SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Wednesday, October 22nd, 2025: NTP Pool; Xubuntu Compromise; Squid Vulnerability; Lanscope Vuln;
5 snips
Oct 22, 2025 Discover the impressive accuracy of pool.ntp.org, syncing time to within 10–100 milliseconds. Uncover the recent compromise of the Xubuntu website, which was serving malware to unsuspecting users. Learn about a vulnerability in the Squid Proxy that could leak authentication credentials and the urgent need for updates. Plus, find out about a serious RCE vulnerability in Lanscope that has already been exploited, emphasizing the importance of timely patching.
AI Snips
Chapters
Transcript
Episode notes
Public NTP Pool Is Surprisingly Accurate
- pool.ntp.org servers are highly accurate with over 90% within 10 milliseconds of accuracy.
- That level of precision is sufficient for most small business and home network time synchronization needs.
Don't Abandon Public NTP Servers
- If you run a public NTP server, stick to it because clients will keep querying it even when unreachable.
- Use the ISC feed to inspect NTP data and spot anomalies or false positives from firewalls.
Xubuntu Download Links Served Malware
- The Xubuntu site was compromised and served a clipboard‑stealing cryptominer during a ~12 hour window on Sunday.
- The malware persisted via a registry entry and was widely detected by antivirus, and the main Ubuntu site was unaffected.