Cyber News: Iran Attacks, Greyware, and Backdoor Code

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to Cart failed.

Please try again later

Add to Wish List failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Please try again

Unfollow podcast failed

Please try again

Cyber News: Iran Attacks, Greyware, and Backdoor Code

Listen for free

View show details

What if the tools protecting your organization were the ones compromising it? In this episode of The Audit, co-hosts Joshua Schmidt, Eric Brown, and Nick Mellem — joined by IT Audit Labs team member Samuel Cala live in the St. Paul studio — unpack a wave of cybersecurity stories that all converge on one unsettling theme: trust is being exploited at every layer of the stack.

From an Iranian-linked APT group targeting U.S. healthcare infrastructure, to a sophisticated GitHub Actions supply chain attack that backdoored an AI coding library used by thousands of developers — the crew breaks down exactly how threat actors are weaponizing the tools, platforms, and third-party services organizations depend on daily.

They also dive into a disturbing revelation about AI-powered audit certifications: one company allegedly fabricated compliance evidence to hand out ISO 27001 and SOC 2 certifications at a fraction of the cost — raising serious questions about what those credentials are actually worth.

In this episode:

🇮🇷 Iran's escalation from cyber espionage to active disruption — what signals to watch for
🔗 The GitHub Actions / LiteLLM supply chain attack explained step by step
🧾 How an AI certification firm allegedly faked audit evidence — and what it means for your vendor trust
📡 FCC bans on foreign-made routers and the gray market hardware problem hiding in plain sight
🤖 OpenAI kills Sora — what it signals about where AI is actually headed

Whether you're a CISO trying to defend against nation-state threats or a developer trusting open-source libraries, this episode delivers the context — and the hard questions — you need to stay ahead.

Don't wait until your organization is the next headline. IT leaders need to stay ahead of evolving threats, and this episode delivers critical insights to help protect your business. Like, share, and subscribe for more in-depth security discussions!

#cybersecurity #supplychainattack #infosec #threatintelligence #ISO27001 #SOC2 #githubsecurity #irancyberattack #aicybersecurity #itauditlabs

No reviews yet