarily focused on maliciously injected code in open-source components and third-party libraries.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/Y-IVXsyAFPA?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p>Later, Ilay Holdman and Yakir Kadkoda presented about &#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/Exploiting%20Vulnerabilities%20and%20Flaws%20to%20Attack%20Supply%20Chain\" target=\"_blank\" rel=\"noopener\">Exploiting Vulnerabilities and Flaws to Attack [the] Supply Chain<\/a>&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=TuXrbjkoRbo\" target=\"_blank\" rel=\"noopener\">video<\/a> | <a href=\"https:\/\/static.rainfocus.com\/rsac\/us23\/sess\/1664812929316001dDVD\/finalwebsite\/2023_USA23_DAS-R05_01_Exploiting_Vulnerabilities_and_Flaws_to_Attack_Supply_Chain_1682357930722001Ynx6.pdf\" target=\"_blank\" rel=\"noopener\">slides PDF<\/a>). In part, they focused on how malicious software can be a nearly identical lookalike to genuine software in a repository. Even a fairly thorough examination of a package doesn&#8217;t always give any obvious clues that it&#8217;s a malicious lookalike.<\/p>\n<p>Holdman and Kadkoda also discussed a technique called repojacking. If a legitimate developer renames their organization in a code repository, it could cause an intentional URL change. Until late 2022, GitHub allowed other developers to re-use old organization names. This enabled malicious third parties to steal a legitimate organization&#8217;s previous URL path. Thus, malicious code could end up at the exact-same URL where the legitimate code once was.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/TuXrbjkoRbo?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p><a name=\"noteworthy\"><\/a><\/p>\n<h3>Other noteworthy topics and presentations<\/h3>\n<h4><strong>The Five Most Dangerous New Attack Techniques<\/strong><\/h4>\n<p>As I mentioned earlier, <a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/The%20Five%20Most%20Dangerous%20New%20Attack%20Techniques\" target=\"_blank\" rel=\"noopener\">The Five Most Dangerous New Attack Techniques<\/a> (<a href=\"https:\/\/www.youtube.com\/watch?v=tOLpSjN8SFA\" target=\"_blank\" rel=\"noopener\">video<\/a>) is always one of the most interesting panels of the conference. Ed Skoudis moderated the panel, and Katie Nickels, Johannes Ullrich, Stephen Sims, and Heather Mahalik shared the five attacks.<\/p>\n<p>Nickels talked about the increasing prevalence of malicious search engine optimization (SEO) and malicious ads (malvertising).<\/p>\n<p>Ullrich spoke about ways that developers are increasingly being targeted (such as the software supply chain attacks mentioned above).<\/p>\n<p><a name=\"crypto\"><\/a>Sims and Mahalik explained how attackers can use AI to develop malware, discover vulnerabilities, or develop more effective phishing campaigns (<a href=\"#ai\">as discussed earlier<\/a>).<\/p>\n<h4><strong>The Cryptographers&#8217; Panel<\/strong><\/h4>\n<p>Another annual RSAC feature is <a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/The%20Cryptographers%20Panel\" target=\"_blank\" rel=\"noopener\">The Cryptographers&#8217; Panel<\/a> (<a href=\"https:\/\/www.youtube.com\/watch?v=qtB4BvH0_YY\" target=\"_blank\" rel=\"noopener\">video<\/a>). This year, <a href=\"https:\/\/en.wikipedia.org\/wiki\/Whitfield_Diffie\" target=\"_blank\" rel=\"noopener\">Whitfield Diffie<\/a> (known for the Diffie-Hellman key exchange protocol) led the discussion. He was joined by <a href=\"https:\/\/en.wikipedia.org\/wiki\/Adi_Shamir\" target=\"_blank\" rel=\"noopener\">Adi Shamir<\/a> (the &#8220;S&#8221; of RSA), as well as <a href=\"https:\/\/www.rsaconference.com\/experts\/anne-dames\" target=\"_blank\" rel=\"noopener\">Anne Dames<\/a>, <a href=\"https:\/\/en.wikipedia.org\/wiki\/Clifford_Cocks\" target=\"_blank\" rel=\"noopener\">Clifford Cocks<\/a>, and <a href=\"https:\/\/en.wikipedia.org\/wiki\/Radia_Perlman\" target=\"_blank\" rel=\"noopener\">Radia Perlman<\/a>.<\/p>\n<div style=\"width: 810px\" class=\"wp-caption alignnone\"><a title=\"2023-04-25_Keynotes_114608\" href=\"https:\/\/www.flickr.com\/photos\/rsaconference\/52848837890\/in\/photostream\/\" data-flickr-embed=\"true\"><img loading=\"lazy\" src=\"https:\/\/live.staticflickr.com\/65535\/52848837890_989b0a6219_c.jpg\" width=\"800\" height=\"382\" \/><\/a><p class=\"wp-caption-text\">Diffie, Shamir, Dames, Cocks, and Perlman at <a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/The%20Cryptographers%20Panel\" target=\"_blank\" rel=\"noopener\">The Cryptographers&#8217; Panel<\/a>. Photo: <a href=\"https:\/\/www.flickr.com\/photos\/rsaconference\/52848837890\/\" target=\"_blank\" rel=\"noopener\">RSAC<\/a>.<\/p><\/div>\n<p>This year, the cryptographers&#8217; panel discussed topics including <a href=\"https:\/\/www.intego.com\/mac-security-blog\/how-quantum-computing-will-affect-computer-security-and-passwords\/\">how quantum computing may impact cryptography and security<\/a> in general. (As a fun aside, by chance I happened to have the opportunity to watch this panel with <a href=\"https:\/\/www.rsaconference.com\/experts\/bruce-schneier\" target=\"_blank\" rel=\"noopener\">Bruce Schneier<\/a>, another <a href=\"https:\/\/en.wikipedia.org\/wiki\/Bruce_Schneier\" target=\"_blank\" rel=\"noopener\">noted cryptographer<\/a>.)<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/qtB4BvH0_YY?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p><a name=\"celeb\"><\/a><\/p>\n<h4><strong>Celebrity presenters<\/strong><\/h4>\n<p>Each year, some of the keynote presentations and interviews include folks who aren&#8217;t necessarily known for cybersecurity, but have interesting things to share. My favorite from this year was Christopher Lloyd, who played Doc Brown in the Back to the Future movies; his interview closed out the conference.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/kIfWk4Xq13k?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p>I also enjoyed the thoughts shared by Dr\u2024 Michio Kaku, a theoretical physicist and futurist; here is an excerpt from his presentation.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe loading=\"lazy\" class=\"youtube-player\" width=\"640\" height=\"360\" src=\"https:\/\/www.youtube.com\/embed\/mf8PfFHl95Y?version=3&#038;rel=1&#038;showsearch=0&#038;showinfo=1&#038;iv_load_policy=1&#038;fs=1&#038;hl=en-US&#038;autohide=2&#038;wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation\"><\/iframe><\/span><\/p>\n<p><a name=\"misc\"><\/a><\/p>\n<h4><strong>Presentations on miscellaneous topics<\/strong><\/h4>\n<p>Other notable presentations included:<\/p>\n<ul>\n<li>A talk on &#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/Protecting%20the%20Organization%20The%20Psychology%20of%20Social%20Engineering\" target=\"_blank\" rel=\"noopener\">The Psychology of Social Engineering<\/a>&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=XEJRIhAwHoY\" target=\"_blank\" rel=\"noopener\">video<\/a> | <a href=\"https:\/\/static.rainfocus.com\/rsac\/us23\/sess\/1670967617068001xI7d\/finalwebsite\/2023_USA23_SBX7-R02_01_Protecting_the_Organization_The_Psychology_of_Social_Engineering_1682009260248001x0Z5.pdf\" target=\"_blank\" rel=\"noopener\">slides PDF<\/a>) by Rachael Tubbs<\/li>\n<li>A talk on <a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/The%20Old%20is%20New%20Again%20An%20Intro%20to%20SMS%20Security%20and%20Why%20Its%20Vital\" target=\"_blank\" rel=\"noopener\">SMS phishing scams<\/a> or SMiShing (<a href=\"https:\/\/www.youtube.com\/watch?v=521YcCokiao\" target=\"_blank\" rel=\"noopener\">video<\/a> | <a href=\"https:\/\/static.rainfocus.com\/rsac\/us23\/sess\/1665588247896001y8Tz\/finalwebsite\/2023_USA23_CDCP-R05_01_The_Old_is_New_Again_An_Intro_to_SMS_Security_and_Why_It%E2%80%99s_Vital__1682447178696001n6IU.pdf\" target=\"_blank\" rel=\"noopener\">slides PDF<\/a>) by Fabio Bottan<\/li>\n<li>&#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/If%20Its%20Smart%20Its%20Vulnerable\" target=\"_blank\" rel=\"noopener\">If It&#8217;s Smart, It&#8217;s Vulnerable<\/a>&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=4TCQgf5ue5o\" target=\"_blank\" rel=\"noopener\">audio<\/a>), a discussion with <a href=\"https:\/\/en.wikipedia.org\/wiki\/Mikko_Hypp%C3%B6nen\" target=\"_blank\" rel=\"noopener\">Mikko Hypp\u00f6nen<\/a> about &#8220;smart home&#8221; technologies and more<\/li>\n<li>&#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/Passkeys%20The%20Good%20the%20Bad%20and%20the%20Ugly\" target=\"_blank\" rel=\"noopener\">Passkeys: The Good, the Bad and the Ugly<\/a>&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=knrEje81f68\" target=\"_blank\" rel=\"noopener\">video<\/a> | <a href=\"https:\/\/static.rainfocus.com\/rsac\/us23\/sess\/1664904573645001yxxT\/finalwebsite\/2023_USA23_IDY-T02_01_Passkeys_The_Good_the_Bad_and_the_Ugly_1682028196735001TmFN.pdf\" target=\"_blank\" rel=\"noopener\">slides PDF<\/a>), an overview of the technology by <a href=\"https:\/\/www.rsaconference.com\/experts\/christiaan-brand\" target=\"_blank\" rel=\"noopener\">Christiaan Brand<\/a>\n<ul>\n<li>See also our Intego article, &#8220;<a href=\"https:\/\/www.intego.com\/mac-security-blog\/what-are-passkeys-and-how-do-they-work\/\">What are Passkeys, and how to do they work?<\/a>&#8220;<\/li>\n<\/ul>\n<\/li>\n<li>&#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/Corporate%20Reputation%20Attacks%20Dissecting%20the%20Latest%20Job%20Offer%20Scams\" target=\"_blank\" rel=\"noopener\">Corporate Reputation Attacks: Dissecting the Latest Job Offer Scams<\/a>&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=h5lTM2lh2vU\" target=\"_blank\" rel=\"noopener\">video<\/a> | <a href=\"https:\/\/static.rainfocus.com\/rsac\/us23\/sess\/1664922289578001YlQR\/finalwebsite\/2023_USA23_HUM-R05_01_Corporate-Reputation-Attacks_1682445524527001bpKi.pdf\" target=\"_blank\" rel=\"noopener\">slides PDF<\/a>) presented by James Nitterauer\n<ul>\n<li>I had expect this to be a presentation about <a href=\"https:\/\/www.intego.com\/mac-security-blog\/20-top-apple-malware-threats-in-2022\/#:~:text=Lazarus%20Group%20resurfaces%20with%20Operation%20In(ter)ception\">the Lazarus Group&#8217;s Operation In(ter)ception malware<\/a>; instead, it was about fraudsters registering lookalike domains and impersonating companies to gather r\u00e9sum\u00e9s and steal from would-be job applicants.<\/li>\n<\/ul>\n<\/li>\n<li>&#8220;<a href=\"https:\/\/www.rsaconference.com\/usa\/agenda\/session\/Regulation%20and%20Risk%20When%20Your%20Customers%20Browser%20Leaks%20Data\" target=\"_blank\" rel=\"noopener\">Regulation and Risk When Your Customer\u2019s Browser Leaks Data<\/a>&#8221; (<a href=\"https:\/\/www.youtube.com\/watch?v=QQZebZ9fU1c\" target=\"_blank\" rel=\"noopener\">video<\/a>) presented by <a href=\"https:\/\/www.rsaconference.com\/experts\/john-elliott\" target=\"_blank\" rel=\"noopener\">John Elliott<\/a><a name=\"ring\"><\/a><\/li>\n<\/ul>\n<h3>An interesting product: a wearable ring for biometric MFA<\/h3>\n<p>After browsing all the vendor booths at RSA Conference, one product stood out to me personally as one of the most unique and innovative. (To be clear, this is not a sponsor or a paid endorsement.)<\/p>\n<p>A company called Token showed off its &#8220;Token Ring&#8221; biometric multi-factor authentication (MFA) product. As the name implies, it&#8217;s a wearable ring. (&#8220;Token Ring&#8221; was also the name of a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Token_Ring\" target=\"_blank\" rel=\"noopener\">networking technology<\/a> in the 1980s.)<\/p>\n<p>The inside of the ring has a fingerprint sensor to first confirm the wearer&#8217;s identity, and then the ring slips onto the finger. Until the ring is removed, it continues to behave as a <a href=\"https:\/\/en.wikipedia.org\/wiki\/FIDO_Alliance\" target=\"_blank\" rel=\"noopener\">FIDO<\/a>-compliant multifactor authentication token. The booth representative claimed that it&#8217;s very difficult to pull off a &#8220;ring swap,&#8221; where an attacker pulls the ring from a victim&#8217;s finger onto their own without breaking the connection. It&#8217;s quite an interesting concept, in theory. I did not get to personally test the product.<\/p>\n<div id=\"attachment_98119\" style=\"width: 410px\" class=\"wp-caption aligncenter\"><img aria-describedby=\"caption-attachment-98119\" loading=\"lazy\" class=\"wp-image-98119\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/06\/Token-Ring-finger-led-cropped.jpg\" alt=\"\" width=\"400\" height=\"333\" \/><p id=\"caption-attachment-98119\" class=\"wp-caption-text\">Token Ring, a biometric MFA product. Image: <a href=\"https:\/\/www.tokenring.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Token<\/a>.<a name=\"yubikey\"><\/a><\/p><\/div>\n<h4><strong>Theoretically more secure and convenient than a YubiKey<\/strong><\/h4>\n<p>One can attach typical FIDO dongles (like a YubiKey) to a keyring, where they may become scratched or damaged. Worse, some people keep their FIDO dongles loose, leaving them more prone to getting lost or stolen. But a wearable ring could potentially solve both of those problems.<\/p>\n<p>The biometric aspect makes it all the more compelling\u2014again, in theory. It&#8217;s not just &#8220;something you have,&#8221; like most 2FA dongles; it also verifies &#8220;something you are.&#8221; The company claims that the ring can operate for up to 20 hours on a single charge, which should make it practical for all-day use.<\/p>\n<p>Unfortunately, the product is <strong>not available to consumers<\/strong>; Token only sells is ring to organizations. According to the booth representative, the Ring was originally conceived as a consumer product, but it didn&#8217;t catch on in that market.<\/p>\n<p>I hope we&#8217;ll soon see other competitors in this space, with products available to consumers. I like the idea of a FIDO-compliant, biometric MFA product that can be worn conveniently and naturally. Perhaps Yubico and other major players in this space will take notice and develop such a product.<a name=\"learnmore\"><\/a><\/p>\n<h3>How can I learn more?<\/h3>\n<p>For lots more videos more RSA Conference presentations, check out the <a href=\"https:\/\/www.youtube.com\/@RSAConference\" target=\"_blank\" rel=\"noopener\">RSAC YouTube channel<\/a>.<\/p>\n<p>We discussed a few of my takeaways from RSAC 2023 on <a href=\"https:\/\/www.intego.com\/mac-security-blog\/apples-first-rapid-security-response-new-mac-malware-and-insecure-google-authenticator-sync\/\">episode 290<\/a> of the Intego Mac Podcast. <a href=\"https:\/\/www.intego.com\/mac-security-blog\/apples-first-rapid-security-response-new-mac-malware-and-insecure-google-authenticator-sync\/#:~:text=Josh%20attended%20the%202023%20RSA%20Conference\">Read the transcript<\/a> or <a href=\"http:\/\/podcast.intego.com\/290\" target=\"_blank\" rel=\"noopener\">listen<\/a> to learn more.<\/p>\n<p><iframe loading=\"lazy\" src=\"https:\/\/player.fireside.fm\/v2\/GegHgcrH+w-OgQkSZ?theme=dark\" width=\"740\" height=\"200\" frameborder=\"0\" scrolling=\"no\"><\/iframe><\/p>\n<p>Each week on the <a href=\"https:\/\/podcast.intego.com\/\" target=\"_blank\" rel=\"noopener\"><strong>Intego Mac Podcast<\/strong><\/a>, Intego&#8217;s Mac security experts discuss the latest Apple news, including security and privacy stories, and offer practical advice on getting the most out of your Apple devices. Be sure to <a href=\"https:\/\/podcasts.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" rel=\"noopener\"><strong>follow the podcast<\/strong><\/a> to make sure you don\u2019t miss any episodes.<\/p>\n<p>You can also subscribe to our <a href=\"https:\/\/www.intego.com\/mac-security-blog\/mac-security-newsletter\/\"><strong>e-mail newsletter<\/strong><\/a> and keep an eye here on <a href=\"https:\/\/www.intego.com\/mac-security-blog\"><strong>The Mac Security Blog<\/strong><\/a> for the latest Apple security and privacy news. And don&#8217;t forget to follow Intego on your favorite social media channels: <a href=\"https:\/\/twitter.com\/IntegoSecurity\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow Intego on Twitter\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/Twitter-logo-icon-64.png\" alt=\"Follow Intego on Twitter\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.facebook.com\/Intego\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow Intego on Facebook\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/Facebook-logo-icon-64.png\" alt=\"Follow Intego on Facebook\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.youtube.com\/user\/IntegoVideo?sub_confirmation=1\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(0, 0, 0, 0.2); border-radius: 8px;\" title=\"Follow Intego on YouTube\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/YouTube-logo-icon-64.png\" alt=\"Follow Intego on YouTube\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.pinterest.com\/intego\/\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(0, 0, 0, 0.2); border-radius: 8px;\" title=\"Follow Intego on Pinterest\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/Pinterest-logo-icon-64.png\" alt=\"Follow Intego on Pinterest\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.linkedin.com\/company\/intego\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow Intego on LinkedIn\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/LinkedIn-logo-icon-64.png\" alt=\"Follow Intego on LinkedIn\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/www.instagram.com\/intego_security\/\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow Intego on Instagram\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2021\/10\/Instagram-logo-icon-64.png\" alt=\"Follow Intego on Instagram\" width=\"16\" \/><\/a>\u00a0<a href=\"https:\/\/podcasts.apple.com\/us\/podcast\/intego-mac-podcast\/id1293834627\" target=\"_blank\" rel=\"noopener\"><img style=\"border-width: 1px; border-style: solid; border-color: rgba(255, 255, 255, 0.2); border-radius: 8px;\" title=\"Follow the Intego Mac Podcast on Apple Podcasts\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2017\/10\/ios9-podcasts-app-tile.png\" alt=\"Follow the Intego Mac Podcast on Apple Podcasts\" width=\"16\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>At RSA Conference 2023 in San Francisco, some of the hot topics included the rise of AI-related attack techniques, malware, and software supply chain attacks. Here are my top takeaways for users of Apple products.<\/p>\n","protected":false},"author":14,"featured_media":98101,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[3316,4659,351,2098,3298],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"At RSA Conference 2023 in San Francisco, some of the hot topics included the rise of AI-related attack techniques, malware, and software supply chain attacks. Here are my top takeaways for users of Apple products.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Highlights from RSA Conference 2023: AI, Malware, and More - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"At RSA Conference 2023 in San Francisco, some of the hot topics included the rise of AI-related attack techniques, malware, and software supply chain attacks. Here are my top takeaways for users of Apple products.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:author\" content=\"https:\/\/www.facebook.com\/JoshLong\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-31T14:29:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-09T18:52:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-400x260-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@theJoshMeister\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Joshua Long\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"12 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-400x260-1.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-400x260-1.jpg\",\"width\":400,\"height\":260,\"caption\":\"RSAC RSA Conference logo - Where the World Talks Security\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/\",\"name\":\"Highlights from RSA Conference 2023: AI, Malware, and More - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#primaryimage\"},\"datePublished\":\"2023-05-31T14:29:08+00:00\",\"dateModified\":\"2023-06-09T18:52:50+00:00\",\"description\":\"At RSA Conference 2023 in San Francisco, some of the hot topics included the rise of AI-related attack techniques, malware, and software supply chain attacks. Here are my top takeaways for users of Apple products.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Highlights from RSA Conference 2023: AI, Malware, and More\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\"},\"headline\":\"Highlights from RSA Conference 2023: AI, Malware, and More\",\"datePublished\":\"2023-05-31T14:29:08+00:00\",\"dateModified\":\"2023-06-09T18:52:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#webpage\"},\"wordCount\":2406,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-400x260-1.jpg\",\"keywords\":[\"AI\",\"ChatGPT\",\"Multi-Factor Authentication\",\"RSA\",\"RSA Conference\"],\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1\",\"name\":\"Joshua Long\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g\",\"caption\":\"Joshua Long\"},\"description\":\"Joshua Long (@theJoshMeister), formerly Intego\\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \\u2014\",\"sameAs\":[\"https:\/\/security.thejoshmeister.com\",\"https:\/\/www.facebook.com\/JoshLong\",\"https:\/\/www.instagram.com\/thejoshmeister\/\",\"https:\/\/www.linkedin.com\/in\/thejoshmeister\",\"https:\/\/www.pinterest.com\/thejoshmeister\/\",\"https:\/\/twitter.com\/theJoshMeister\",\"https:\/\/www.youtube.com\/@theJoshMeister\"],\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"At RSA Conference 2023 in San Francisco, some of the hot topics included the rise of AI-related attack techniques, malware, and software supply chain attacks. Here are my top takeaways for users of Apple products.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/","og_locale":"en_US","og_type":"article","og_title":"Highlights from RSA Conference 2023: AI, Malware, and More - The Mac Security Blog","og_description":"At RSA Conference 2023 in San Francisco, some of the hot topics included the rise of AI-related attack techniques, malware, and software supply chain attacks. Here are my top takeaways for users of Apple products.","og_url":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/","og_site_name":"The Mac Security Blog","article_author":"https:\/\/www.facebook.com\/JoshLong","article_published_time":"2023-05-31T14:29:08+00:00","article_modified_time":"2023-06-09T18:52:50+00:00","og_image":[{"width":400,"height":260,"url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-400x260-1.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_creator":"@theJoshMeister","twitter_misc":{"Written by":"Joshua Long","Est. reading time":"12 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-400x260-1.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-400x260-1.jpg","width":400,"height":260,"caption":"RSAC RSA Conference logo - Where the World Talks Security"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/","name":"Highlights from RSA Conference 2023: AI, Malware, and More - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#primaryimage"},"datePublished":"2023-05-31T14:29:08+00:00","dateModified":"2023-06-09T18:52:50+00:00","description":"At RSA Conference 2023 in San Francisco, some of the hot topics included the rise of AI-related attack techniques, malware, and software supply chain attacks. Here are my top takeaways for users of Apple products.","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Highlights from RSA Conference 2023: AI, Malware, and More"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1"},"headline":"Highlights from RSA Conference 2023: AI, Malware, and More","datePublished":"2023-05-31T14:29:08+00:00","dateModified":"2023-06-09T18:52:50+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#webpage"},"wordCount":2406,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-400x260-1.jpg","keywords":["AI","ChatGPT","Multi-Factor Authentication","RSA","RSA Conference"],"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/highlights-from-rsa-conference-2023-ai-malware-and-more\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/dcf592275ba6edde8d20f1e60029c6b1","name":"Joshua Long","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/5ad29f4111ce14911abaa98cbbcdea42?s=96&d=mm&r=g","caption":"Joshua Long"},"description":"Joshua Long (@theJoshMeister), formerly Intego\u2019s Chief Security Analyst, is a renowned security researcher and writer, and an award-winning public speaker. Josh has a master\u2019s degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Information Security. Apple has publicly acknowledged Josh for discovering an Apple\u00a0ID authentication vulnerability. Josh has conducted cybersecurity research for well over 25 years, which is often featured by major news outlets worldwide. Keep up with Josh via X\/Twitter, LinkedIn, Facebook, Instagram, YouTube, Patreon, Mastodon, the JoshMeister on Security, and more. \u2014","sameAs":["https:\/\/security.thejoshmeister.com","https:\/\/www.facebook.com\/JoshLong","https:\/\/www.instagram.com\/thejoshmeister\/","https:\/\/www.linkedin.com\/in\/thejoshmeister","https:\/\/www.pinterest.com\/thejoshmeister\/","https:\/\/twitter.com\/theJoshMeister","https:\/\/www.youtube.com\/@theJoshMeister"],"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/joshlong\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2023\/05\/RSA-Conference-logo-where-the-world-talks-security-no-year-2023-400x260-1.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-pwf","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/98099"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=98099"}],"version-history":[{"count":39,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/98099\/revisions"}],"predecessor-version":[{"id":98289,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/98099\/revisions\/98289"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/98101"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=98099"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=98099"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=98099"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}