What would you do if ransomware told you not only that your data was gone — but that it was encrypted with a quantum-safe algorithm and you have 72 hours to pay? That's not a hypothetical anymore.

In this live news episode of The Audit, co-hosts Joshua Schmidt, Eric Brown, and Nick Mellum are joined by IT Audit Labs member Bill Harris for a rapid-fire breakdown of the week's most important cybersecurity stories — and a few conversations that went places nobody expected.

🎯 Stories & Topics Covered:

• Iranian Cyber Group Handala Targets U.S. Troops — WhatsApp-based psychological ops against service members in Bahrain, and what OPSEC looks like when soldiers can't leave their phones at home
• Agentic AI Risk Goes Live — A real incident where an AI deleted a production database in 9 seconds, and why "trust but verify" has never mattered more
• Quantum-Safe Ransomware (Kyber) — The first confirmed ransomware family using NIST's post-quantum cryptographic standards, and why it's more marketing than menace — for now
• Robinhood Email Exploit via Gmail Dot Trick — How threat actors weaponized a years-old stolen email list using a quirk in how Google and Robinhood handle email addresses differently
• Bitwarden/Checkmarks Supply Chain Attack — Why even security-first tools aren't immune, and how Bitwarden's 90-minute response time became a case study in breach communication
• Apple's AI Strategy: Late on Purpose? — Is Apple sitting out the AI arms race, or quietly building something nobody's seen yet?
• Eric's AI Email Vision — A live whiteboard idea for using agentic AI as a personal email firewall that could eliminate phishing at the infrastructure level

Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers critical insights to help protect your business. Like, share, and subscribe for more in-depth security discussions!

#cybersecurity #ransomware #postquantum #AI #infosec #ethicalhacking #supplychain #phishing #NIST #agentic #bitwarden #OPSEC #cyberdefense #ITaudit #TheAudit

Most organizations think they're protected. They're not. Microsoft Defender sounds solid on paper — but in the real world, it's letting phishing, malware, and business email compromise walk right through the door. In this episode of The Audit, the crew pulls back the curtain on one of the most exploited attack surfaces in any organization: email.

Co-hosts Joshua Schmidt, Eric Brown, and Nick Mellem are joined by IT Audit Labs' own Cameron Birkland — fresh off three first-place CTF wins in Vegas — for a live walkthrough of Check Point Harmony Email, a tool that plugs directly into your Microsoft 365 environment and shows you exactly what your current setup is missing.

🎯 What you'll learn in this episode:

• Why out-of-the-box Microsoft Defender consistently fails against advanced phishing and BEC attacks — and what "good" email security actually looks like
• How Check Point Harmony uses machine learning and contextual AI analysis (not just signature matching) to catch threats that bypass traditional filters
• How threat actors silently set up forwarding rules and inbox monitoring to loot data for weeks — without triggering a single alert
• IT Audit Labs' new "14 plus one" email security assessment — a 14-day live scan of your Microsoft 365 environment with a full debrief, no disruption required
• A live demo of the Harmony dashboard: phishing reports, geo-anomaly detection, OneDrive malware scanning, and DLP for exposed sharing links

Whether you're securing a 50-person company or advising a 5,000-user enterprise, this episode gives you the practitioner-level insight to finally close the gap in your email defenses.

Don't wait until your organization is the next headline. Subscribe for weekly cybersecurity insights from the practitioners actually doing the work. Like, share, and leave us a review on Apple Podcasts if this episode hit home.

#emailsecurity #cybersecurity #phishing #businessemailcompromise #Microsoft365 #infosec #checkpoint #harmonyemail

Your organization may have hundreds of AI agents running right now that your security team doesn't know exist. Every single one is an identity. Every identity is an attack surface.

In this episode of The Audit, co-hosts Joshua Schmidt, Eric Brown, and Nick Mellem sit down with Madhav Nakar, security researcher on the Phantom Labs team at BeyondTrust, to break down one of the most underexplored threats in enterprise security today: untracked AI agents creating exploitable "ghost identities." Madhav just returned from RSA — where he noticed every booth had an AI angle and a bubble forming — and he's here to cut through the noise with hard-hitting research and practical guidance.

🔍 Key Topics Covered:

• How low-code platforms let non-technical users spawn unvetted AI agents — and why that's a goldmine for attackers
• Ghost identities: what happens when AI agents run on untracked, over-privileged system identities
• The AWS sandbox DNS exfiltration proof-of-concept from BSides (BeyondTrust research)
• Why siloed AWS, Azure, and Okta teams create hidden privilege escalation paths
• "AI vs. AI" — the emerging defender model where autonomous systems monitor each other
• Browser extension cross-contamination and prompt injection risk for enterprise Claude deployments
• The three conditions that make any AI agent dangerous: private data access + untrusted instructions + tool execution
• Madhav's framework: inventory → least privilege → visibility — the basics that still matter most

Bonus: Madhav shares how "spiritually red-teaming yourself" — facing fear, breaking false narratives, and building trust — maps directly to how security professionals should approach zero trust and identity management. Plus: Joshua, Eric, and Nick on conquering stage fright and what that has to do with cybersecurity culture.

Don't wait for a ghost identity to become a ghost incident. Subscribe for weekly cybersecurity insights from practitioners, researchers, and the people defending the frontlines.

#GhostIdentities, #AIAgentSecurity, #NonHumanIdentity, #ZeroTrust, #TheAuditPodcast