Oleksii (Alex) Starov (Palo Alto Networks)
Phishing and scams continue to dominate the Web threat landscape. As attackers adopt AI to automate their operations, we are seeing an increasingly diverse range of lures and evasion techniques on phishing web pages. To counter this, security solutions have to deploy AI-ready defenses designed to detect social engineering content and overcome advanced cloaking.
Drawing on nearly a decade of industry experience, this keynote explores the AI-driven evolution of phishing. We will investigate novel attacks developed in our research that demonstrate how Generative AI can obfuscate malicious code and how LLMs can assemble phishing pages in real-time. Because these "runtime assembly" methods can evade traditional network filters, the browser serves as a critical vantage point for detection. We will conclude by discussing a twofold defense strategy: building robust AI-powered detectors and leveraging the browser as a definitive vantage point for protection against patient-zero phishing threats.
Speaker's Biography: Oleksii Starov, Ph.D., is a Security Scientist and the Senior Research Manager for Web Security at Palo Alto Networks. He focuses on protecting users against evolving online threats by developing proactive, data-driven network and browser security solutions. Prior to joining Palo Alto Networks in 2018, Oleksii was a member of the PragSec Lab at Stony Brook University, conducting research in web security and privacy. An active contributor to the academic community, he has published and co-authored over 20 papers and serves on the program committees of top-tier security conferences. Since 2020, Oleksii has supported the MADWeb workshop and currently serves on its steering committee. Oleksii frequently shares his research through the Palo Alto Networks Unit 42 blogs and co-hosts the No Name Podcast, a leading cybersecurity podcast in Ukraine.