From Credit Union Times
The Shellshock bug has been found in the application Bash, which is found in many versions of Linux, Unix and even some Apple operating systems. The threat is that a wily hacker could detect the Bash vulnerability and seize control of that system. In theory, it means credit union online banking could be seized by crooks. Ditto for the routers that many institutions use to get online.
Don Jackson, director of threat intel at security company Phishlabs in Charleston, S.C., urged credit unions to contact vendors that provided them with public facing Internet tools, such as online banking, to check on the current security status and what patches are available.
For now, however, the advice is unanimous: Identify vulnerable systems and patch them as soon as possible. Interrogate vendors about possible vulnerabilities and demand patches. Treat Bash as a serious threat because it is.