Show cover of The Audit - Presented by IT Audit Labs

The Audit - Presented by IT Audit Labs

Brought to you by IT Audit Labs. Trusted cyber security experts and their guests discuss common security threats, threat actor techniques and other industry topics.IT Audit Labs provides your organization with the leverage of a network of partners and specialists suited for your needs.​We are experts at assessing security risk and compliance, while providing administrative and technical controls to improve our clients’ data security. Our threat assessments find the soft spots before the bad guys do, identifying likelihood and impact, while our security control assessments rank the level of maturity relative to the size of your organization.

Tracks

Inside the Hak5 Pineapple: Tools, Tips, and Real-World Applications
Unlock the secrets behind the powerful HAC5 Pineapple tool in this episode of The Audit.  Hosts Eric Brown and Nick Mellum, joined by Cameron Birkeland, explore the tool's functionalities and features, offering practical insights and real-world applications. Discover how the HAC5 Pineapple can enhance your cybersecurity measures, with discussions on model comparisons, security implications, and best practices. In this episode we’ll cover What is the HAC5 Pineapple? Comparing the Tetra and Mark 7 models Real-world uses and case studies for the Pineapple Key security implications and best practices Cool features of the Pineapple and a live demo How to generate detailed reports with the Pineapple Join us for an engaging discussion packed with valuable information for cybersecurity professionals and enthusiasts alike. Don’t miss out on our latest insights and tips! #Cybersecurity #HAC5Pineapple #PenTesting #EthicalHacking #WiFiSecurity #CyberThreats  
33:37 7/1/24
Cybersecurity in the News: DDoS Attacks, Public Library Breach, Phishing and More
Welcome to the latest episode of "The Audit," where we bring you the most pressing news, issues and insights in cybersecurity. In this live episode, we cover the recent ransomware attack on the Seattle Public Library, the $37 million theft from Coinbase Pro users, and the sophisticated gift card fraud by the Moroccan cybercrime group, Storm 0539. We share our insights on how these attacks happened, their impacts, and practical advice on how to protect yourself and your organization. We also explore a theoretical DNS bomb DDoS attack and the intriguing use of Flipper Zero devices to control wristbands at large events. Seattle Public Library ransomware attack and its impact $37 million phishing scam targeting Coinbase Pro users Moroccan cybercrime group Storm 0539's gift card fraud Potential threat of DNS bomb DDoS attack Flipper Zero devices hijacking event wristbands Thanks for tuning in! Don't forget to like, subscribe, and share your thoughts in the comments. #CybersecurityNews #Cybersecurity #Ransomware #Phishing #ITSecurity #TechNews  
51:45 6/17/24
Quantum Computing's Impact on Cybersecurity with Bernie Leung
Explore the intriguing intersection of quantum computing and cybersecurity... It’s closer than you think. In this episode, special guest Bernie Leung from Autodesk shares his expert insights on how quantum computing is reshaping the cybersecurity landscape. Discover the challenges and breakthroughs in encryption practices as Bernie breaks down complex concepts like the Shor Algorithm and discusses practical steps for adapting to this new era of cybersecurity.    In this episode, we dive into: The essentials of quantum computing and how it could revolutionize encryption. Current encryption vulnerabilities that quantum computing could exploit. An introduction to post-quantum cryptography and the new standards on the horizon. Practical uses of quantum computing in cybersecurity today and what we might see in the future. How governments and businesses are preparing for quantum threats, including updates in regulations and security protocols. This discussion is not just theoretical; it's a guide to understanding and preparing for the quantum leap in data protection. #QuantumComputing #FutureOfCybersecurity #Cybersecurity #InfoSec #PostQuantumCryptography 
37:32 6/3/24
Securing the Invisible Threats: Insights on IoT Security with Eric Johansen
Discover cutting-edge IoT cybersecurity strategies with insights from expert Eric Johansen. Join us as we delve into the world of IoT cybersecurity with Eric Johansen from Phosphorus. Eric discusses the challenges and solutions for managing IoT devices at scale, the critical importance of asset inventory, and the significant risks posed by outdated technology. This episode is perfect for IT pros, cybersecurity experts, and business leaders looking to enhance their cybersecurity knowledge. In this episode, we'll cover: Managing IoT devices at scale: Best practices and solutions The importance of asset inventory in IoT security Identifying and mitigating risks from outdated technology Real-world examples of IoT vulnerabilities Innovative solutions from Phosphorus for IoT security Eric Johansen's insights provide valuable knowledge for anyone involved in managing and securing connected devices. Don't miss this episode for practical advice and expert perspectives on tackling IoT security challenges. #IoT #Cybersecurity #TechTrends #OTSecurity #SmartDevices #IoTSecurity #TechInnovation 
49:27 5/8/24
Soaring Through Cybersecurity: Indoor Skydiving and Pen Testing with Brian Johnson
Get ready for a special episode of The Audit! We're celebrating our 40th episode with Brian Johnson, host of the 7-Minute Security podcast, as we talk cybersecurity, social engineering, and some wild stories that you won't want to miss. We’ll explore the role of tabletop exercises in shoring up a company's security and dive into the fascinating world of open-source intelligence. We’ll uncover what it takes to protect against cyber threats, why pen testing matters, and how social engineering tests can be a rollercoaster of nerves. Brian also shares his journey from being a Christmas caroler in "Jingle All the Way" to being a cybersecurity consultant and podcast host. This episode is packed with insights, laughs, and even some hairless cats. Brian Johnson's journey from Christmas caroler in "Jingle All the Way" to cybersecurity consultant and podcast host The role of tabletop exercises in improving a company's security posture Pen testing insights: why it matters and how it's done Social engineering stories: the highs and lows of testing human vulnerabilities Open-source intelligence: what it is and why it's important for cybersecurity Unexpected surprises: including stories about skydiving and hairless cats If you're interested in cybersecurity and want to hear some great stories from the industry, this episode has you covered. Enjoy the laughs and insights, and don't forget to like, share, and subscribe for more content from The Audit. #Cybersecurity #PenTesting #SocialEngineering #Skydiving 
56:09 4/19/24
Building the Future: AI and Cybersecurity in Construction
In this episode we explore the intersection of AI and cybersecurity in the construction industry with John Massie, Technology Director at Journey Group. John shares his insights on integrating technology to enhance cybersecurity and operational efficiency within the construction sector. The discussion covers a range of topics from combatting sophisticated phishing attacks to the strategic use of AI tools like ChatGPT and Copilot. Delve into the challenges of AI-generated content, governance, intellectual property concerns, and the transformative impact of AI on traditional business models. In this episode we cover: Best practices for AI in non-tech sectors Cybersecurity policies for AI Mitigating cyber security risks in construction AI's role in the construction industry Ethical challenges of AI-generated content Future trends in AI governance AI's implications for industry standards  Stay tuned for more insights into the future of IT technology and its transformative effects on the business landscape. #AIcybersecurity #Cybersecurity #Infosec #ConstructionTech #AIPolicies 
51:39 4/15/24
Cybersecurity Brief: Water Systems & IoT Devices Under Threat
Join us on The Audit for a critical examination of cybersecurity's latest frontiers: threats to our water system and the push for global IoT security standards.  In this episode, our team of cybersecurity experts, Eric Brown and Nick Mellum, dissect the Biden administration's recent warnings about cyber-attacks on U.S. water utilities and delve into the newly announced IoT device security specifications by The Cloud Security Alliance (CSA). From nation-state actors targeting essential infrastructure to the complexities of securing IoT devices in your home, this discussion offers invaluable insights into safeguarding our digital and physical worlds. What You'll Learn: The significance of recent cybersecurity warnings regarding the water sector. The importance of a unified cybersecurity standard for IoT devices. Strategies for securing IoT devices within corporate and home networks. The role of cybersecurity in ensuring the safety and reliability of essential public utilities. 
39:05 4/1/24
Phishing: The Number 1 Social Engineering Tactic with James Arndt
In this episode of The Audit, we dive into the world of phishing to uncover the sophisticated tactics that make these scams the leading threat in cybersecurity. Join us as Jamie Arndt, a cybersecurity expert with extensive experience in reverse engineering and analyzing malicious emails, shares his insights and stories from the front lines. We’ll cover: • The rise of generative AI in crafting phishing emails that bypass traditional detection methods. • Real-world stories of phishing attacks, from impersonating school communications to exploiting professional relationships. • The psychological tactics used by attackers to exploit human nature and gain access to sensitive information. • Innovative defense strategies and tools that organizations can employ to protect themselves against phishing attempts. • Practical advice for individuals on recognizing phishing attempts and safeguarding personal information. This episode arms you with the knowledge of what to look for in phishing emails, emphasizing the importance of vigilance and education in the digital age. 
49:09 3/18/24
Printing the Future: Navigating Cybersecurity in 3D Printing
How exposed are your 3D printing operations to cyber threats? Is the intellectual property involved in 3D printing at risk, and can 3D printers themselves become targets for hackers?   As 3D printing technology becomes more integrated into various industries, its cybersecurity implications cannot be ignored. This episode sheds light on the exciting world of 3D printing, focusing on its potential for innovation while addressing the significant cybersecurity challenges it faces. We'll explore: • The basics of 3D printing technology and its cybersecurity implications. • Protecting intellectual property in the realm of 3D printing. • The vulnerabilities of 3D printers to hacking and how to safeguard them. • Strategies for securing 3D printing operations against cyber threats. • Real-world examples of cybersecurity breaches in 3D printing. Whether you're a cybersecurity professional, a 3D printing enthusiast, or someone interested in the intersection of technology and security, this episode offers valuable insights into protecting your 3D printing projects.   
46:30 2/26/24
Are VPNs Secure? Insights on the Risks, and the Ivanti Breach
How secure is a VPN, really? Can a VPN server be hacked, and are these services truly safe? In this episode of The Audit, Joshua, Nick, and Eric tackle these pressing questions head-on.  As the cybersecurity landscape evolves, Virtual Private Networks (VPNs) are increasingly common among cybersecurity professionals and enthusiasts alike... but how secure are they? In this episode, we take you through the mechanics of VPNs, their role in safeguarding your data, and the vulnerabilities that can expose users to risk.  We'll cover: •  What are VPNs and how do they work? •  How to choose the right VPN provider: Considerations and pitfalls. •  The difference between corporate and personal VPN use and their unique challenges. •  How to mitigate risks associated with VPN usage. •  The recent Ivanti VPN breach  If you care about your digital privacy, curious about how VPNs fit into your life, or pondering the real benefits and risks of using VPN services, then this episode is for you. 
44:10 2/12/24
A Veteran’s Journey into Cybersecurity with Clifton Robinson
It should come as no surprise that building a team can be challenging for cybersecurity professionals. However, we've found that individuals who have served in the military often possess a unique focus and drive, setting them apart in the cyber world. Clifton Robinson, a former Army logistician and healthcare market analyst, joins our team to discuss his journey to becoming a cybersecurity professional.  Topics covered: How military service helps individuals transition into cybersecurity Why employers appreciate military service in cybersecurity candidates Why are veterans drawn to the field of cybersecurity? How joining the military changed Clifton’s life The importance of mentorship and networking for veterans If you're a veteran considering a career in cybersecurity or seeking a fresh perspective on the cybersecurity industry, don't miss the latest episode of The Audit! 
44:32 1/29/24
Email and Mobile Security Tips with Dean Morstad
Is your digital footprint secure? In our latest episode we unravel the complexities of email and mobile security. Join Dean Morstad, a seasoned cybersecurity expert, as he shares invaluable insights and practical tips to enhance your digital safety. The conversation includes: - Why and how are most of us viewed as a “product”?  - Practical email security tips and best practices - How to avoid phishing scams and other social engineering strategies - Mobile device and location tracking insights - Organizational security policy tips  - Why use a password manager 
44:02 1/15/24
Meet the Team: Learn Their Approach to Ransomware, Breach Response, and AI
This episode offers more than just insights; it's a chance to meet the minds who have been combatting cyber threats for decades. We explore topics like ransomware, effective data breach responses, and the integration of AI in cybersecurity. Discover strategies and insights from industry leaders and learn how to fortify your digital defenses in an ever-evolving cyber landscape. Topics Covered: How to navigate a ransomware attack Data breach response methods Cyber insurance challenges AI, cybersecurity, and the legal considerations Social engineering audits Gain valuable insights into current trends and practical approaches to enhance your organization's security posture. Be sure to subscribe today! 
52:26 12/7/23
Cybersecurity Jobs, Breach Communication & The Infosec Landscape with Leah McLean
In this episode of The Audit, Leah McLean shares her insights from over 10 years in cybersecurity and IT with companies like Cisco, and now Mastercard.  We’ll cover: How to get a job in cybersecurity Navigating the ethical challenges of AI in Cybersecurity Work-life balance in cybersecurity jobs Perspectives on success for cybersecurity leadership Emerging infosec technologies Mental health for infosec professionals  We navigate the shifting terrain of cybersecurity talent acquisition, stressing the need for aptitude and ongoing education. Leah delves into AI's role and ethical dilemmas in cybersecurity, provides tips for balancing work and life in remote contexts, and examines upcoming cybersecurity technologies. The discussion also highlights veterans' vital roles in cybersecurity, underscores the importance of mental health in stressful settings, and gives a sneak peek into future 'Elevate Exchange' podcast episodes on topics like AI and quantum computing. 
46:51 11/27/23
Decoding Flipper Zero: The Swiss-Army Knife of Hacking Tools
The Audit - Episode 30 - Join us as we speak with cybersecurity expert and hacking hardware enthusiast Cameron Birkland, who introduces us to the world of the Flipper Zero. The brainchild of a successful Kickstarter campaign in 2020, the Flipper Zero might look cute with its dolphin avatar, but it's a potent tool capable of manipulating control systems like RFID and NFC tags, radio remotes, and digital access keys. What would you do if your garage door opener could be hacked? Cameron walks us through how this is possible with his own garage door opener. Don’t forget, if you prefer video, check out every episode of The Audit on our YouTube channel. 
43:30 11/13/23
Understanding Cryptocurrency and Wallet Security with Matt Starland
The Audit - Episode 29 - Ready to uncover the world of crypto? Join us in our latest episode as we dive into the realm of cryptocurrency with Matt Starland. Let's embark on a journey from the origins of Bitcoin to the frenzy of meme stocks making headlines. Tune in to understand how cryptocurrency is shaking the foundation of economies with unstable governments, and how secure, hardware-based crypto wallets can be your ultimate safe vault.We didn't stop at Bitcoin. Matt Starland, our resident crypto expert, took us on a ride through the volatile landscape of cryptocurrency trading, tackling the challenges of its mainstream adoption and the potential risks. Discover how to set up a hardware wallet and get an inside scoop on the cryptographic algorithms that are its backbone and the all-important recovery seed. By the end of this, you'll be well-versed in the nitty-gritty details of crypto trading and equipped to safeguard your digital assets.In the final leg of our crypto exploration, we help you navigate the process of setting up a new cryptocurrency wallet, emphasizing the significance of secure offline backup and tightening the security measures. We shed light on the workings of a Bitcoin wallet, the associated fees, and how to maximize its security. Then, we take you through the features of hardware wallets, the processes of buying and selling from a wallet, and the risks of leaving money on an exchange. So sit back, tune in and prepare for a deep dive into the thrilling world of cryptocurrency!
63:56 10/30/23
Stories from the Dark Side of Cyber Forensics with Andre Champagne
The Audit - Episode 28 - We are pleased to introduce you to Andre Champagne, an expert in the intriguing world of cyber and digital forensics. Andre’s journey, from the Anoka County Sheriff's Office, through the Illinois Attorney General's Office, to the state of Minnesota, provides fascinating insights into a career in stopping cyber-crime.  Andre also recounts his time managing a digital forensics laboratory, shedding light on the intricate balance between risk and technology in the digital landscape. He shares stories about investigating arson cases, using phone evidence to reveal the diversity of online predators. His anecdotes provide a sobering perspective on the challenges and rewards of a career in cyber forensics.   Finally, Andre breaks down the reality of the cyber security field beyond what you see in TV and film. His experiences range from putting together reports for the courtroom, dealing with data breaches and ransomware, to handling HR investigations. The conversation takes a darker tone as we address the chilling reality of online predators while Andre provides valuable advice on ways to keep children safe online.
79:29 10/16/23
eCommerce and Surviving the Black Friday Frenzy with Jeff White
The Audit - Episode 27 - Imagine managing over a million orders per minute during a high-stakes sales event like Black Friday! That's the reality Jeff White from Cockroach faced during his time at Best Buy. We sit down with him in a lively discussion, unpacking the intricacies of running a successful online store, the immense pressure involved, and strategies to guard against malicious acts and bots. Jeff enlightens us about the challenges of scaling an Oracle database to handle a mass influx of orders, sharing insightful anecdotes from his own experience.Ever wondered how to improve your security posture and reduce organizational risk? Jeff is here to share some answers from a tech perspective. He delves into the unique features of Cockroach DB, a system he played a vital role in developing. Learn how it’s designed to run on various operating systems and its resilience to node failure. Jeff also sheds light on distributed data replication, an intriguing aspect of Cockroach DB. If you're a tech enthusiast or involved in e-commerce, this episode is packed with valuable nuggets of information to take your knowledge several notches higher.As we wrap up our conversation, we navigate towards Jeff's interest in renewable energy. We delve into his journey with solar power and electric vehicles, outlining the financial benefits of such investments. He shares his solar installation experience and future plans. We also touch on the critical role of a robust team in conducting successful security assessments. Lastly, we consider a new venue for our game night, since our usual spot isn't available. Tune in for this enlightening episode full of expert insights and real-world experiences.
28:42 10/2/23
The Future of Digital Storage: From Hard Drives to DNA
The Audit - Episode 26 - Ready to decode the future of data storage technology? We guarantee that you'll be fascinated by our in-depth exploration into this rapidly evolving landscape. Together with our esteemed guest, Bill Harris, we probe into the intricacies of current storage mediums, such as hard disk drives, flash drives, and magnetic tapes, while also introducing you to emerging technologies like 5D, DNA, and molecular memory. How are companies managing their data storage amidst ever-shrinking IT budgets? How are advancements like heat-assisted magnetic recording and microwave magnetic recording redefining hard drive technology? Brace yourself, as we take you on a journey to decipher these challenges and discoveries, along with Harris, a pioneer in the field. The conversation gets even more exciting as we delve into futuristic concepts like holographic and DNA storage, both promising yet fraught with challenges worth discussing. But we don't stop there. As we dig deeper into the impact of increasing storage capacities, it's evident that a revolution in the way we use and perceive data is imminent. From holographic and 5D crystal storage to DNA storage, we ponder the implications and potential of these advancements on the future of technology. Tune in, let's explore this fascinating world of storage technology together!
45:35 9/18/23
A Comprehensive Guide to Quantum Computing
In Part 2 of the Tech Lessons Series by Bill Harris, get ready to unravel the mystery of quantum computing? Brace yourselves as we, your hosts, and our esteemed guest, Bill Harris, take you on a whirlwind tour of this fascinating technology that's set to redefine the future. Possessing the potential to disrupt major industries and even cryptography, quantum computing is a topic you certainly can't afford to miss. Imagine a computer that can process information at superluminal speeds. That's the magic of quantum computing! From its application in fields as diverse as healthcare and AI to the challenges it poses, we've got it all covered in this episode. But it doesn't stop there. We discuss the potential threat quantum computers pose to current encryption technologies and the prodigious task of developing quantum-safe encryption techniques. Finally, we examine the present landscape of quantum computing, key players in the field, and IBM's quantum roadmap. Are you curious about how a linguist might relate to all this tech talk? Listen in as Alan, an IT professional, ties it all together with his son's choice of major. We wrap up with a hilarious segment discussing our favorite physicists and resources, where you may just find your next good read! Get ready for a deep dive into a future shaped by quantum computing!
46:13 9/4/23
The Next Era of Computing and Processor Technology
The Audit - Episode 24In Part 1 of the Tech Lessons Series by Bill Harris, prepare to be transported into the future of computing resources, with our fascinating guest, Bill Harris from IT Audit Labs. We're opening up the world of processor design and specialized workloads, discussing the intricacies of chip fabrication, the genius behind improving processor speeds, and the art of creating modern processors. Get ready to discover a realm of substrates, lithographies, and elements that form the backbone of future processors.Ever wondered about the application of Moore's Law in real life, or what really behind processor clock speeds? This episode answers all that and more, bringing in exciting insights into the clever tactics used to amplify modern computation. Dive into the mechanics of how assembly is utilized to build processors and learn about the advanced technologies such as 3D NAND, chiplets, and SSL acceleration that are revolutionizing the field.As we look forward to the future of computing and the exciting investment opportunities it presents, we delve into the potential of semiconductors, the massive CERN particle collider and the intricate challenges of breaking into the semiconductor industry. Don't miss out on our spirited conversation on the potential of DNA and crystalline molecular storage, and the role of quantum computing in enhancing processor speeds. And remember, amidst all this tech talk, the importance of security, risk and compliance controls to safeguard our clients’ data remains paramount. So, buckle up and come along on this exhilarating journey into the future of computing!
52:14 8/21/23
Unmasking the Complex World of Cybersecurity and Software Updates
Wouldn't it be great if you could navigate the treacherous landscape of software vulnerabilities like a pro? That's exactly what we're serving up in our latest podcast episode. Together with our dedicated team, we dissect the upsurge of these vulnerabilities, the recent discovery of a toolkit targeting Apple, Mac OS, and stolen chat GPT credentials. We even do a deep dive into the complex CVE system. Our insightful discussion sheds light on how these vulnerabilities have grown over time, largely due to the evolution of software development.Are you constantly second-guessing whether to update your software due to the fear of breaking things? You're far from alone. Hang out with us as we share our personal anecdotes dealing with software updates, security patches and the puzzling catch-22 situation that arises. In an alarming revelation, we also walk you through the recent compromise of over 101,000 OpenAI chat GPT account credentials. If you’re a user, this is an episode you can't afford to miss. Imagine living in a world where data breaches are the new golden age. That's the reality we're grappling with, and there's no denying the risks associated with storing data on an internet-connected database. From discussing malicious targeted ad campaigns to delving into the dangers of certain browsers, this episode is a rollercoaster of cybersecurity insight. We round off by examining how data breaches have shaped cybersecurity history. Tune in and arm yourself with the knowledge to combat the rapidly evolving world of software vulnerabilities and cybersecurity.
58:33 8/7/23
The Dark Side of Cyberspace: Data Breaches and the Price of Information
The Audit - Episode 22Want to understand the dark underbelly of cyberspace? Join us as we take a deep dive into recent data breaches at T-Mobile, discussing why fewer customers were impacted this time around compared to the January API attack. Get insights on how negligence in security could lead to government oversight and understand the power consumers can wield by voting with their feet. Learn how the fines collected from such breaches could fund cybersecurity improvements in vulnerable entities such as school districts.Curious about the consequences of data breaches? We shed light on the implications of the cover-up by Uber's former CSO, who narrowly escaped jail time, and the devastating impact of the Next Gen Healthcare breach affecting a million individuals. We also explore the rise of bug bounties as a popular tool among companies and stress the importance of credibility in the realm of ethical hacking. Ever wondered about the value of your personal information to hackers? We break down how hackers can misuse social security numbers, addresses, and names, and discuss the increasingly specialized roles within a cyber attack. Discover the sinister world of data brokers, who split and resell your personal information, and the challenges of resetting social security numbers. We also delve into how medical records can be weaponized and highlight the need for cybersecurity audits to safeguard data. Listen in, as we offer a compelling analysis of the attacker's viewpoint, the significance of logging activities, and why some attackers end up dwelling within systems for long periods. We also discuss the security maturity needed to protect a company from future breaches once they've been hit. If you're at all concerned about the safety of your personal data, you won't want to miss this deep dive into the murky world of data breaches and cybersecurity.
42:59 7/24/23
The New Toolkit: AI-Powered Presentations
For this episdoe we are joined by Eric Pesik, the Deputy General Counsel at Seagate Technology. Eric, walks us through how he has been using generative AI tools, including ChatGPT, AI image generators and AI voice overs to speed up his workflow when creating presentations for his colleagues. The crew also discusses how AI will broadly impact other sectors.  
52:49 7/10/23
The Future of Passwords
A conversation between Nick Mellem, Eric Palms, and Matt Starland about the future of passwords through the lens of IT. The team notes a general lag time behind current threats and the technology already available to upgrade security protocols and the lack of large-scale adoption and upgrades. Passwords may eventually have to be left behind for new technologies such as biometrics. It is largely agreed that there needs to be a change to a password-less approach to mitigate end-user security risks. Join us for this stimulating and timely discussion. Help us spread this important info by liking, downloading, subscribing and inviting your friends to listen to The Audit. Video version now available on our YouTube channel.
56:42 6/26/23
Certified Vulnerable
A discussion with ITAL members Eric Brown and Scott Rysdahl with Micah Kryzer. Micah is a pentester by day but also works alongside the ITAL team. In this episode the crew overviews certificates, a big topic that transcends any one vendor or environment. Certificates are like an electronic passport meant to uniquely identify a person, computer or application on a network. This specific family of vulnerabilities discussed affects the Microsoft Active Directory certificate services, which is Microsoft’s own built-in PKI or public key infrastructure included with Window’s servers and domains. Micah walks us through a pentest demo illustrating the ways this system can be exploited as well as providing tips on how to protect business networks from this attack. 
29:43 6/12/23
So, you wanna be a CISO?
An in-depth conversation with former CISO (Chief Information Security Officer) of the Minnesota Judicial and Metropolitan Council, Gretchen White. ITAL’s own Eric Brown and Gretchen discuss topics including the day-to-day grind of advocating for funding and implementing security protocols, how to prioritize security needs and access risk on a budget, reporting structure, and how to effectively impact change within an organization. Chalk full of tips, Gretchen, has expertise in communicating organizational needs to decision makers and has some priceless nuggets to share with up-and-coming CISO’s and those who work under their guidance.  #cybersecurity #CISO #chiefinformationsecurityofficer #careeradvice #organizational #leadership #communication #security #influence #metropolitancouncil #minnesotajudicial #pointofrisk 
34:33 5/29/23
Hardware Hobbies
This week, we are speaking with Dennis Pelton about his expertise in hardware. He makes badges for all the major security conferences and loves to share his knowledge in this space. #security #hacking #wifi #rubberducky #hardware #defcon #schmoo #defcon #bsides
34:33 5/15/23
Security in the News, part II
Continue the conversation with guest, Matt Starland, as we dive further into security in the news. How do these breaches happen and how can they be prevented? Find out today on The Audit. #Breaches #ThreatActors #CyberSecurity #TheAudit 
18:48 5/1/23
Cyber Safe Travel
Traveling for Spring Break, vacation, or work? Join The Audit and guest ethical hacker, Matthew Wold, to hear best practices for keeping your journey cyber-secure. 
75:39 4/17/23