A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Wednesday, October 22nd, 2025: NTP Pool; Xubuntu Compromise; Squid Vulnerability; Lanscope Vuln;
October 21, 2025
6:37
1.11 MB ( 4.44 MB less)
Downloads: 0
What time is it? Accuracy of pool.ntp.org.
How accurate and reliable is pool.ntp.org? Turns out it is very good!
https://isc.sans.edu/diary/What%20time%20is%20it%3F%20Accuracy%20of%20pool.ntp.org./32390
Xubuntu Compromise
The Xubuntu website was compromised last weekend and served malware
https://floss.social/@bluesabre/115401767635718361
Squid Proxy Vulnerability
The Squid team fixed an information disclosure vulnerabilty that may leak authentication credentials.
https://github.com/squid-cache/squid/security/advisories/GHSA-c8cc-phh7-xmxr
Lanscope Endpoint Manager Vulnerablity
https://jvn.jp/en/jp/JVN86318557/index.html