1. Mass-compromise attack injects malware into pages and redirects victims to a site that then downloads Trojans and keylogger code
2. Google is testing using HTTPS by default on all Gmail pages, though the move would likely inhibit performance
3. Researchers at Finjan outlined a sophisticated one-stop show for cyber-criminals buying and trading in infected computers. Called Golden Cash, the network has been linked to the compromises of around 100,000 PCs and FTP credentials.