The Heartbleed security flaw was fixed in the newest version of OpenSSL, but you should still change your passwords on all of the sites affected by the bug.
If you’re still not sure which sites were affected, we have the perfect chart for you, created by the “digital forensic specialists” at LWG Consulting. Major sites ranging from Facebook and Google to Pinterest and Flickr were affected. Luckily, many financial institutions were not.
As we wrote yesterday, “Heartbleed arose inside a version of open-source OpenSSL cryptographic software. Information sitting inside the memory of a server should be encrypted, but a little bit of data could be pulled out under an attack. The vulnerability affected widely used infrastructure from cloud providers like Heroku and Amazon Web Services as well as networking hardware from vendors like Cisco and Juniper.”
VB's research team is studying web-personalization... Chime in here, and we’ll share the results.