Bishop Fox is proud to present at Kernelcon. Senior Security Consultant Berenice Flores will speak on the research where she was able to hack into a Machine Learning framework and quickly gain privelge escalation in an AWS account.

For more details, visit the official Kernelcon website.

"With Great gAIn Comes Greater Security Issues - When ML Frameworks' Scale for Growth Incorporates Security Risks to Users' Cloud Accounts"

There are various Machine Learning/BigData frameworks that have become quite popular in the past year due to the release of ChatGPT. This sudden popularity has caused that the scale for growth in parallel computing comes first and leaves aside the implementation of security mechanisms in some of the frameworks' components. In this talk I will go over the research process that I performed on one of these frameworks in an AWS install, showing how it started as two vulnerabilities in a web dashboard and quickly became privilege escalation in an AWS account.