The Audit - Cybersecurity Podcast

IT Audit Labs

Brought to you by IT Audit Labs. Trusted cyber security experts and their guests discuss common security threats, threat actor techniques and other industry topics. IT Audit Labs provides organizations with the leverage of a network of partners and specialists suited for your needs. ​ We are experts at assessing security risk and compliance, while providing administrative and technical controls to improve our clients’ data security. Our threat assessments find the soft spots before the bad guys do, identifying likelihood and impact, while our security control assessments rank the level of maturity relative to the size of the organization.

  1. 4D AGO

    The Deepfake Hiring Crisis: AI Fraud in Job Interviews

    What happens when your next hire isn't who they claim to be? In this eye-opening episode of The Audit, we dive deep into the alarming world of AI-powered hiring fraud with Justin Marciano and Paul Vann from Validia. From North Korean operatives using deepfakes to infiltrate Fortune 500 companies to proxy interviews becoming the new normal, this conversation exposes the security crisis hiding in plain sight.  Key Topics Covered:  North Korean operatives stealing US salaries to fund nuclear programs How Figma had to re-verify their entire workforce after infiltration Live demonstrations of deepfake technology (Pickle AI, DeepLiveCam) Why 80-90% of engineers believe interview cheating is rampant Validia's "Truly" tool vs. Cluely's AI interview assistance The future of identity verification in remote work Why behavioral biometrics might be our last defense This isn't just about hiring fraud—it's about the fundamental breakdown of digital trust in an AI-first world. Whether you're a CISO, talent leader, or anyone involved in remote hiring, this episode reveals threats you didn't know existed and solutions you need to implement today.   Don't let your next hire be your biggest security breach. Subscribe for more cutting-edge cybersecurity insights that you won't find anywhere else.  #deepfakes #cybersecurity #hiring #AI #infosec #northkorea #fraud #identity #remote #validia

    41 min

  2. AUG 11

    How CTF Culture Gamifies Your Way to Unbreakable Security Teams

    Can you spot the difference between real cybersecurity talent and someone using ChatGPT to fake their way through interviews? In this episode of The Audit, Thomas Rogers from Meta CTF reveals how Capture the Flag competitions are becoming the ultimate litmus test for authentic cyber skills—and why traditional hiring methods are failing in the AI era.  Whether you're a CISO looking to revolutionize your hiring process, a security professional wanting to level up your skills, or just curious about what happens when cybersecurity meets escape room logic, this episode delivers actionable insights you can implement immediately.  Key Topics Covered:   How Meta CTF's Jeopardy-style competitions work and why they're addictive Real examples of CTF challenges that test critical thinking over pure technical knowledge The shocking rise of AI-assisted interview cheating (and how to spot it)  Why "CTF culture" is becoming the new hiring differentiator for top security teams  Practical tips for using competitions to build team camaraderie and retention How smaller companies can compete with Big Tech for cybersecurity talent Don't let your next hire fool you with AI-generated answers. Learn how CTF competitions reveal the real problem-solvers from the pretenders. Like, share, and subscribe for more cybersecurity hiring secrets that actually work!  #MetaCTF #CybersecurityHiring #CTF #InfoSec #CyberSecurity #AIInterviews #TechRecruiting

    30 min

  3. JUL 28

    Cybersecurity News: Vikings Vishing Lost $240K, Scattered Spider & F1 Racing

    Dallas Turner's $240,000 fraud loss isn't just celebrity news—it's a wake-up call for anyone with a bank account. When even NFL linebackers fall victim to social engineering, what does that mean for the rest of us?  In this episode of The Audit, co-hosts Joshua Schmidt, Eric Brown, and Nick Mellem break down the sophisticated tactics behind this massive financial fraud and reveal why help desk vulnerabilities are becoming cybercriminals' favorite attack vector. From Scattered Spider's multi-industry campaigns to the unexpected cybersecurity challenges facing Formula 1 racing, this episode covers the evolving threats that no security professional can afford to ignore.  🎯 Key Topics Covered:  How banking impersonation scams work and red flags to watch for  Why Scattered Spider targets help desks and how to defend against it  The surprising cybersecurity risks in high-speed Formula 1 racing  Practical steps to protect yourself from social engineering attacks  Why MFA fatigue is becoming a serious security vulnerability Don't let social engineering catch you off guard. The tactics that fooled a professional athlete could easily target your organization next.  #cybersecurity #socialengineering #scatteredspider #financialfraud #infosec

    22 min

  4. JUL 14

    Grassroots Cybersecurity: Protecting Communities Through Education

    What does it take to build real cybersecurity skills in underserved communities? In this episode of The Audit, Rasheed Alowonle shares his journey from Chicago to becoming a cybersecurity educator and community advocate. This isn't your typical career advice—it's about fortifying communities through practical security hygiene and hands-on learning. Co-hosts Joshua J Schmidt, Eric Brown, and Nick Mellum dive deep with Rasheed on his mission to teach cybersecurity fundamentals where they're needed most. From TryHackMe demonstrations to real-world privacy protection, this conversation reveals how grassroots education can transform both individuals and entire communities.  Key Topics Covered:  Building cybersecurity skills in underserved communities • Practical privacy protection for families and neighborhoodsCareer development through hands-on learning platforms The critical importance of in-person networking in tech Why protecting your digital identity protects your communityDon't wait to start building your cybersecurity career—your community needs you. Like, share, and subscribe for more real-world security insights that matter! #cybersecurity #infosec #careerdevelopment #networking #community #privacy #tryhackme

    33 min

  5. JUN 30

    Tabletop Exercises 2.0: How OpsBook Is Changing the Game

    What happens when your carefully crafted incident response playbook becomes worthless? Cody Sullivan from OpsBook reveals the brutal truth about tabletop exercises: most organizations are practicing with medieval armor for a drone war. From 70-participant, 6-hour exercises spanning three continents to the harsh reality of insider threats, this conversation exposes the gaps that could leave your organization bleeding when the real attack comes.  Key Topics Covered:  Why "tribal knowledge" is your organization's biggest security risk The insider threat scenario that makes every tabletop exercise go sideways How AI is revolutionizing incident response preparation through OpsBook's ontology Why your playbooks are useless if hackers have them too The "Derek Jeter approach" to cybersecurity preparedness From real estate to tech: spotting warning signs before the industry shift The crew shares fresh insights from a recent school district tabletop that exposed critical single points of failure, while Cody demonstrates how modern organizations are turning decision-making into muscle memory, not just memos. This isn't theory—it's the frontlines of organizational resilience where one overlooked vulnerability could trigger catastrophic failure.  Like, share, and subscribe for more in-depth security discussions that prepare you for tomorrow's threats, not just today's compliance checkboxes!  #tabletopexercise #incidentresponse #cybersecurity #infosec #AI #opsbook

    39 min

  6. JUN 16

    The Invisible Threats: OT Meets IT in Modern Manufacturing

    Think you can manage industrial systems like your IT infrastructure? Think again. In this episode of The Audit, Dino Busalachi unpacks the high-stakes complexity of OT-IT convergence—and why your trusty IT playbook flatlines on the plant floor.  Join the IT Audit Labs crew as we dive into the chaos of managing 10,000+ industrial assets across a sprawling landscape of vendors, protocols, and operational rules that laugh in the face of standardization. From Siemens to Rockwell to Honeywell, Dino draws sharp parallels to hospital systems juggling specialized third-party contractors—because in the world of OT, consistency is a luxury and adaptability is survival. 🔧 Key Topics Covered:   • Why OT environments resist IT standardization efforts   • Managing thousands of industrial assets from multiple vendors   • The hospital analogy: treating OT specialists like medical contractors  • Building effective partnerships between OT and IT teams • Real-world challenges of securing industrial control systems  #OTSecurity #ITConvergence #IndustrialCybersecurity #SCADA #PLC #CriticalInfrastructure

    40 min

  7. JUN 2

    Pwnagotchi: The AI Pet That Hunts Your Network Credentials

    What happens when you cross a Tamagotchi with a Wi-Fi hacking tool? You get the Pwnagotchi—a pocket-sized device that "feeds" on Wi-Fi handshakes and learns from its environment. In this episode, Jayden Traufler and Cameron Birkland join the crew to demonstrate how this deceptively cute device can passively capture encrypted Wi-Fi credentials from any network in range, autonomously gather handshakes, share intelligence with other Pwnagotchis, and operate completely under the radar from conference floors to airplane cabins in ways that might surprise you.  Key Topics Covered:  How the Pwnagotchi captures Wi-Fi handshakes through deauthentication attacks  Why WPA3 networks are immune (and why most networks still aren't using it) Building your own Pwnagotchi vs buying a Flipper Zero with Wi-Fi dev board Real defense strategies beyond "just turn off your Wi-Fi" The legal gray areas of passive Wi-Fi monitoring  Conference horror stories and the 600-handshake airplane incident Whether you're a security professional looking to understand emerging threats or someone curious about DIY hacking tools, this episode delivers practical insights you can use to protect your networks today. The Pwnagotchi proves that the most dangerous attacks often come in the most innocent packages.  Don't let your organization become the next victim of passive Wi-Fi attacks. Like, share, and subscribe for more hands-on cybersecurity content that keeps you ahead of emerging threats!  #Pwnagotchi #cybersecurity #wifihacking #ethicalhacking #infosec #flipper zero  Relevant Links:  Jayden Traufler LinkedIn

    35 min

  8. MAY 12

    Pi-hole: The Open Source DNS Firewall Revolutionizing Network Security

    Your network is talking behind your back—but Pi-hole is listening. Join The Audit as Pi-hole co-founders Dan Schaper and Adam Warner reveal how their open-source DNS sinkhole technology has become the secret weapon for over 200,000 privacy-conscious users worldwide.  In this episode, we discuss:  How Pi-hole evolved from a simple ad blocker to a critical network security tool Why DNS-level filtering stops threats before they reach any of your devices The performance benefits that make browsing noticeably faster Setting up Pi-hole on everything from Raspberry Pi to enterprise hardware How the global development team maintains this powerful security shield Protecting vulnerable IoT devices from malicious traffic The future roadmap for Pi-hole and opportunities to contribute Don't miss this deep dive into the technology that's reclaiming control of digital footprints one DNS request at a time. Connect with the Pi-hole community at discourse.pi-hole.net and discover why cybersecurity professionals consider this an essential defensive tool.  Like, share, and subscribe for more cutting-edge cybersecurity insights and expert analysis!  #pihole #DNSfiltering #networksecurity #adblocking #privacytools #cybersecurity #opensource #infosec

    40 min
See All (72)

Ratings & Reviews

5
out of 5
6 Ratings

About

Brought to you by IT Audit Labs. Trusted cyber security experts and their guests discuss common security threats, threat actor techniques and other industry topics. IT Audit Labs provides organizations with the leverage of a network of partners and specialists suited for your needs. ​ We are experts at assessing security risk and compliance, while providing administrative and technical controls to improve our clients’ data security. Our threat assessments find the soft spots before the bad guys do, identifying likelihood and impact, while our security control assessments rank the level of maturity relative to the size of the organization.

Information

You Might Also Like