The TSA is still investigating a former contract worker accused of stealing coworkers' personal information, say officials.

A researcher at SecurityReason has posted proof of concept exploit code to demonstrate a vulnerability in MacOS X 10.5 and 10.6. The code exploits a buffer overflow vulnerability in the operating systems and is based on its OpenBSD kernel. OpenBSD has the same flaw, SecurityReason said.

Heartland Payment Systems is going to pay Visa up to $60 million as part of a settlement program to help card issuers recover losses incurred after the massive data breach that Heartland suffered last year.

Juniper Networks is warning that its gateway routers have a critical flaw that lets attackers crash them by sending small amounts of traffic that can be spoofed.

The Financial Services Information Sharing and Analysis Center (FS-ISAC) is planning a series of simulated cyber attacks to see how well financial institutions and retailers cope with online threats, according to reports.

Two Kansas residents have been accused of identity theft, bank fraud, and conspiracy after allegedly passing stolen checks using misappropriated identities.

Companies have just six months to replace wireless car payment hardware it failed to remain compliant with Payment Card Industry (PCI) standards. The insecure Wired Equivalent Privacy (WEP) protocol becomes noncompliant with the standard in June.

The publisher of the Samy MySpace worm, Samy Kamkar, claims to have found a vulnerability that enables an attacker to identify a victim's geographic location using their home router.

Conficker infections are said to have dropped significantly in late December and over the new year, plummeting by 820 000 to 5.3 million on January 1 alone.

Anti-spyware researcher Ben Edelman is accusing Google of covering advertisers' sites with spyware-delivered pop-ups.

And finally, Sunbelt Software flagged up a story that we wrote, and came back with some interesting responses. Thanks, Tom.