The Biggest Cybersecurity Grift in Years

The Biggest Cybersecurity Grift in Years

From Hacker And The Fed by Chris Tarbell & Hector Monsegur

March 26, 2026 · 51 min

About this episode

Chris and Hector discuss a compliance scandal involving fake SOC 2 certifications and its implications for trust in the cybersecurity industry.

Chris and Hector break down a major compliance scandal where a startup allegedly sold fake SOC 2 certifications using templated reports and questionable auditing practices. They explore how the breach exposed sensitive internal documents, why companies may have knowingly gone along with it, and what it says about trust in the cybersecurity industry. The episode also covers a massive GPU smuggling case tied to China, the collapse of a major cybercrime forum, and a real-world prompt injection attack that compromised thousands of developer environments. Join our Patreon for weekly bonus episodes: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Send HATF your questions at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠questions@hackerandthefed.com

People in this episode

Hosts: Chris Tarbell, Hector Monsegur

Topics covered

  • cybersecurity
  • compliance scandal
  • SOC 2 certifications
  • GPU smuggling
  • cybercrime forum
  • prompt injection attack

Keywords

  • cybersecurity
  • SOC 2
  • compliance
  • GPU smuggling
  • cybercrime
  • prompt injection
  • scandal

Mentioned in this episode

Organizations: SOC 2, China, Patreon, HATF

More episodes of Hacker And The Fed

Explore listener stats, chart rankings, contacts and more on the Hacker And The Fed podcast page.