Can you spot the difference between real cybersecurity talent and someone using ChatGPT to fake their way through interviews? In this episode of The Audit, Thomas Rogers from Meta CTF reveals how Capture the Flag competitions are becoming the ultimate litmus test for authentic cyber skills—and why traditional hiring methods are failing in the AI era.

Whether you're a CISO looking to revolutionize your hiring process, a security professional wanting to level up your skills, or just curious about what happens when cybersecurity meets escape room logic, this episode delivers actionable insights you can implement immediately.

Key Topics Covered:

• How Meta CTF's Jeopardy-style competitions work and why they're addictive
• Real examples of CTF challenges that test critical thinking over pure technical knowledge
• The shocking rise of AI-assisted interview cheating (and how to spot it)
• Why "CTF culture" is becoming the new hiring differentiator for top security teams
• Practical tips for using competitions to build team camaraderie and retention
• How smaller companies can compete with Big Tech for cybersecurity talent

Don't let your next hire fool you with AI-generated answers. Learn how CTF competitions reveal the real problem-solvers from the pretenders. Like, share, and subscribe for more cybersecurity hiring secrets that actually work!

#MetaCTF #CybersecurityHiring #CTF #InfoSec #CyberSecurity #AIInterviews #TechRecruiting

Dallas Turner's $240,000 fraud loss isn't just celebrity news—it's a wake-up call for anyone with a bank account. When even NFL linebackers fall victim to social engineering, what does that mean for the rest of us?

In this episode of The Audit, co-hosts Joshua Schmidt, Eric Brown, and Nick Mellem break down the sophisticated tactics behind this massive financial fraud and reveal why help desk vulnerabilities are becoming cybercriminals' favorite attack vector. From Scattered Spider's multi-industry campaigns to the unexpected cybersecurity challenges facing Formula 1 racing, this episode covers the evolving threats that no security professional can afford to ignore.

• 🎯 Key Topics Covered:
• How banking impersonation scams work and red flags to watch for
• Why Scattered Spider targets help desks and how to defend against it
• The surprising cybersecurity risks in high-speed Formula 1 racing
• Practical steps to protect yourself from social engineering attacks
• Why MFA fatigue is becoming a serious security vulnerability

Don't let social engineering catch you off guard. The tactics that fooled a professional athlete could easily target your organization next.

#cybersecurity #socialengineering #scatteredspider #financialfraud #infosec

What does it take to build real cybersecurity skills in underserved communities? In this episode of The Audit, Rasheed Alowonle shares his journey from Chicago to becoming a cybersecurity educator and community advocate. This isn't your typical career advice—it's about fortifying communities through practical security hygiene and hands-on learning.

Co-hosts Joshua J Schmidt, Eric Brown, and Nick Mellum dive deep with Rasheed on his mission to teach cybersecurity fundamentals where they're needed most. From TryHackMe demonstrations to real-world privacy protection, this conversation reveals how grassroots education can transform both individuals and entire communities.

Key Topics Covered:

• Building cybersecurity skills in underserved communities • Practical privacy protection for families and neighborhoods
• Career development through hands-on learning platforms
• The critical importance of in-person networking in tech
• Why protecting your digital identity protects your community

Don't wait to start building your cybersecurity career—your community needs you. Like, share, and subscribe for more real-world security insights that matter!

#cybersecurity #infosec #careerdevelopment #networking #community #privacy #tryhackme

What happens when your carefully crafted incident response playbook becomes worthless? Cody Sullivan from OpsBook reveals the brutal truth about tabletop exercises: most organizations are practicing with medieval armor for a drone war. From 70-participant, 6-hour exercises spanning three continents to the harsh reality of insider threats, this conversation exposes the gaps that could leave your organization bleeding when the real attack comes.

Key Topics Covered:

• Why "tribal knowledge" is your organization's biggest security risk
• The insider threat scenario that makes every tabletop exercise go sideways
• How AI is revolutionizing incident response preparation through OpsBook's ontology
• Why your playbooks are useless if hackers have them too
• The "Derek Jeter approach" to cybersecurity preparedness
• From real estate to tech: spotting warning signs before the industry shift

The crew shares fresh insights from a recent school district tabletop that exposed critical single points of failure, while Cody demonstrates how modern organizations are turning decision-making into muscle memory, not just memos. This isn't theory—it's the frontlines of organizational resilience where one overlooked vulnerability could trigger catastrophic failure.

Like, share, and subscribe for more in-depth security discussions that prepare you for tomorrow's threats, not just today's compliance checkboxes!

#tabletopexercise #incidentresponse #cybersecurity #infosec #AI #opsbook

Think you can manage industrial systems like your IT infrastructure? Think again. In this episode of The Audit, Dino Busalachi unpacks the high-stakes complexity of OT-IT convergence—and why your trusty IT playbook flatlines on the plant floor.

Join the IT Audit Labs crew as we dive into the chaos of managing 10,000+ industrial assets across a sprawling landscape of vendors, protocols, and operational rules that laugh in the face of standardization. From Siemens to Rockwell to Honeywell, Dino draws sharp parallels to hospital systems juggling specialized third-party contractors—because in the world of OT, consistency is a luxury and adaptability is survival.

🔧 Key Topics Covered:
• Why OT environments resist IT standardization efforts
• Managing thousands of industrial assets from multiple vendors
• The hospital analogy: treating OT specialists like medical contractors
• Building effective partnerships between OT and IT teams • Real-world challenges of securing industrial control systems

#OTSecurity #ITConvergence #IndustrialCybersecurity #SCADA #PLC #CriticalInfrastructure

What happens when you cross a Tamagotchi with a Wi-Fi hacking tool? You get the Pwnagotchi—a pocket-sized device that "feeds" on Wi-Fi handshakes and learns from its environment. In this episode, Jayden Traufler and Cameron Birkland join the crew to demonstrate how this deceptively cute device can passively capture encrypted Wi-Fi credentials from any network in range, autonomously gather handshakes, share intelligence with other Pwnagotchis, and operate completely under the radar from conference floors to airplane cabins in ways that might surprise you.

• Key Topics Covered:
• How the Pwnagotchi captures Wi-Fi handshakes through deauthentication attacks
• Why WPA3 networks are immune (and why most networks still aren't using it)
• Building your own Pwnagotchi vs buying a Flipper Zero with Wi-Fi dev board
• Real defense strategies beyond "just turn off your Wi-Fi"
• The legal gray areas of passive Wi-Fi monitoring
• Conference horror stories and the 600-handshake airplane incident

Whether you're a security professional looking to understand emerging threats or someone curious about DIY hacking tools, this episode delivers practical insights you can use to protect your networks today. The Pwnagotchi proves that the most dangerous attacks often come in the most innocent packages.

Don't let your organization become the next victim of passive Wi-Fi attacks. Like, share, and subscribe for more hands-on cybersecurity content that keeps you ahead of emerging threats!

#Pwnagotchi #cybersecurity #wifihacking #ethicalhacking #infosec #flipper zero

Relevant Links:

Jayden Traufler

• LinkedIn

Your network is talking behind your back—but Pi-hole is listening. Join The Audit as Pi-hole co-founders Dan Schaper and Adam Warner reveal how their open-source DNS sinkhole technology has become the secret weapon for over 200,000 privacy-conscious users worldwide.

In this episode, we discuss:

• How Pi-hole evolved from a simple ad blocker to a critical network security tool
• Why DNS-level filtering stops threats before they reach any of your devices
• The performance benefits that make browsing noticeably faster
• Setting up Pi-hole on everything from Raspberry Pi to enterprise hardware
• How the global development team maintains this powerful security shield
• Protecting vulnerable IoT devices from malicious traffic
• The future roadmap for Pi-hole and opportunities to contribute

Don't miss this deep dive into the technology that's reclaiming control of digital footprints one DNS request at a time. Connect with the Pi-hole community at discourse.pi-hole.net and discover why cybersecurity professionals consider this an essential defensive tool.

Like, share, and subscribe for more cutting-edge cybersecurity insights and expert analysis!

#pihole #DNSfiltering #networksecurity #adblocking #privacytools #cybersecurity #opensource #infosec

Join The Audit for a news-packed episode as cybersecurity expert Matt Starland recounts a chilling near-miss with an E-Z Pass phishing scam—received just minutes after renting a car in Florida. His close call highlights how scammers exploit timing and context to deceive even seasoned professionals.

In this episode, we discuss:

• How a security pro nearly fell for a perfectly timed phishing text
• The FBI’s 2023 Internet Crime Report and its $16.6B warning
• Why nearly $5B in losses hit Americans over 60—and why many stay silent
• The psychological barriers victims face when reporting cybercrime
• The rise of the “Dead Internet Theory” and AI-generated online content
• How Meta and others are blurring the line between real and artificial
• Practical ways to spot AI-generated interactions
• Why maintaining human connection is key in the age of AI

Don’t miss this timely conversation packed with real-world insights and strategies to help you stay secure in an increasingly digital (and artificial) world.

Like, share, and subscribe for more cutting-edge cybersecurity stories and expert analysis.

#infosec #cybersecurity #E-ZPass #phishing #FBI #deadinternet #meta