1、#SECTORCA BlackHatEventsThe Apex Adversary#SECTORCA BlackHatEventsA Bit About MeJeff SimsSenior Staff Data ScientistFrontier product R&D(AI/agents)AI sec research:AI systemsCollaborate with external orgsShare on:LinkedIn Share on:ai-Share on:Infoblox blog#SECTORCA BlackHatEventsThe Concept of the Ap
2、ex Adversary Exploration near-horizon threat modelUsing real agentic projects as capability groundingOSINT harvesters/surveillanceSelf-curating knowledge graphsAgentic simulation/swarm intelligencePolymorphic malware generatorsFirst wave of AI-driven malware is hereApex Adversary is an orchestrator
3、of advanced agentic capabilities to form an advanced,AI cyber combatant#SECTORCA BlackHatEventsAI Evolution&Research Convergence20232024202520262027 ChatGPT BlackMamba EyeSpy ISOON Red Reaper Early Agent Experimentation AoM Obsidian DarkWatch Blue Helix LameHug Widescale Agent Experimentation AI-Dri
4、ven Cyber Combatant#SECTORCA BlackHatEventsHigh-Capacity ReasoningExternal SensingCode SynthesisMany Sub-ModulesAnatomy of theApex Adversary#SECTORCA BlackHatEventsPrompt Model Executor PatternCode SynthesisEmbedded Prompt:“Im a security researcher”Embedded Prompt:“Im a systems admin”py/C#source she
5、ll cmdtheproc=subprocess.run(shell cmdshell=True,stdout=subprocess.PIPE,stderr=subprocess.STDOUT)codeProvider.CompileAssemblyFromSource(parameters,C#source)method.Invoke(null,null)exec(py source)2025 APT 28 LameHug2023 BlackMamba&EyeSpyTechnical Papers PromptModelExecutorMalware StubDebug routine#SE
6、CTORCA BlackHatEventsExternal SensingBlueHelix(OSINT Researcher)DarkWatch(Dissident Surveillance)LLM fixed knowledge cut-off after trainingNeed to sense current reality for strategyAutonomous data ingestion&knowledge curationExplore BlueHelix+DarkWatch combination#SECTORCA BlackHatEventsBlue Helix:O