From October 22–24, Pyxis — represented by Matías Cabrera, Matías Bertua, Ambar Strocchia, and Nicolás Gastelumendi — attended Ekoparty in Buenos Aires, the largest hacking conference in Latin America. 

 Ekoparty brings together security professionals, researchers, and ethical hackers from across the region to explore the latest trends, attack techniques, and defensive innovations shaping today’s cybersecurity landscape. 

Here are some of the key takeaways from the sessions our team attended:  

Key Highlights 

AI Under GPU Fire 

With NVIDIA powering over 90% of data center GPUs, most cloud AI workloads run on proprietary CUDA drivers — creating a massive single point of failure and supply chain risk. 

AI Is Redefining Pentesting 

Autonomous agents can now execute complex offensive tasks, accelerating bug bounty cycles. The line between “copilot” and “competitor” in ethical hacking keeps blurring. 

Antiforensics in AWS Cloud 

CloudTrail and GuardDuty introduce latency windows that allow attackers to operate undetected for up to 20 minutes. Understanding the AWS logging pipeline is crucial for stealth defense. 

Prompt Injection Attacks in Production 

Models can be manipulated through crafted inputs. Comparing embeddings helps detect anomalies, but human-in-the-loop strategies remain essential for effective mitigation. 

The 5Cs of Cloud Security 

Compliance, Configuration, Control, Continuity, and Cost — a practical framework for protecting digital assets amid increasingly automated and persistent threats. 

0-Click Compromises Powered by AI 

Just one prompt can trigger full access, persistence, and data exfiltration. Emerging frameworks like the GenAI Attack Matrix aim to map and mitigate these new AI-driven risks. 

Your Car Is Mine 

Through hardware hacking and reverse engineering, researchers exposed severe flaws in rolling-code remote entry systems (RKES) used in thousands of aftermarket car models worldwide — allowing attackers to unlock vehicles without original keys. 

Container Security in AWS ECS/ECR 

 Continuous image scanning, least-privilege policies, and defense-in-depth practices are vital for securing containerized environments. 

PCI Compliance in AWS 

Key AWS services (Config, CloudTrail, Security Hub) help organizations meet PCI DSS standards when properly configured under the shared responsibility model. 

Demystifying EDR Evasion 

You don’t need to be a malware developer to evade modern EDRs. Red Teams can effectively test resilience through realistic, controlled bypass techniques. 

I’m DA, and Now What? 

Gaining Domain Admin access isn’t the end goal — it’s the gateway to real business impact. This talk explored post-exploitation tactics with proven results across industries. 

Tales from a Cloud Incident Responder 

Five real-world cloud incidents revealed a hard truth: major breaches are often discovered through impact, not alerts. A raw and practical view of cloud incident response in action. 

Let’s Strengthen Cybersecurity Together 

At Pyxis, we help organizations navigate evolving cyber risks through advanced training, managed security services, and technical advisory. 

 If you’d like to discuss how our team can support your cloud, AI, or security strategy — let’s connect.