Security Vulnerability Found On US Federal Government Contractors Site
dstates writes "SAM (Systems for Awards Management) is a financial management system that the US government requires all contractors and grantees to use. This system has recently been rolled out to replace the older CCR system. Friday night, thousands of SAM users received the following message: 'Dear SAM user, The General Services Administration (GSA) recently has identified a security vulnerability in the System for Award Management (SAM), which is part of the cross-government Integrated Award Environment (IAE) managed by GSA. Registered SAM users with entity administrator rights and delegated entity registration rights had the ability to view any entity's registration information, including both public and non-public data at all sensitivity levels.' From March 8 to 10, any registered user who searched the system could view confidential information including account and social security numbers for any other user of the system. Oops! The Government Services administration says that they ...
ability
administration
awards
ccr
dear
entity
environment
government
gsa
iae
information
management
oops
registration
sam
security vulnerability
sensitivity
service
Found more than 1 month ago on channel
Slashdot
Ask Slashdot: How To Convince a Company Their Subscriber List Is Compromised?
jetkins writes "As the owner of my own mail domain, I have the luxury of being able to create unique email addresses to use when registering with web sites and providers. So when I started to receive virus-infected emails recently, at an address that I created exclusively for use with a well-known provider of tools for the Systems Administration community (and which I have never used anywhere else), I knew immediately that either their systems or their subscriber list had been compromised. I passed my concerns on to a couple of their employees whom I know socially, and they informed me that they had passed it up the food chain. I have never received any sort of official response, nor seen any public notification or acceptance of this situation. When I received another virus-infected email at that same address this week, I posted a polite note on their Facebook page. Again, nothing. If it was a company in any other field, I might expect this degree of nonchalance, but given the fact that ...
acceptance
action
administration
community
consciousness
facebook
nonchalance
notifications
reticence
service
situation
slashdot
Found more than 1 month ago on channel
Slashdot
Space Shuttle Items For Sale Soon VIa GSA Auction
shortyadamk writes "According to the Government Services Administration auction page: 'Attention GSA Auctions bidders and interested participants. NASA (National Aeronautics and Space Administration) Space Shuttle Program has retired and NASA has partnered with GSA Auctions to sell the many shuttle related items through a series of auctions in 2012.' The only catch is that you must be a U.S. Citizen and schedule a visit 48 hours ahead of time to pick up your item. I'm not really sure which piece of the shuttle I'd want the most... Those robotic arms are pretty sweet."
administration
aeronautics
attention
auction
government
gsa
nasa
national
service
Found more than 1 month ago on channel
Slashdot
GSA scandal hits travel groups, convention hosts
The fallout from the General Services Administration's headline-grabbing Las Vegas convention scandal is rippling through the travel and conference industries, who say their nascent recovery is being jeopardized by increasing scrutiny on government travel spending.
administration
conference
convention
government
gsa
las vegas
service
Found more than 1 month ago on channel
Reuters