ShellTorch - The Next Evolution in *4Shell Executions
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore a critical security vulnerability in the PyTorch ecosystem through this conference talk by Gal Elbaz and Avi Lumelsky from Oligo Security. Dive into the details of ShellTorch, a chain of four vulnerabilities allowing Remote Code Execution (RCE) in TorchServe, with a focus on the newly discovered CVE-2023-43654 carrying a CVSS score of 9.8. Learn about the potential impact on thousands of exposed instances and the risks of unauthorized access to AI models. Understand the importance of securing AI applications and tooling stacks in the era of growing AI and LLM adoption. Witness a live demonstration of the exploit, which enables viewing, modifying, stealing, and deleting AI models and sensitive data on targeted TorchServe servers. Gain valuable insights into immediate mitigation steps to protect your systems from this high-severity threat.
Syllabus
ShellTorch the Next Evolution in *4Shell Executions - Gal Elbaz & Avi Lumelsky, Oligo Security
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Unlocking Information Security II: An Internet PerspectiveTel Aviv University via edX Cybersecurity Capstone: Breach Response Case Studies
IBM via Coursera Complete Ethical Hacking Bootcamp
Udemy Cyber Security Advanced Persistent Threat Defender Preview
Udemy Performing Threat Modeling with the PASTA Methodology
Pluralsight