The TAICO team is proud to announce our next meetup on Wednesday, January 29th at the Adaptavist office in Toronto. Much thanks to Adaptavist for hosting!
Registration and Event Details
Please note that we are using Meetup.com for event registration and you must register through that link to attend. Seating is limited so please register early. Thank you and see you there!
Event registration link - meetup.com
Our goal is to bring artificial intelligence and cybersecurity together. To do that, we need to explore what’s happening in AI and what’s happening in cybersecurity, and where the two intersect and collide. We’re also working to understand how we solve problems in these areas, what that looks like, and how Canada can and will participate.
With that in mind, we’re pleased to announce our speaker and the agenda for our next meeting!
Agenda
- 👋 Welcome and introductions
- 🚀 Demo of GenAI and security in action
- 🎙️ Speakers
🎤 Speaker #1: Roozbeh Ali
Talk Title: Butler Product Deep Dive
Abstract:
Butler is an all-in-one data engine and AI assistant that indexes your data, joins and summarizes meetings, and summarizes your most important updates at a glance. Butler is always gathering messages, emails, and workflow data - letting the user focus on their real work.
About Roozbeh:
Roozbeh is the CEO @ Butler, a venture-backed AI startup.
🎤 Speaker #2: Piyush Bhor
Talk Title: Exploiting ML libraries for Fun and Profit
Abstract:
In this talk, I will discuss zero-day deserialization vulnerabilities found by other researchers and me in Hugging Face Transformers, Diffusers, PyTorch and Mlflow, which are still unpatched and allow arbitrary code execution.
I will also show you how to craft malicious .pkl and yaml files to exploit these vulnerabilities and get a reverse shell on your target.
Lastly, I will offer advice on how to protect yourself against these attacks.
About Piyush:
I am a security researcher/bug bounty hunter specializing in source code reviews of AI/ML libraries. So far, I have discovered five high-severity vulnerabilities in Hugging Face Transformers, out of which three have been assigned CVEs - CVE-2024-11392, CVE-2024-11393, and CVE-2024-11394 and two are in the process. I have also found vulnerabilities in Pytorch, CatBoost, Behave and Mlflow.
- ⚡ Lightning Talks and Demos
Lightning Talks - 5 to 10 minutes long
- Curtis Collicutt - Baish project update - installation and new Cohere support
- You? - Please reach out if you’d like to do a lightning talk or demo
Please reach out to us if you’d like to present at the meetup. We are looking for people to talk about what they are working on, what they are building and learning, and are open to any level of experience and technical depth. Whether you are a beginner or an expert, we want to hear from you! We’re all just out here building and learning.
- 👋 See You There!
Thanks, and we look forward to seeing you at the meetup!
