ShellTorch - The Next Evolution in *4Shell Executions
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore a critical security vulnerability in the PyTorch ecosystem through this conference talk by Gal Elbaz and Avi Lumelsky from Oligo Security. Dive into the details of ShellTorch, a chain of four vulnerabilities allowing Remote Code Execution (RCE) in TorchServe, with a focus on the newly discovered CVE-2023-43654 carrying a CVSS score of 9.8. Learn about the potential impact on thousands of exposed instances and the risks of unauthorized access to AI models. Understand the importance of securing AI applications and tooling stacks in the era of growing AI and LLM adoption. Witness a live demonstration of the exploit, which enables viewing, modifying, stealing, and deleting AI models and sensitive data on targeted TorchServe servers. Gain valuable insights into immediate mitigation steps to protect your systems from this high-severity threat.
Syllabus
ShellTorch the Next Evolution in *4Shell Executions - Gal Elbaz & Avi Lumelsky, Oligo Security
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network