BY PUNGGAWA CYBERSECURITY MEDIA CENTER
SINGAPORE – In midst of discussions about Artificial Intelligence (AI), ransomware, and advanced cyber attacks that dominated DEF CON Singapore 2026, a session brought attention upon a different attack surface that continues to challenge organisations throughout the world: human behaviour.
Danang Avan, a cybersecurity practitioner and penetration tester from Punggawa Cybersecurity, presented a session titled “Pretexta: The Psychology Behind Successful Social Engineering” in a Demo Labs segment of DEF CON Singapore 2026 on April 29. This session explored how attackers have further depended on psychological manipulation rather than technical exploitations to breach organization’s defences.
Representing Punggawa Cybersecurity in one of the most renowned hacking conventions in the world, Danang presented his research in front of cybersecurity professionals, researchers, and technology practitioners from all over the Asia-Pacific region.
The session explored how modern threat actors exploit behavioural patterns such as urgency, trust, authority, and emotional response to bypass safety controls and influence the victim to make bad decisions.
“A lot of organisations have invested in strong security, but attackers have continually targeted the human layer as it is often the easiest access point,” said Danang during the presentation.
This research showed how social engineering attacks have transformed to transcending conventional email phishing, becoming more adaptive and convincing scenarios, supported by digital information available to the public as well as AI-based content.
The examples discussed in the session covered executive impersonation attempts, communication patterns based on trust, and psychological conditioning techniques that are made to lower victim’s suspicion from time to time.
Instead of purely focusing on offensive tools or malware development, Pretexta tests the cognitive aspect and behaviour that contributes to the success of cyber attacks these days.
This presentation also mirrors the broader concerns that appeared throughout the DEF CON Singapore 2026 event, where many professionals warned that AI technology has accelerated the scale, realism, and advancement of manipulation-based attacks. DEF CON Singapore itself was held from April 28-30 at the Marina Bay Sands Expo and Convention Centre, marking the debut of the conference in South East Asia.
Industry observers noted how Business Email Compromise (BEC), identity fraud, and targeted phishing campaigns continuously create operational and financial risks for organisations worldwide, including those who already have mature technical security controls.
Although Pretexta was presented as an independent research initiative and not a commercial product or a direct service for clients, this finding further shows how important a human-centric cybersecurity approach is to many industries.
For Punggawa Cybersecurity, participation in international cybersecurity forums such as DEF CON reflects the company’s commitment towards exploring ongoing research and broadening their awareness of threats in the ever-changing cyber landscape.
The insights gathered through the global cybersecurity community and technical discussion enables practitioners to further understand attacker methodologies that are changing, including non-technical intrusion techniques that continue to develop alongside digital transformation and AI adoption.
Danang’s presence at DEF CON Singapore also marks the existential growth of cybersecurity practitioners from Indonesia in the international cybersecurity scene, which were traditionally dominated by individuals from the United States and Europe.
