Malware authors exploited the assassination of former Pakistani Prime Minister Benazir Bhutto to spread malware. Attackers set up fake blogs and webpages, which claimed to have rare video of Bhutto's death.

McAfee
revealed in a filing with the Securities and Exchange Commission that it has restated a decade of earnings, after the company disclosed that an internal investigation turned up stock option improprieties.

The Santa Clara, Calif.-based anti-virus vendor revealed that it will take on $137.4 million in additional charges from between 1995 and 2005. The company also budgeted $13.8 million to cover the settlement of lawsuits filed in 2006 related to the backdating scandal.


The University of California
agreed to pay the U.S. Department of Energy (DOE) a fine of $2.8 million as a result of a security breach at Los Alamos National Laboratory in 2006.

The university agreed not to challenge the fine and to “accept responsibility for the violations” that resulted from a subcontractor's employee stealing documents.

The settlement is slightly less than the $3 million penalty the federal government imposed on the university, which managed the laboratory for the DOE until June 2006.


A federal lawmaker introduced legislation that would codify two federal Office of Management and Budget memos ordering government departments to institute information security safeguards.

U.S. Rep. William Lacy Clay, D-Mo., introduced the Federal Agency Data Protection Act.
The memos that would be codified by the bill were released following a string of high-profile federal government breaches.


MySpace filed a lawsuit against Hong-Kong-based Blue China Group Ltd., alleging that the defendants engaged in a massive spam operation to harass users of the social networking website.
The group promoted items to overwhelm MySpace users with millions of messages, some of which were coded so as to be impossible to delete. The website sought an unspecified amount in damages.


TJX Companies settled a lawsuit with three banking groups over costs related to the retailer's data breach that may have exposed as many as 94 million accounts.

TJX, which owns Marshalls and T.J. Maxx, reached an agreement with the Massachusetts and Connecticut bankers' associations and the Maine Association of Community Banks. The agreement will be covered by the $256 million TJX has set aside in costs related to
the breach.


Symantec won $21 million in damages against a network of counterfeit software distributers.

The Cupertino, Calif.-based vendor had sought only $15 million in damages when it filed suit in U.S. District Court in Los Angeles in December 2006 against ANYI; SILI Inc.; and individuals, including Mark Ma, Mike Lee, John Zhant and Yee Sha.

Symantec worked in conjunction with the FBI and officials in China before Ma's arrest in July.


Hackers obtained the sensitive information of up to 12,000 visitors to the Oak Ridge National Laboratory by using a volley of phishing emails, according to officials at the facility.

Director Thom Mason told the organization's 4,200 employees that the recent attack on the Knoxville, Tenn.-facility was “part of a coordinated attempt to gain access to computer networks at numerous laboratories around the country.”


A laptop containing the personal information of an undisclosed number of Deloitte & Touche partners, principals and other employees was stolen while in the possession of a contractor scanning the firm's pension fund documents.

The laptop, protected by a password but not encrypted, contained confidential data, including names, Social Security numbers, birth dates and other personal information, such as hire and termination dates.