Disclosures by groups including LulzSec, Anonymous and Wikileaks have highlighted that poor security is endemic throughout government websites. During July, Netcraft's anti-phishing toolbar blocked 146 new phishing attacks hosted on government websites. Nearly half of these used the gob.pe secondary top-level domain, making the government of Peru the phishiest in the world.

Unusually, more than a third of these government-hosted phishing attacks targeted a single British financial institution, Lloyds Banking Group. Halifax and Lloyds TSB, which are subsidiaries of the group, were each targeted more times than any other organisation, including PayPal.

Some of these government-hosted phishing sites were even used to attack other governments. The website of the UK government, Directgov, was targeted in 14 of these phishing attacks. All of the phishing content used in these attacks was hosted on Peruvian government domains, but has since been removed.

Not all of the phishing sites blocked last month have been taken down. Near the beginning of July, Netcraft blocked an Amazon phishing site on a Polish government TLD, but the fraudulent content is still being served today, more than a month later. This was the only new phishing site to appear on a Polish government website in July, and was unusually served from a compromised FTP server. By supplying valid FTP credentials as part of the URL, a fraudster can make the site viewable in any modern web browser as if it were an ordinary website served over HTTP or HTTPS:

Phishing sites are regularly hosted on compromised servers. By using someone else's web server, an attacker can create a phishing site without having to register any domain names or pay for hosting services. Certain TLDs may also be perceived as being more trustworthy than others, but this is not always a safe assumption.

For example, the .gov TLD is restricted for use by government entities in the United States, so content on these sites is often assumed to be legitimate without much thought. However, www.caldwelltx.gov was presumably compromised at some point, as it was seen serving a Halifax phishing site in July.

Netcraft also found several government websites that had been defaced by "Al3x 0wn5". One Indonesian government site was still defaced at the time of publication, and displayed a mock root prompt on its homepage:

The demonstrably poor security of some government websites may have much wider implications for a country's population. For example, if a remote attacker is able to deface a site or upload arbitrary phishing content, it may also be possible to gain unauthorised access to backend databases or divert any payment details transmitted through the site.

StartSSL has suspended issuance of digital certificates and related services following a security breach on 15 June. A trademark of Eddy Nigg's StartCom, the StartSSL certificate authority is well known for offering free domain validated SSL certificates, but also sells organisation and extended validation certificates.

More than 25 thousand websites in Netcraft's SSL survey use certificates issued by StartSSL. These are recognised by Internet Explorer, Firefox, Chrome and other mainstream browsers.

StartSSL is not alone in offering free certificates. AffirmTrust recently trumped StartSSL's one-year certificates with its own offer of free three-year domain validated SSL certificiates. Coincidentally, AffirmTrust announced its launch on the same day as the StartSSL security breach.

StartSSL is also not the only certificate authority to come under attack this year. In March, Comodo came under attack through three of its resellers. By compromising a GlobalTrust website, the so-called ComodoHacker managed to fraudulently issue several valid certificates, including ones for the login pages of Yahoo and Skype. These certificates were subsequently revoked and browser software was updated to explicitly blacklist them.

The UK Serious Organised Crime Agency (SOCA) is back online after a distributed denial of service (DDoS) attack by LulzSec forced the agency to take their website offline yesterday.

A SOCA spokesman told BBC News that the agency had chosen to take its website offline to limit the impact on other clients hosted by their service provider, Connect Internet Solutions.

The agency – which is responsible for pro-active operations against serious and organised crime – was targeted as part of Operation Anti-Security (#AntiSec), which was announced on Sunday. The top priority of the operation is to "steal and leak any classified government information, including email spools and documentation. Prime targets are banks and other high-ranking establishments."

With reference to its DDoS capabilities, LulzSec also added: "If they try to censor our progress, we will obliterate the censor with cannonfire anointed with lizard blood."

Following last week's release of the X Factor 2011 contestant database on BitTorrent, The Lulz Boat (LulzSec on Twitter) has today released the passwords and email addresses of dozens of FOX employees.

Other files uploaded by LulzSec today suggest that the data may have been obtained through a hidden PHP script planted on fox.com, which allowed unauthorised access to a live production database. The attackers also listed the locations and partial content of several PHP configuration files on the server.

Earlier this week, two FOX Twitter accounts were also compromised. Both FOX UP and Fox 15 were hacked, presumably by LulzSec:

LulzSec also claimed to have hacked into 14 LinkedIn accounts belonging to FOX staff. The addresses of the affected accounts were posted on Pastebin.com on Monday, but the profiles have since been taken down.

LulzSec deny being vigilantes, cyberterrorists, or having any political motives. They say "we do it for the lulz" – an expression made popular by a FOX11 news report from 2007, which is often mocked for its inaccurate portrayal of the group Anonymous. Sven Slootweg, owner of AnonNews.org, described the FOX11 report as "complete nonsense" and told Netcraft that it had "spawned a ton of memes".

Parts of the Sony PlayStation Network are coming back online after more than two weeks of continuous downtime.

The PlayStation Store website went online around 02:00 UTC today, although online gaming services through the PlayStation Network are still undergoing maintenance.

Sony yesterday began the final stages of testing the new PlayStation Network and Qriocity services, making sure they are secure before the services are relaunched.

Six days after the PlayStation Network was taken offline, Sony revealed that 77 million users' names, addresses, email addresses, birth dates, logins and passwords had been compromised by hackers. Although the passwords were transformed with a cryptographic hashing function, weak passwords may nonetheless be vulnerable to offline brute-force attacks. Accordingly, Sony recommended that users change their passwords if they use the same credentials for other, unrelated services.

Although credit card details were stored in an encrypted format, these could also be at risk if the decryption key was stored on, or made available to, any of the compromised servers. However, as of Wednesday, the major credit card companies have not reported any fraudulent transactions resulting directly from the Sony security breach.