Fake employees and compromised contractors are forcing organizations to rethink vendor vetting, hiring security, and identity controls.

Our team is seeing more incidents where attackers don’t exploit vulnerabilities—they exploit trust. In the latest Cyberside Chats episode, @sherridavidoff and @MDurrin unpack Amazon’s recent incident in which a North Korean IT worker was detected through behavioral anomalies and a Russian state-sponsored campaign abusing trusted infrastructure and edge devices.

Watch or listen to hear why hiring workflows, contractors, credentials, and edge devices are now part of your attack surface and what to do about it.

Watch the video: https://youtu.be/WE8p9I3uUuA

Listen to the podcast: https://www.chatcyberside.com/e/amazon-s-deepfake-hire-and-a-5-year-espionage-campaign-what-happened/

#LMGSecurity #CybersideChats #IdentitySecurity #VendorRisk #InitialAccess #ZeroTrust #SecurityLeadership

Many organizations still treat identity as something you check once at login. On this week’s Cyberside Chats, Sherri Davidoff and Matt Durrin break down how AI-driven impersonation has made that model unsafe, and why authentication has to extend into calls, chats, approvals, and support workflows in 2026.

They also cover practical ways to add verification where mistakes are costly and how to retrain employees when visual and verbal cues can’t be trusted. If identity is on your 2026 roadmap, this conversation helps clarify what needs to change.

Watch the video: https://youtu.be/J0UJSV6wYlI

Listen here: https://www.chatcyberside.com/e/when-ai-steals-trust-deepfakes-phishing-and-the-new-identity-crisis/

#CybersideChats #IdentitySecurity #Authentication #AIThreats #EnterpriseSecurity #SecurityPrograms #RiskManagement #ITSecurity

Collaboration tools like Teams, Slack, and Zoom have become prime targets for attackers—and Microsoft’s latest roadmap updates reflect that shift.

These new security features tell us a lot about the evolving threat landscape and where organizations still need to pay attention. If your security strategy hasn’t caught up with how people actually communicate, this Cyberside Chats episode is worth a listen: https://www.chatcyberside.com/e/collaboration-under-siege-microsoft-s-teams-security-overhaul/

#CybersideChats #Cybersecurity #ThreatLandscape #Microsoft365 #CollaborationSecurity #Phishing #IdentitySecurity #SecurityAwareness

What do Microsoft’s 2026 security features tell us about how attackers are actually breaching collaboration platforms?

On this week’s Cyberside Chats, Sherri Davidoff and Matt Durrin break down the updates—from anomaly reporting to tenant restrictions—and show why every organization needs clearer data classifications, stronger identity boundaries, and easier ways for users to report suspicious activity. It’s a practical roadmap for securing the tools employees rely on every day.

Watch the video: https://www.youtube.com/watch?v=60bYlgCI7zw

Listen here: https://www.chatcyberside.com/e/collaboration-under-siege-microsoft-s-teams-security-overhaul/

Or find Cyberside Chats wherever you get your podcasts.

#CollaborationTools #Microsoft365 #IdentityManagement #AnomalyDetection #AICopilots #DataSecurity #SecurityTraining #CybersideChats

Start 2026 with one upgrade that pays off immediately: tighten identity verification across your organization. In this week’s Cyberside Chats: Live, Sherri Davidoff and Matt Durrin break down how AI-driven impersonation is changing the rules and the quick wins security teams should prioritize first.

Two more days to register: https://www.lmgsecurity.com/event/cyberside-chats-live-ai-broke-trust-identity-has-to-step-up-in-2026/

#CybersideChats #IdentitySecurity #AIThreats #Deepfakes #Authentication #SecurityAwareness #CyberRisk #EnterpriseSecurity

If AI can spoof your people, your processes, and your communications, what’s left to trust?

In the next Cyberside Chats: Live, Sherri Davidoff and Matt Durrin break down the identity upgrades every organization needs for 2026: tighter verification, stronger authentication, and user training built for an era where old phishing cues no longer apply.

Register here to join us on December 17th: https://www.lmgsecurity.com/event/cyberside-chats-live-ai-broke-trust-identity-has-to-step-up-in-2026/

#CybersideChats #AIImpersonation #IdentityManagement #AccessControl #SecurityAwareness #PhishingPrevention #EnterpriseSecurity #CyberRisk

More than 4.3 million users were affected before anyone realized ShadyPanda’s extensions had turned into full surveillance tools.

In the latest Cyberside Chats episode, Sherri Davidoff and Matt Durrin break down how attackers built trust for years, then used auto-updates to harvest browsing data, authentication tokens, and even live session cookies. The discussion also covers why session hijacking is so dangerous—and the safeguards security leaders should be implementing now.

Watch the full conversation: https://youtu.be/x9AaE94KanM

Or listen to the podcast: https://www.chatcyberside.com/e/shady-panda-s-browser-backdoor-%E2%80%94-43m-chrome-edge-users-compromised/

#CybersideChats #BrowserSecurity #SupplyChainRisk #SessionHijacking #CyberThreats #IdentitySecurity #EnterpriseSecurity #SecurityOperations

A single “smart” device with undocumented connectivity can quietly tunnel out of your network—and most organizations don’t discover it until something goes wrong.

On the latest Cyberside Chats episode, Sherri Davidoff and Matt Durrin walk through real-world scenarios where hidden radios, cloud paths, and offshore update servers slipped in through routine hardware purchases. They explain how simple policies, ABOM requirements, and smart segmentation can stop these surprises before they become security incidents.

Listen here: https://www.chatcyberside.com/e/chinas-hidden-backdoors-buses-cranes-and-critical-infrastructure/

Watch the video: https://youtu.be/WYq6YTqanA4

#CybersideChats #HardwareRisk #SupplyChainSecurity #ThirdPartyRisk #ABOM #NetworkSecurity #FirmwareIntegrity #ConnectedTech

Why does the “why” matter in cybersecurity?

In the latest Cyberside Chats episode, Matt Durrin and Todd Stewart discuss how understanding and communicating purpose, not just process, improves engagement, retention, and impact across every audience.

Listen to the podcast: https://www.chatcyberside.com/e/lead-with-why-transforming-cybersecurity-training-with-storytelling/

Watch the video: https://www.youtube.com/watch?v=xMKiARgWsxk

#Cybersecurity #Podcast #SecurityAwareness #CyberAwareness #CybersideChats

The Amazon Q AI Hack: A Wake-Up Call for Developer Tool Security

Nearly 1 million developers unknowingly downloaded malicious code—and it took 6 days before anyone noticed.

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin dive into the Amazon Q AI Hack, a stark reminder of how vulnerable our software development tools truly are. From GitHub misconfigurations to supply chain breaches, we’ll explore:

🔹 How a single GitHub token compromise allowed a hacker to inject destructive AI prompts
🔹 Why popular AI tools like Copilot, Gemini, and Q are not as safe as you think
🔹 Supply chain attack lessons from SolarWinds, XZ Utils, and NotPetya
🔹 Best practices to secure your build pipelines and vet third-party developers

🎥 Watch the video: https://youtu.be/qHQ4jdZ7mwI
🎧 Listen to the podcast: https://www.chatcyberside.com/e/unmasking-the-amazon-q-ai-hack-the-hidden-dangers-in-software-development

#Cybersecurity #SupplyChainSecurity #AItools #DevSecOps #AmazonQHack #GitHubSecurity #Infosec #CybersideChats #LMGSecurity