Diginotar is a Dutch Certificate Authority. They sell SSL certificates.

Somehow, somebody managed to get a rogue SSL certificate from them on July 10th, 2011. This certificate was issued for domain name .google.com.

RSA was hacked in March. This was one of the biggest hacks in history.

Here's a new maxim for politicians, policy makers and public administrators: curtail, censor or otherwise limit communications technology in the real-world — expect online reprisals.

Google Search has a problem.

For several weeks now, Google Image search results have been increasingly tainted by Search Engine Optimization (SEO) poisoning. Numerous sites linked to scareware trojans and exploits via Google Image results are discovered every day. Many of these sites would otherwise be considered as safe but they've been compromised by a hack of some sort.

Google's method of crawling for and ranking images is part of the problem.

Surely nobody would sell stolen credit cards on Twitter?

Except they do.

For example, check out Mr. SshoaibAhmed:

Let's follow the link…

Google Docs allows users to create documents, spreadsheets, et cetera at google.com (hosted in Google's cloud):

Spreadsheets can even contain functionality, such as forms, and these can be published to the whole world.

Unfortunately, that means we regularly see phishing sites via Google Docs spreadsheets and hosted on spreadsheets.google.com.

Here are some examples:

Last night, I was searching for an old e-mail when I spotted this funny header:

Somebody had a sense of humor, inserting an XSS joke in e-mail headers.

I thought it was funny, so I posted about it to Twitter:

Few minutes later, I saw Robin Jackson reply with this:

While doing some spam research a couple of years ago, we did a series of test purchases from spam e-mails.

We bought pills, software, cigarettes, et cetera. We were a bit surprised that almost all of the orders went through and actually delivered goods. Sure, the Windows CD we got was a poor clone and the Rolex was obviously fake, but at least they sent us something.

We were carefully watching the credit card accounts we created for our tests but we never saw any fraudulent use of them.

Short URL services are problematic, and they are becoming even more so in combination with IP location technologies.

From twitter.com earlier today:

If you look closely, you'll notice it's one spambot, @olasher, replying to another spambot, @MorabsShimb3554. Lame, right?

Finland's parliamentary elections take place this weekend, on Sunday, April 17th. According to the Ministry of Justice's election statistics, 31.2% of Finland's eligible voters (4,159,857 people) have already cast their votes in early balloting. 2007's elections received a 67.9% overall turnout.