Cyber attacks, like last November’s hack of Sony Pictures, have motivated many to increase focus on external threats and begin having more discussions around real world cyber threats and overall preparedness.

Credit unions, like many other companies, have business units that submit regular requests to buy new cloud apps, the most popular being file-sharing services like Box, Dropbox, and Evernote. With most credit union infrastructure being built as fragmented layers of add-ons, over a period of many years, the security methods used to protect the legacy network and applications, as well as these new cloud applications, is severely lacking.

2015 is the year that credit unions must reinvent their security model to be more holistic and ready to face the sophistication of emerging threats. This doesn’t have to be a complete rip-out and replace initiative, and it can be accomplished much easier that most believe. Our team at CUdefender speaks regularly with credit union executives and boards who don’t realize some of the quick and cost effective steps they can take to have an immediate positive impact on their security posture.

The long-standing issue of security having a proper seat at the executive table should no longer be a problem. Now it needs another lift upwards to the board. Hopefully credit unions will have foresight to make cyber topics a substantial part of their 2015 board and strategic planning meetings.

Credit unions looking for security planning assistance or cyber threat protection can contact CUdefender at 1-888-632-4339 or visit http://www.cudefender.com for additional information.

The post Cyber Security Needs Board Level Visibility appeared first on CUdefender.

The vulnerability, known as Shellshock, will be a serious problem for many Linux, Unix, and Mac OS X users.

In order to protect our Credit Union customers from being affected by Shellshock, CUdefender has proactively updated its Web Application Firewall (WAF) rules to block the vulnerability.

Our implemented security rules work in multiple stages to ensure that Shellshock cannot be exploited on systems protected by CUdefenders’s WAF.

As a best practice, administrators of any systems running Bash should patch their systems as soon as patches for their distributions are available, even if those systems are already protected by CUdefender. Mjor Linux distributions such as Redhat, have already released patches.

Some vendors and third parties have already gone as far as creating simple diagnostic tools which can be run after patching to make sure that the vulnerability is closed and unexploitable on your system.

Technical details for Shellshock and affected versions for this vulnerability can be found in the National Vulnerability Database using the ID #’s CVE-2014-6271 and CVE-2014-7169.

The post CUdefender Protects Credit Unions Against “Shellshock” Vulnerability appeared first on CUdefender.