Hiring fraud and deepfakes with Tom Cross

Join us for this week's Defender Fridays as we explore the evolving threat of deepfakes in hiring and remote work with Tom Cross, Head of Threat Research at GetReal Security.

At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.

What We'll Discuss

In this episode, Tom Cross shares insights on how threat actors, particularly North Korean operatives, are exploiting remote work environments to infiltrate organizations through sophisticated hiring fraud and deepfake technology. We explore the current state of deepfake detection capabilities and practical defenses security teams can implement now.

Key Topics:

• How North Korean threat actors successfully infiltrate organizations through remote hiring processes
• Current deepfake technology capabilities and limitations for video, audio, and real-time manipulation
• Detection strategies across the hiring kill chain - from resume screening to onboarding
• Telemetry and logging approaches for video conference systems, including latency analysis and behavioral indicators
• The evolution of AI avatars and voice-based social engineering attacks

About Our Guest

Tom Cross is Head of Threat Research at GetReal Security, where he focuses on deepfake detection technology. With decades in cybersecurity, Tom previously ran X-Force Research at IBM, led research at Lancope (now Cisco Stealthwatch), and founded Drawbridge Networks. He's a frequent speaker at DEF CON and Black Hat, bringing extensive expertise in vulnerability research, threat detection, and emerging attack vectors.

Connect with Tom:

LinkedIn: https://www.linkedin.com/in/tom-cross-71455/
GetReal Security: https://getrealsecurity.com

Register for Live Sessions

Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience.

Register here: https://limacharlie.io/defender-fridays

Subscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!

Sponsored by LimaCharlie

This episode is brought to you by LimaCharlie, a cloud-native SecOps platform where AI agents operate security infrastructure directly. Founded in 2018, LimaCharlie provides complete API coverage across detection, response, automation, and telemetry, with multi-tenant architecture designed for MSSPs and MDR providers managing thousands of unique client environments.

Why LimaCharlie?

• Transparency: Complete visibility into every action and decision. No black boxes, no vendor lock-in.
• Scalability: Security operations that scale like infrastructure, not like procurement cycles. Move at cloud speed.
• Unopinionated Design: Integrate the tools you need, not just those contracts allow. Build security on your terms.
• Agentic SecOps Workspace (ASW): AI agents that operate alongside your team with observable, auditable actions through the same APIs human analysts use.
• Security Primitives: Composable building blocks that endure as tools come and go. Build once, evolve continuously.

Try the Agentic SecOps Workspace free: https://limacharlie.io
Learn more: https://docs.limacharlie.io

Follow LimaCharlie

Sign up for free: https://limacharlie.io
LinkedIn: https://www.linkedin.com/company/limacharlieio/
X: https://x.com/limacharlieio
Community Discourse: https://community.limacharlie.com/

Host: Maxime Lamothe-Brassard - CEO & Co-founder at LimaCharlie
LinkedIn: https://www.linkedin.com/in/maximelb/

#defenders #cybersecurity #threatdetection #secops #infosec #cyberdefense #deepfakes #hiringfraud #remotework #threatintelligence