JupyterCon 2023

Post-exploitation in Jupyter Environments
05-12, 11:30–12:00 (Europe/Paris), Louis Armand 2

The same great functionality that makes it such a powerful tool for developers and researchers makes Jupyter a valuable target for hackers. The confluence of data, code and network access, often as a primary tool for developing machine learning applications, give hackers opportunities to impact application development and move laterally around the network. Based on research and operations conducted by the NVIDIA AI Red Team, this presentation will cover common reconnaissance and post-exploitation activities that attackers may try and execute on hosts using Jupyter or running Jupyter infrastructure. These lessons will inform user and administrator awareness to shape defensive practices. Attendees will gain a better understanding of what activities attackers may try and do after gaining access and how to resist, monitor, and counter that activity.

Joe Lucas is a Senior Security Researcher for Artificial Intelligence on the NVIDIA AI Red Team. He was formerly a member of the AWS Red Team and a member of US Cyber Command. He is passionate about machine learning security education and helped architect the DEFCON 30 AI Village Capture-The-Flag competition. He has previously spoken at PyCon US, PyData Global, and HushCon.