Yesterday, a group of security researchers discovered a critical vulnerability in common TLS implementations. OpenSSL released a patch earlier this year, but due to the misconception that most servers/clients no longer supported the export RCA cipher suites, it was marked as a Low risk. But due to recent developments this has been found to be false. If you run a server, you should update to the latest version of OpenSSL.

If you’re running Nginx, we have a suggested TLS configuration. A utility to check your server for FREAK attack vulnerability.