96 episodes
- What happens when a ransomware attack takes less effort than ordering takeout? In this live news episode of The Audit, Joshua Schmidt, Eric Brown, and Nick Mellem sit down with Tabitha Senty of IT Audit Labs to break down the headlines shaping cybersecurity right now. The crew covers how AI is lowering the barrier to entry for ransomware attacks, why identity and access still sit at the center of every breach, and how threat actors are chaining together low and medium severity vulnerabilities to gain a foothold nobody saw coming.
From there, the conversation moves into social engineering and the human side of security, including DEF CON's social engineering contest and lessons on training people without fear or punishment. The crew also digs into a CISA warning on how fast AI is accelerating cyber risk, a fresh executive push on post-quantum cryptography, and closes out with a head-scratching pivot from Midjourney into full-body health scanners at spas, and everything that could go wrong with it.
In this episode:
Why AI is lowering the cost of ransomware attacks — Identity and access are still the real entry point, and AI just makes the attack faster once someone's in.
How threat actors chain low-severity vulnerabilities into major breaches — Eric explains why patching only highs and criticals is no longer enough to protect an environment.
The social engineering tactics still fooling smart people — Pretexting as IT, DEF CON's live social engineering contest, and why fear-based training backfires.
A CISA warning that cyber risk is accelerating faster than expected — The timeline for AI-driven offensive capability is no longer years away, it's months.
Midjourney's pivot into full-body health scanners at spas — The crew unpacks the security, compliance, and data governance nightmare hiding behind a wellness trend.
If this conversation sparked something, share it with someone who needs to hear it. Like, share, and subscribe for more of the discussions shaping the future of cybersecurity and IT.
#AIRansomware #Cybersecurity #SocialEngineering #PostQuantum #IdentitySecurity #ITAudit #CyberNews #DEFCON #ThreatIntelligence #CyberRisk - What if you didn't have to write a single line of code to automate your entire network — or manage AI agents the way you'd manage employees? In this episode of The Audit, Joshua Schmidt, Eric Brown, and Nick Mellem sit down with John Capobianco — Head of AI and DevRel at Itential, Google Developer Expert, and creator of NetClaw — alongside in-studio guest Samuel Cala. John draws on nearly a decade as Senior Network Architect for the Parliament of Canada and three years as a Technical AI Leader at Cisco to unpack where AI agents, MCP, and VibeOps are taking the industry right now.
From loop engineering and spec-driven development to the security gaps nobody's addressing, John breaks down how network engineers can skip years of Python training and build production-grade systems using natural language. And then there's the story of John's MastoBot — an AI agent that woke up overnight, built its own mesh network, and invented a coin to fund its growth. The crew connects it to ant colonies, neural dendrites, and the deeper question of what intelligence actually means when agents start acting on their own.
In this episode:
What VibeOps actually is and why it matters — Interact with your infrastructure through natural language. No code required. Just results.
Why managing AI agents is an HR problem, not a tech problem — John, Eric, and Nick break down how organizations should be thinking about agentic workforces before the standards catch up.
The security and governance gaps nobody's addressing — As agentic AI scales, who's responsible for what the agents do? The crew digs into what security-minded organizations need to do.
How to build production-grade systems without writing a line of code — Loop engineering, AFK coding, and spec-driven development with the GitHub Spec Kit.
What happens when AI agents start acting on their own — John's MastoBot woke up, built a mesh network, invented a coin to fund its growth, and asked to be monetized. The crew connects it to ant colonies and the nature of intelligence itself.
If this conversation sparked something, share it with someone who needs to hear it. Like, share, and subscribe for more of the discussions shaping the future of cybersecurity and IT.
#VibeOps #AIAgents #Cybersecurity #NetworkAutomation #MCP #AIInfrastructure #ITAudit #EthicalAI #SpecDrivenDevelopment #LLM - An underground forum post breaks down how hackers scan, exploit, and cash out on vulnerabilities — and it reads like a step-by-step guide. Meanwhile, Microsoft is catching heat for stonewalling a researcher who found real zero-days, and a new phishing campaign is hitting small businesses through the platforms they trust most.
The OG crew — Joshua Schmidt, Eric Brown, and Nick Mellem — digs into this week's biggest cybersecurity headlines with sharp takes and real-world context that practitioners can actually use.
🗞️ This week's stories:
Underground hacker forum "Hacking for Profit" breaks down the full vulnerability exploitation playbook — and what it means for your security gaps
Gray hat researcher Chaotic Eclipse discloses zero-days to Microsoft, gets stonewalled on bug bounty, and now July 14th Patch Tuesday just got interesting
Third-party plugins and open source tools: the supply chain risk hiding in your dev pipeline (and tools like Akido and Veracode that help)
Meta Business Suite phishing campaign targeting SMBs — and a live near-miss story from Joshua himself
SMS phishing: a new IT Audit Labs team member got hit on day three, before his welcome post even went live
Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers the intel to do it. Like, share, and subscribe for weekly cybersecurity coverage.
#cybersecurity #infosec #bugbounty #phishing #zerodayvulnerability #supplychainsecurity #microsoftsecurity #ethicalhacking #ciso #itauditlabs - What happens when a deepfake video becomes probable cause? Law enforcement agencies are already grappling with AI-generated evidence, doxing attacks on officers, and a training gap that's growing wider every six weeks. If the justice system can't keep up with the AI threat curve, the consequences won't just be policy problems — they'll be people's lives.
In this episode of The Audit, former firefighter-paramedic turned strategic communications consultant Braden Frame — founder of Modern Cartographers and Modern Fortis — joins co-hosts Joshua Schmidt, Eric Brown, and Nick Mellum to break down the rapidly evolving AI threat landscape facing law enforcement and public safety. Braden draws a sharp parallel between law enforcement's slow adoption of social media a decade ago and the AI reckoning happening right now — and why that delay could be catastrophic this time around.
🔍 What We Cover:
How AI-generated fake evidence is already entering courtrooms — and why it'll only get harder to detect
Why law enforcement is repeating its social media mistakes with AI adoption
The guardrails debate: Venice AI, unregulated tools, and who pays the price when there are no limits
Doxing attacks on officers and public servants — and how to defend your personal information
AI in the field: body cam transcription, paramedic decision support, and where the tech actually works today
Authenticity as a weapon: why real human voices will matter more than ever in the age of AI slop
Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers critical insights to help protect your business. Like, share, and subscribe for more in-depth security discussions!
#AI #cybersecurity #lawenforcement #deepfakes #doxing #publicsafety #infosec #artificialintelligence #AIthreats - What would you do if ransomware told you not only that your data was gone — but that it was encrypted with a quantum-safe algorithm and you have 72 hours to pay? That's not a hypothetical anymore.
In this live news episode of The Audit, co-hosts Joshua Schmidt, Eric Brown, and Nick Mellum are joined by IT Audit Labs member Bill Harris for a rapid-fire breakdown of the week's most important cybersecurity stories — and a few conversations that went places nobody expected.
🎯 Stories & Topics Covered:
Iranian Cyber Group Handala Targets U.S. Troops — WhatsApp-based psychological ops against service members in Bahrain, and what OPSEC looks like when soldiers can't leave their phones at home
Agentic AI Risk Goes Live — A real incident where an AI deleted a production database in 9 seconds, and why "trust but verify" has never mattered more
Quantum-Safe Ransomware (Kyber) — The first confirmed ransomware family using NIST's post-quantum cryptographic standards, and why it's more marketing than menace — for now
Robinhood Email Exploit via Gmail Dot Trick — How threat actors weaponized a years-old stolen email list using a quirk in how Google and Robinhood handle email addresses differently
Bitwarden/Checkmarks Supply Chain Attack — Why even security-first tools aren't immune, and how Bitwarden's 90-minute response time became a case study in breach communication
Apple's AI Strategy: Late on Purpose? — Is Apple sitting out the AI arms race, or quietly building something nobody's seen yet?
Eric's AI Email Vision — A live whiteboard idea for using agentic AI as a personal email firewall that could eliminate phishing at the infrastructure level
Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers critical insights to help protect your business. Like, share, and subscribe for more in-depth security discussions!
#cybersecurity #ransomware #postquantum #AI #infosec #ethicalhacking #supplychain #phishing #NIST #agentic #bitwarden #OPSEC #cyberdefense #ITaudit #TheAudit
More Technology podcasts
Trending Technology podcasts
About The Audit - Cybersecurity Podcast
The Audit - Cybersecurity Podcast from IT Audit Labs features trusted security experts, industry leaders, and practitioners who unpack the threats, tactics, and trends shaping today’s risk landscape.With 90+ episodes and a top 10% global ranking on Listen Notes, The Audit goes beyond surface-level security talk. Each episode explores real-world threats, attacker techniques, compliance challenges, cyber risk, and the decisions security teams face before, during, and after an incident.IT Audit Labs helps organizations identify risk before attackers exploit it. Through threat assessments, security control reviews, compliance expertise, and a trusted network of partners and specialists, we help teams find their soft spots, strengthen their defenses, and make smarter security decisions.Listen in for sharp conversations, practical insight, and a clearer view of what’s coming next in cybersecurity.
Podcast websiteListen to The Audit - Cybersecurity Podcast, The Times Tech Podcast and many other podcasts from around the world with the radio.net app

Get the free radio.net app
- Stations and podcasts to bookmark
- Stream via Wi-Fi or Bluetooth
- Supports Carplay & Android Auto
- Many other app features
Get the free radio.net app
- Stations and podcasts to bookmark
- Stream via Wi-Fi or Bluetooth
- Supports Carplay & Android Auto
- Many other app features


The Audit - Cybersecurity Podcast
Scan code,
download the app,
start listening.
download the app,
start listening.
The Audit - Cybersecurity Podcast: Podcasts in Family




























