Description
The same great functionality that makes it such a powerful tool for developers and researchers makes Jupyter a valuable target for hackers. The confluence of data, code and network access, often as a primary tool for developing machine learning applications, give hackers opportunities to impact application development and move laterally around the network. Based on research and operations conducted by the NVIDIA AI Red Team, this presentation will cover common reconnaissance and post-exploitation activities that attackers may try and execute on hosts using Jupyter or running Jupyter infrastructure. These lessons will inform user and administrator awareness to shape defensive practices. Attendees will gain a better understanding of what activities attackers may try and do after gaining access and how to resist, monitor, and counter that activity.