from the ocean's-down-under dept.
iComp writes "A sophisticated scheme to use a casino's own security systems against it has netted scammers $33 million in a high-stakes poker game after they were able to gain a crucial advantage by seeing the opposition's cards. The team used a high-rolling accomplice from overseas who was known to spend large amounts while gambling at Australia's biggest casino, the Crown in Melbourne, according to the Herald Sun. He and his family checked into the Crown and were accommodated in one of its $30,000-a-night villas. The player then joined a private high-stakes poker game in a private suite. At the same time, an unnamed person got access to the casino's CCTV systems in the poker room and fed the information he gleaned back to the player via a wireless link. Over the course of eight hands the team fleeced the opposition to the tune of $33 million."
dstates writes "SAM (Systems for Awards Management) is a financial management system that the US government requires all contractors and grantees to use. This system has recently been rolled out to replace the older CCR system. Friday night, thousands of SAM users received the following message: 'Dear SAM user, The General Services Administration (GSA) recently has identified a security vulnerability in the System for Award Management (SAM), which is part of the cross-government Integrated Award Environment (IAE) managed by GSA. Registered SAM users with entity administrator rights and delegated entity registration rights had the ability to view any entity's registration information, including both public and non-public data at all sensitivity levels.' From March 8 to 10, any registered user who searched the system could view confidential information including account and social security numbers for any other user of the system. Oops! The Government Services Administration says that they have fixed the problem."