Encryption Keys Cold Boot Attack
If you are using an encryption program like TrueCrypt to keep your hard drive data encrypted, you should power down your PC when ever it is not being used.
A recent video, by researchers at Princeton, demonstrates how an attacker can recover the contents of RAM from a running machine, or even one that has only been shut down for a short period of time. If you have your encrypted drives mounted at the time of the physical attack then the encryption key can most likely be recovered from the memory image.
People, including most experts, previously believed that RAM instantly lost all of it's data when power was removed. This appears to not be the case with most DDR RAM, with memory taking a few seconds to several minutes to fade away.
Check out the video below for more information and a demonstration of the attack. Be sure to put your RAM modules through your shredder if you suspect an imminent physical attack.