Python Pickle Module: Python 15-Year Tarfile Flaw in Over 350,000 Code Projects

On Tuesday, security firm Trellix said its threat researchers had encountered a vulnerability in Python's tarfile module, which provides a way to read and write compressed bundles of files known as tar archives. Initially, the bug hunters thought they'd chanced upon a zero-day. It turned out to be about a 5,500-day issue: the bug has been living its best life for the past decade-and-a-half while awaiting extinction. In this video, VerSprite CEO, Tony UV talks about the Python Flaw and what organizations should do with this threat. // FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE // ✦ VerSprite: https://versprite.com/ ✦ LinkedIn: https://www.linkedin.com/versprite-llc/ ✦ Twitter: https://twitter.com/versprite/ ✦ YouTube: https://www.youtube.com/c/VerSprite @VerSprite // ABOUT VERSPRITE // VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is important to protect your organization’s assets, protect your clients, and maintain the same, great reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and better business outcomes overall. ✦ Visit our website: https://versprite.com/ #pythonprogramming #pythonprojects #cybersecurity