Fake employees and compromised contractors are forcing organizations to rethink vendor vetting, hiring security, and identity controls.

Our team is seeing more incidents where attackers don’t exploit vulnerabilities—they exploit trust. In the latest Cyberside Chats episode, @sherridavidoff and @MDurrin unpack Amazon’s recent incident in which a North Korean IT worker was detected through behavioral anomalies and a Russian state-sponsored campaign abusing trusted infrastructure and edge devices.

Watch or listen to hear why hiring workflows, contractors, credentials, and edge devices are now part of your attack surface and what to do about it.

Watch the video: https://youtu.be/WE8p9I3uUuA

Listen to the podcast: https://www.chatcyberside.com/e/amazon-s-deepfake-hire-and-a-5-year-espionage-campaign-what-happened/

#LMGSecurity #CybersideChats #IdentitySecurity #VendorRisk #InitialAccess #ZeroTrust #SecurityLeadership

Russian state-sponsored hackers linked to the GRU have been targeting Western critical infrastructure for years, not with flashy zero-days, but by abusing misconfigured network edge devices to harvest credentials and persist inside victim systems.

Read the full report: https://aws.amazon.com/blogs/security/amazon-threat-intelligence-identifies-russian-cyber-threat-group-targeting-western-critical-infrastructure/

#Cybersecurity #ThreatIntelligence #CriticalInfrastructure #NetworkSecurity #CloudSecurity #GRU #IdentityAccessManagement #RiskManagement

Many organizations still treat identity as something you check once at login. On this week’s Cyberside Chats, Sherri Davidoff and Matt Durrin break down how AI-driven impersonation has made that model unsafe, and why authentication has to extend into calls, chats, approvals, and support workflows in 2026.

They also cover practical ways to add verification where mistakes are costly and how to retrain employees when visual and verbal cues can’t be trusted. If identity is on your 2026 roadmap, this conversation helps clarify what needs to change.

Watch the video: https://youtu.be/J0UJSV6wYlI

Listen here: https://www.chatcyberside.com/e/when-ai-steals-trust-deepfakes-phishing-and-the-new-identity-crisis/

#CybersideChats #IdentitySecurity #Authentication #AIThreats #EnterpriseSecurity #SecurityPrograms #RiskManagement #ITSecurity

The holidays are in full swing, and the attackers (and evil AI tools) have been busy. In this 2-minute video, we show what happened when our team asked WormGPT, a dark-web AI with no guardrails, to generate a holiday scam. Watch it here: https://www.youtube.com/watch?v=YCS75iScU-E

#AI #EvilAI #WormGPT #Cybersecurity #Infosec #HolidayScams #Holidays #Phishing

Collaboration tools like Teams, Slack, and Zoom have become prime targets for attackers—and Microsoft’s latest roadmap updates reflect that shift.

These new security features tell us a lot about the evolving threat landscape and where organizations still need to pay attention. If your security strategy hasn’t caught up with how people actually communicate, this Cyberside Chats episode is worth a listen: https://www.chatcyberside.com/e/collaboration-under-siege-microsoft-s-teams-security-overhaul/

#CybersideChats #Cybersecurity #ThreatLandscape #Microsoft365 #CollaborationSecurity #Phishing #IdentitySecurity #SecurityAwareness

Microsoft’s upcoming 2026 security features highlight a shift many organizations are already experiencing: collaboration platforms and identity workflows are now prime attack paths.

From Teams-based impersonation to AI-driven data exposure, these updates address behaviors attackers are actively abusing — often without malware or zero-days. Security leaders should treat this roadmap as a planning signal, not a future wish list.

Read our blog for a full breakdown: https://www.lmgsecurity.com/5-new-ish-microsoft-security-features-what-they-reveal-about-todays-threats/

#Microsoft365 #CollaborationTools #IdentityAndAccess #AIinSecurity #CISO #SecurityOperations #ThreatDetection #CyberDefense

A single cloud outage can disrupt every core system you depend on, which is why digital resilience has to extend far beyond traditional continuity planning.

In this quick video, we outline five steps every CISO should prioritize—from mapping third- and fourth-party dependencies to running cloud-outage tabletop exercises that mirror real conditions. Watch it here: https://www.youtube.com/watch?v=-fgyWb1dq_g

#DigitalResilience #CloudSecurity #BusinessContinuity #IncidentResponse #CISO #RiskManagement #ThirdPartyRisk #InfoSec

What do Microsoft’s 2026 security features tell us about how attackers are actually breaching collaboration platforms?

On this week’s Cyberside Chats, Sherri Davidoff and Matt Durrin break down the updates—from anomaly reporting to tenant restrictions—and show why every organization needs clearer data classifications, stronger identity boundaries, and easier ways for users to report suspicious activity. It’s a practical roadmap for securing the tools employees rely on every day.

Watch the video: https://www.youtube.com/watch?v=60bYlgCI7zw

Listen here: https://www.chatcyberside.com/e/collaboration-under-siege-microsoft-s-teams-security-overhaul/

Or find Cyberside Chats wherever you get your podcasts.

#CollaborationTools #Microsoft365 #IdentityManagement #AnomalyDetection #AICopilots #DataSecurity #SecurityTraining #CybersideChats

Start 2026 with one upgrade that pays off immediately: tighten identity verification across your organization. In this week’s Cyberside Chats: Live, Sherri Davidoff and Matt Durrin break down how AI-driven impersonation is changing the rules and the quick wins security teams should prioritize first.

Two more days to register: https://www.lmgsecurity.com/event/cyberside-chats-live-ai-broke-trust-identity-has-to-step-up-in-2026/

#CybersideChats #IdentitySecurity #AIThreats #Deepfakes #Authentication #SecurityAwareness #CyberRisk #EnterpriseSecurity

Think browser extensions are harmless? Think again. A multi-year campaign turned popular, trusted browser add-ons into full-blown spyware featuring remote code execution, session hijacking, token theft and real-time browsing surveillance.

If you’re managing enterprise security, audit all extensions now, enforce allow-lists, and treat them as part of your software supply chain.

Read the blog here: https://www.lmgsecurity.com/4-3-million-reasons-to-rethink-browser-extension-security/

#browserextensions #cyberrisk #threatintelligence #endpointsecurity #supplychainsecurity #identityprotection #enterpriseIT

If AI can spoof your people, your processes, and your communications, what’s left to trust?

In the next Cyberside Chats: Live, Sherri Davidoff and Matt Durrin break down the identity upgrades every organization needs for 2026: tighter verification, stronger authentication, and user training built for an era where old phishing cues no longer apply.

Register here to join us on December 17th: https://www.lmgsecurity.com/event/cyberside-chats-live-ai-broke-trust-identity-has-to-step-up-in-2026/

#CybersideChats #AIImpersonation #IdentityManagement #AccessControl #SecurityAwareness #PhishingPrevention #EnterpriseSecurity #CyberRisk

More than 4.3 million users were affected before anyone realized ShadyPanda’s extensions had turned into full surveillance tools.

In the latest Cyberside Chats episode, Sherri Davidoff and Matt Durrin break down how attackers built trust for years, then used auto-updates to harvest browsing data, authentication tokens, and even live session cookies. The discussion also covers why session hijacking is so dangerous—and the safeguards security leaders should be implementing now.

Watch the full conversation: https://youtu.be/x9AaE94KanM

Or listen to the podcast: https://www.chatcyberside.com/e/shady-panda-s-browser-backdoor-%E2%80%94-43m-chrome-edge-users-compromised/

#CybersideChats #BrowserSecurity #SupplyChainRisk #SessionHijacking #CyberThreats #IdentitySecurity #EnterpriseSecurity #SecurityOperations

Imagine you receive a call from an AI-generated voice clone of a loved one. They say they’re in trouble, and it sounds exactly like them.

That scenario is no longer fiction. In Sherri Davidoff’s recent NBC Montana and Clearwater Credit Union interview, she and Kyle Rholl explain how AI-driven voice cloning is being used to impersonate friends and family—and why reacting under pressure is exactly what scammers count on. If a call feels rushed or emotional, hang up and call back a trusted number.

Full story: https://nbcmontana.com/news/spot-the-scam/spot-the-scam-with-clearwater-credit-union-cyber-security-scams

#fraudprevention #scams #cybersecurity #voicecloning #socialengineering #fraudawareness #financialsafety

When insider incidents can hit even the most security-focused companies, it forces every organization to reconsider how much “trust” is built into their workflows. Effective insider-threat defense now requires continuous monitoring, tighter access governance, and stronger guardrails around employee privileges—because the risk isn’t theoretical anymore.

Explore how these attacks unfold and what you can do to reduce exposure on our blog: https://www.lmgsecurity.com/betrayed-from-within-the-modern-insider-attack/

Or listen to the podcast: https://www.chatcyberside.com/e/when-security-fails-crowdstrike-insider-leaks-and-the-threat-within/

#InsiderThreat #Cybersecurity #ZeroTrust #AccessManagement #SecurityOperations #RiskManagement #InsiderRisk

Insider threats are no longer edge cases — they’re becoming one of the most common drivers of real-world incidents.

Our latest article analyzes insider cases at CrowdStrike, DigitalMint, Tesla, and more, highlighting how attackers are:
- Buying insider access
- Recruiting disgruntled employees
- Exploiting remote hiring processes
- And impersonating workers using stolen identities

We outline five actionable steps security leaders can take today to strengthen insider-threat defenses.

➡️ Betrayed From Within: The Modern Insider Attack https://www.lmgsecurity.com/betrayed-from-within-the-modern-insider-attack/

#InsiderThreat #DataProtection #AccessControl #SecurityOperations #CompanyCulture #RiskReduction #CyberDefense

Recovery times are improving, and the rise of truly immutable backups is a major reason why.

This short video breaks down what “immutable” actually means, why it matters for ransomware resilience, and how proactive planning accelerates recovery.

If you’re reassessing your backup strategy, this is a clear look at what’s driving faster bounce-backs.

Watch here: https://www.youtube.com/watch?v=XgdPWZ5OKB0

#Cybersecurity #Ransomware #DataRecovery #BackupSecurity #ImmutableBackups #Resilience #IncidentResponse #BusinessContinuity

Insider threats aren’t theoretical anymore—they’re happening inside organizations just like yours.

This week on Cyberside Chats, Sherri and Matt break down major insider cases—from the new CrowdStrike leak and DigitalMint ransomware indictments to Tesla’s multi-year insider problems, and the crackdown on North Korean operatives using stolen identities to get hired.

Attackers are buying, recruiting, and embedding insiders faster than organizations are adapting their defenses.

Watch this week’s full episode for actionable strategies to reduce your organization’s risk.

Watch: https://youtu.be/s7QW_BkkAvM

Listen: https://www.chatcyberside.com/e/when-security-fails-crowdstrike-insider-leaks-and-the-threat-within/?token=80d65859eee83d3963239e2310e4d035

#Ransomware #InsiderThreats #Cybersecurity #CrowdStrike #DigitalMint #Tesla #Cyberaware #Infosec

A single “smart” device with undocumented connectivity can quietly tunnel out of your network—and most organizations don’t discover it until something goes wrong.

On the latest Cyberside Chats episode, Sherri Davidoff and Matt Durrin walk through real-world scenarios where hidden radios, cloud paths, and offshore update servers slipped in through routine hardware purchases. They explain how simple policies, ABOM requirements, and smart segmentation can stop these surprises before they become security incidents.

Listen here: https://www.chatcyberside.com/e/chinas-hidden-backdoors-buses-cranes-and-critical-infrastructure/

Watch the video: https://youtu.be/WYq6YTqanA4

#CybersideChats #HardwareRisk #SupplyChainSecurity #ThirdPartyRisk #ABOM #NetworkSecurity #FirmwareIntegrity #ConnectedTech

MFA alone isn’t enough if attackers can exploit fatigue prompts or weak fallback options.

In this 1-minute video, Sherri Davidoff and Matt Durrin break down the most common gaps and what defenders must reassess. A strong security program starts with understanding how your MFA behaves under pressure. https://www.youtube.com/watch?v=x290l-EAo8Q

#Cybersecurity #MFA #MultifactorAuthentication #2FA #Authentication #AccessControl #Credentials #SecurityBestPractices

Holiday-season scams now hit businesses as hard as consumers, with bots, spoofed sites, and AI-driven phishing targeting employees across SSO, VPN, and admin portals.

This checklist highlights practical steps security teams can take now — from enforcing strong MFA to tuning bot-detection rules and running focused awareness pushes before Black Friday and Christmas. Download it here: https://www.lmgsecurity.com/resources/holiday-fraud-defense-checklist/

#Cybersecurity #FraudPrevention #MFA #DNSFiltering #BotDetection #SecurityAwareness #BYOD #Phishing