Yesterday, Google
announced that there was an attempted SSL man-in-the-middle attack against its
users. The majority of affected users were in Iran, so it was contained to a
geographic area. However, someone tried to get between the users and encrypted
Google services by using a fraudulent SSL certificate issued by DigiNotar.
DigiNotar did not have permission to issue
certificates for Google, and has since stopped doing so.
Google also reports that Google Chrome users
were protected from the attack by being able to detect the fraudulent
certificate. Mozilla and Microsoft also took quick action to protect users with
fraud prevention
systems.
Google suggests keeping your operating systems
and web browsers up to date and pay special attention to any and all warnings.