From Argentina to Miami: Ekoparty opened its first international edition with AI, chips and cameras under the magnifying glass

With more than 500 registered, Ekoparty opened its doors around 9:30 a.m. this Thursday with the words of one of its founders, the current CEO, Leonardo Pigñer: “For us, Ekoparty it’s about building bridges and connecting people. “I think that what we can bring differently is a new meeting point to connect with the Latin American cybersecurity community,” he said on stage at the Hotel Loews, South Beach de Miami.

As with much of the current technological agenda, the opening talk (keynote) of the first day was dedicated to artificial intelligence. Juan Andrés Guerrero-Saade, an experienced hacker in the industry, warned that AI is usually presented as a tool capable of “democratizing” access to technical tasks, such as programming or analyzing information, but that there are also a “multiplier” effect about those who must use it in their jobs.

“I think the value of artificial intelligence is in its multiplicative power. If someone already has capabilities in their area, AI can multiply their performance tenfold. Things that used to take weeks or months can now be solved in hours. The problem is that there is a lack of guidance: instead of seeing that benefit, many people feel fear and anxiety in the face of processes that are now becoming more accessible and cheaper,” he told Clarion when coming off the stage.

“This also creates a crisis in how we assign value to work. If a PowerPoint presentation that previously took a long time can now be generated in 30 seconds, How much is that product worth? “This uncertainty is leading some companies to make hasty decisions, including laying off essential people,” continued the vice president of Intelligence and Security Research at SentinelOne.

“Then, six months later, they try to rehire those same experts, with an already damaged working relationship. The challenge is learning to value the experience behind the work and compensate it correctly, to build a more symbiotic relationship between employees and employers,” he concluded.

After his talk, other activities characteristic of a hacker convention began: from the villages themes and workshops lockpicking (opening locks) to technical demonstrations, exchange spaces between researchers and talks on vulnerabilities, AI and offensive security.

One of the featured talks on the first day had to do with research on how AI can help reverse engineer, a fundamental part of hacking: analyzing a program, system or application from the inside to understand how it works, detect errors and eventually find security vulnerabilities.

Gastón Aznarez and Dan Borgognoresearchers from Faraday Security, an Argentine cybersecurity company, analyzed a very specific problem in the world of reverse engineering: what happens when a researcher analyzes a device and discovers that its architecture is not x86 or ARM (the best known), but rather a proprietary one, with little or no public documentation. How do you break a system that is unknown?

“Behind many modern electronic devices is a chip running code that no one outside the manufacturer can read. That includes things people use every day: cars, pacemakers, security cameras, routers, connected toys, smart appliances. When one of these devices has a vulnerability, a flaw that allows, for example, someone to take the remote control of the car or spy through the camera, the only way to discover it before an attacker does is to analyze the chip from the inside,” Aznarez explained to Clarion.

“The problem is that sometimes the manufacturer does not publish how it works. The industry calls this ‘security by obscurity’: the idea that if no one knows how something is made, no one will be able to break it. In practice, this idea does not work, because attackers with sufficient resources end up decrypting it anyway, the only ones left out are independent researchers who could warn of problems before they are exploited. There are too many chips and too few researchers,” added Borgogno.

AI, they maintain, can accelerate that task. “This is where artificial intelligence changes the rules. Current language models are particularly good at two tasks that previously required a human expert: recognizing patterns in seemingly meaningless text, and reasoning about unknown structures to deduce what they mean. Applied to this problem, they allow us to automate much of the work that was previously done by a specialist by hand, and to generalize to chips for which there were never tools before. What used to take months can now take days,” says Aznarez.

Regarding the impact of artificial intelligence on cybersecurity during 2026, researchers propose that the main change is in the scale of work.

“What we are seeing so far in 2026 is a change in the economics of security research. Before, finding vulnerabilities in a product required a researcher or a team to spend months, sometimes years, understanding how that product works inside: opening it, reading firmware, iterating on hypotheses. Today, an orchestrated system of AI agents can be targeted to find vulnerabilities in a piece of software and cover much more ground than one person covers in the same time. The coverage capacity is not comparable,” said Aznarez.

Other research presented on the first day focused on a much more common type of equipment for companies, businesses and buildings: network video recorders, known as NVRs. The talk From Firmware to RCE: Attacking NVRs Hikvisionby Spanish researchers Ángel Lozano Alcázar and Pedro Guillén Núñez, showed the complete process to discover and exploit faults zero day on NVR devices from Hikvision, one of the most widespread brands on the market, widely sold in Argentina and Latin America.

An NVR It is the equipment that centralizes, records and manages the images from several security cameras connected to a network. The investigation included obtaining the firmware (the internal software that comes installed on a device and tells it how to function), along with exploitation and “persistence”, something key that attackers look for: not just to get in, but to remain (ideally, undetected).

For Lozano Alcázar and Guillén Núñez, these devices can become a weak point within many organizations because they are installed and left running for years. “Network video recorders, like those from Hikvision, are part of the ecosystem of IoT devices aimed at physical security. Their main function is to record and manage cameras, not to act as computer systems designed to resist cyberattacks. And therein lies the problem,” they told this medium.

“In many companies, these computers are installed and left running for years with little maintenance. Unlike a computer or server, they do not usually receive periodic updates, security audits or configuration reviews, and are rarely even monitored. In some cases, They continue to operate with default credentials or unsafe configurations,” they explained.

“The most obvious risk is the loss of privacy. If an attacker accesses a camera, they can see in real time what happens in a home, office or critical facility. For example, you can access not only images but also infer routines, schedules, presence or absence of people,” they explained.

The first day of the conference left a current snapshot of cybersecurity: artificial intelligence is already used to accelerate complex technical investigations, connected devices continue to accumulate risks that are difficult to see for the common user, and the Latin American hacker community seeks occupy a place of one’s own in an increasingly global agenda.