Security: Windows Back Doors, BSD's Recent Security Innovations, China, Australia and Reproducible Builds in May 2019 Warnings of world-wide worm attacks are the real deal, new exploit shows The video shows a module Dillon wrote for the Metasploit exploit framework remotely connecting to a Windows Server 2008 R2 computer that has yet to install a patch Microsoft released in mid May. At about 14 seconds, a Metasploit payload called Meterpreter uses the getuid command to prove that the connection has highly privileged System privileges. In the remaining six seconds, the hacker uses the open source Mimikatz application to obtain the cryptographic hashes of passwords belonging to other computers on the same network the hacked machine is connected to.

Baltimore’s bill for ransomware: Over $18 million, so far It has been a month since the City of Baltimore's networks were brought to a standstill by ransomware. On Tuesday, Mayor Bernard "Jack" Young and his cabinet briefed press on the status of the cleanup, which the city's director of finance has estimated will cost Baltimore $10 million—not including $8 million lost because of deferred or lost revenue while the city was unable to process payments. The recovery remains in its early stages, with less than a third of city employees issued new log-in credentials thus far and many city business functions restricted to paper-based workarounds.

Recent Security Innovations There have been some recent security innovations previously unreported here:

New flag "MAP_CONCEAL" for mmap(2) allocations

No syscalls from pages where PROT_WRITE is still enabled

China tightens South Korea visa rules 'after Huawei rebuff' China has tightened business visa rules for citizens of US ally South Korea, after Seoul chose telecommunications providers other than Huawei for its upcoming network projects.

ANU breach due to the kind of data it held: security pro The Australian National University suffered a data breach because of the type of data it held, a security professional from privileged account management solution provider Thycotic claims.

Reproducible Builds in May 2019 Welcome to the May 2019 report from the Reproducible Builds project! In our reports we outline the most important things which have been up to in and around the world of reproducible builds & secure toolchains over the past month. As a quick recap, whilst anyone can inspect the source code of free software for malicious flaws, almost all software is distributed to end users pre-compiled. The motivation behind reproducible builds effort is to ensure no malicious flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing third-parties to come to a consensus on whether a build was compromised.