“Attackers are increasingly using encryption to slip past traditional defenses, with the most common being spearphishing over popular Webmail applications that we each use every day, such as Gmail, Yahoo!, or Office 365, which all use SSL encryption by default.”
As has happened so many times in both the virtual and physical worlds, the good guys develop a technology designed to protect them from the bad guys, and then the bad guys find a way to use it against us.
Read more here:
http://www.securityweek.com/when-youre-talking-ssl-heartbleed-isnt-only-thing-worry-about