Head's up! Check your Python modules

Head's up! Check your Python modules

December 6, 2019

Head's up!  Be on the lookout for malicious Python libraries!  As reported by Developer Tech and Naked Security there is an imposter version of the popular library dateutill which is called python3-dateutil with a one '1' at the end instead of a lowercase L, 'l'.   The malicious library can steal keys for Secure Shell (SSH), a network encryption protocol, and GnuPG Privacy guard, encryption software.

 

You can confirm which python modules you have installed with the pip freeze command.   In your scripts directory simply enter, 'pip freeze'. 

 

 

. . . and a list of installed modules will be generated. 

 

Please reload

Contact Me With Your Litigation Support Questions:

seankevinoshea@hotmail.com

  • Twitter Long Shadow

© 2015 by Sean O'Shea . Proudly created with Wix.com