If you haven't heard about Heartbleed yet, go here: www.heartbleed.com. This is a MAJOR vulnerability is web sites that were thought to be secure. Their recommendation is to clear all session keys and cookies immediately. For the sites you use that require login, check them to see if they're secured from the bug: http://filippo.io/Heartbleed. If AND ONLY IF the site is secured, change your password. Do not change you password until the site is secured, as you could just end up giving your new password to intruders. (And yes, I already checked: facebook.com, dreamwidth.org, and livejournal.com have all been secured, so you should now reset your password to something you don't use on any other site.)
Take this one seriously, folks. The people who found this one were able to penetrate a site, get access to user names, passwords, instant messages, emails, and business critical documents -- all without leaving any trace of the attack.
Take this one seriously, folks. The people who found this one were able to penetrate a site, get access to user names, passwords, instant messages, emails, and business critical documents -- all without leaving any trace of the attack.