Python 15-Year Tarfile Flaw In Over 350,000 Code Projects | Tony UV
On Tuesday, security firm Trellix said its threat researchers had encountered a vulnerability in Python's tarfile module, which provides a way to read and write compressed bundles of files known as tar archives. Initially, the bug hunters thought they'd chanced upon a zero-day.
It turned out to be about a 5,500-day issue: the bug has been living its best life for the past decade-and-a-half while awaiting extinction.
In this video, VerSprite CEO, Tony UV talks about the Python Flaw and what organizations should do with this threat.
// FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE //
✦ VerSprite: https://versprite.com/
✦ LinkedIn: https://www.linkedin.com/versprite-llc/
✦ Twitter: https://twitter.com/versprite/
✦ YouTube: https://www.youtube.com/c/VerSprite @VerSprite
// ABOUT VERSPRITE //
VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is important to protect your organization’s assets, protect your clients, and maintain the same, great reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and better business outcomes overall.
✦ Visit our website: https://versprite.com/
#pythonprogramming #pythonprojects #cybersecurity
Видео Python 15-Year Tarfile Flaw In Over 350,000 Code Projects | Tony UV канала VerSprite
It turned out to be about a 5,500-day issue: the bug has been living its best life for the past decade-and-a-half while awaiting extinction.
In this video, VerSprite CEO, Tony UV talks about the Python Flaw and what organizations should do with this threat.
// FIND VERSPRITE’S CYBERSECURITY TEAM ONLINE //
✦ VerSprite: https://versprite.com/
✦ LinkedIn: https://www.linkedin.com/versprite-llc/
✦ Twitter: https://twitter.com/versprite/
✦ YouTube: https://www.youtube.com/c/VerSprite @VerSprite
// ABOUT VERSPRITE //
VerSprite is a leader in risk-based cybersecurity services and PASTA threat modeling, enabling businesses to improve the protection of critical assets, ensure compliance, and manage risk. Our mission is to help you understand and improve your organization’s cybersecurity posture. With cyberattacks increasing in number and sophistication daily, it is important to protect your organization’s assets, protect your clients, and maintain the same, great reputation and trust you have worked hard to build. We believe that an integrated approach will result in better and more cost-effective security practices and better business outcomes overall.
✦ Visit our website: https://versprite.com/
#pythonprogramming #pythonprojects #cybersecurity
Видео Python 15-Year Tarfile Flaw In Over 350,000 Code Projects | Tony UV канала VerSprite
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
DiDi Global gets Hit w/ Massive Fine - Data Privacy/ Cybersecurity SlapWhat is a vSOC? | Virtual Security Operations CenterInsider Threat - A former Twitter Inc. employee was convicted of spying for Saudi ArabiaCybersecurity Trends - Do You Know Your Orgnizations Threat Model? | Tony UVOpto 22 PAC Basic Unpatched File Parsing Vulnerability Found | Zero-DayREMOTE IT STAFF RECOMMENDATIONS FOR MORE SECURE NETWORKS | Cybersecurity for Remote WorkersJob Search 2021: Standing Out to Job RecruitersPASTA Threat Modeling | Stage 5Getting Your Security Program To Shift Left - Operationalizing Security Controls Via DevSecOpsHow Does Cybersecurity Help Orgnizations?D3 SOAR Platform Testimonial | VerSprite CEO, Tony UVCybersecurity Awareness & Hispanic Herritage Month | DirtySouth PodCastCybersecurity Solutions for Businesses as Digital Interactions Increase and Expectations RiseRemote WCF Exploitation: CVE-2019-8917PASTA Threat Modeling | Stage 2How D3 NextGen SOAR Helps Versprite CyberSecurityOWASP AppSec | Build a Valid Threat Library for Cloud Based ApplicationsHow to Use Your Custom Threat Library | Process for Attack Simulation and Threat AnalysisRisk-Centric Threat Modeling via SoftwareWhat is a Trusted Partner? | Client Success Manager Keith AndersonPASTA Threat Modeling | Stage 6