CUNA
  • Advocacy
    • Priorities we’re fighting for
    • Actions you can take
  • News
  • Learn
  • Compliance
  • Shop
  • Topics
    • Compliance
    • Credit Union System
    • Directors
    • Human Resources
    • Leadership
    • Lending
    • Marketing
    • Operations
    • Policy & Issues
    • Sales & Service
    • Technology
  • Credit Union Magazine
    • Buyers' Guide
    • Digital Edition
    • Credit Union Hero
    • Credit Union Rock Star
    • Subscribe
    • Advertise
    • Contact
  • Advertise
  • Awards
    • Nominate Credit Union Hero
    • Nominate Credit Union Rock Star
  • Podcasts
  • Videos
  • Contact
Learn More about Member Value

News

Member Benefits
Learn more
Learn more about the benefits of membership.
Home » Muzzle POODLE vulnerability by updating browsers, SilverSky advises
CU System

Muzzle POODLE vulnerability by updating browsers, SilverSky advises

October 21, 2014

MADISON, Wis. (10/22/14)--Keeping operating systems and browsers up to date is key to protecting credit unions and members against a new security vulnerability discovered last week.

POODLE (Padding Oracle on Downgraded Legacy Encryption) exploits a flaw in old Secure Socket Layer (SSL) 3.0 encryption protocol. POODLE allows a third party to capture information sent between the user and the website--known as a "man in the middle" attack.

"You might not notice anything," said Andrew Jaquith, chief technology officer for SilverSky, a provider of cloud security solutions and a CUNA Strategic Services alliance provider. "They are snapping up the information that you're transmitting. It's insidious--you just won't know."

"It affects every browser, every server, because everyone supports backward capability," he told News Now. "Now it needs to be disabled in all these areas."

For credit unions, that means they must disable SSL 3.0 on all servers and member-facing sites. "If you're using any systems newer than 2006 or 2007, you should be fine," he said. Credit unions also should make sure they have recently updated versions or patches on their operating systems. "Always turn on automatic updates," he advised.

Credit unions can also help protect their employees and members by making sure they are using "slightly more modern browsers," he counseled. Internet Explorer 6 and below are vulnerable so members should be using Google Chrome, Firefox, Safari or Internet Explorer 7 and above.

"As a browser user, the nice thing about Chrome and Firefox is that they do silent updates in the background," Jaquith said.

Silver State Schools CU, Las Vegas, with $655 million in assets, took a proactive approach in notifying its members about the vulnerability and what it was doing to update its four member-serving systems. "We have begun taking corrective action," it noted on its website. "As a result, you may experience short interruptions in some or all online services."

It also suggested members look at their own Web browsers to ensure SSL 3.0 is disabled.

SilverSky/CUNA Strategic Services

  • Related Articles

    Updated CU Act in Ore. signed by Gov. Brown

    Heartbleed bug could threaten website security

    Move toward cultural connection includes CUs, says Horowitz

Subscriber Exclusives Break-through branding

Break-through branding: Build an emotional connection

When Elevations Credit Union expanded into two new counties, senior leadership set out to tell its story in a bold, fresh way.
How technology transforms marketing

How technology transforms marketing

Artificial intelligence improves member conversions, engagement, and retention.
Analytics drives journey toward data nirvana

Analytics drives journey toward 'data nirvana'

Data analytics can provide the 'oh wow' moment of discovering member behavior.
Subscribe Now

Trending

  • It's time to expand our cooperative principles

  • Settlement proposed in data breach lawsuit against Wendy’s

  • Serving the underserved and increasing diversity

Tweets by CUNA_News

Polls

Who should be the 2019 Credit Union Hero of the Year?

View Results
More

Champion of America’s Credit Unions

Credit Union National Association is the only national association that advocates on behalf of all of America’s credit unions. We work tirelessly to protect your best interests in Washington and all 50 states. We fuel your professional growth at every level and champion the credit union story at every turn.

More CUNA

  • About
  • Careers
  • Contact Us
  • Recommended Websites

Resources for

  • CUNA Board Members
  • Credit Union Advocates
  • Leagues
  • Press
  • Vendors