Fake employees and compromised contractors are forcing organizations to rethink vendor vetting, hiring security, and identity controls.

Our team is seeing more incidents where attackers don’t exploit vulnerabilities—they exploit trust. In the latest Cyberside Chats episode, @sherridavidoff and @MDurrin unpack Amazon’s recent incident in which a North Korean IT worker was detected through behavioral anomalies and a Russian state-sponsored campaign abusing trusted infrastructure and edge devices.

Watch or listen to hear why hiring workflows, contractors, credentials, and edge devices are now part of your attack surface and what to do about it.

Watch the video: https://youtu.be/WE8p9I3uUuA

Listen to the podcast: https://www.chatcyberside.com/e/amazon-s-deepfake-hire-and-a-5-year-espionage-campaign-what-happened/

#LMGSecurity #CybersideChats #IdentitySecurity #VendorRisk #InitialAccess #ZeroTrust #SecurityLeadership

One weak app integration exposed some of the world’s largest companies, from Cloudflare to Palo Alto Networks.

Our latest blog breaks down the Salesforce–Drift breach: how attackers turned insecure OAuth tokens into skeleton keys, why the headlines were misleading, and — most importantly — what CISOs and IT leaders must do to defend against the next SaaS supply chain attack.

👉 Read the full article: https://www.lmgsecurity.com/connected-app-connected-risk-lessons-from-the-salesforce-drift-breach/

#Cybersecurity #SupplyChainRisk #SaaSSecurity #LMGSecurity

Google Breached in Salesforce Data Theft Wave!

Google has confirmed it was impacted by the same Salesforce data breach campaign targeting major global brands, including Cisco, Adidas, and Louis Vuitton. The ShinyHunters extortion group reportedly accessed one of Google’s CRM instances and stole SMB contact data during a brief window in June.

This breach is part of a broader attack campaign exploiting Salesforce and using vishing to target employees. At least one company has already paid a $400K ransom to prevent data leaks.

Read the details: https://www.bleepingcomputer.com/news/security/google-suffers-data-breach-in-ongoing-salesforce-data-theft-attacks/

#Cybersecurity #GoogleBreach #Salesforce #ShinyHunters #DataBreach #CRMsecurity #Vishing #Extortion #LMGSecurity #IncidentResponse #ThreatIntel #CISO #Infosec

The Amazon Q AI Hack: A Wake-Up Call for Developer Tool Security

Nearly 1 million developers unknowingly downloaded malicious code—and it took 6 days before anyone noticed.

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin dive into the Amazon Q AI Hack, a stark reminder of how vulnerable our software development tools truly are. From GitHub misconfigurations to supply chain breaches, we’ll explore:

🔹 How a single GitHub token compromise allowed a hacker to inject destructive AI prompts
🔹 Why popular AI tools like Copilot, Gemini, and Q are not as safe as you think
🔹 Supply chain attack lessons from SolarWinds, XZ Utils, and NotPetya
🔹 Best practices to secure your build pipelines and vet third-party developers

🎥 Watch the video: https://youtu.be/qHQ4jdZ7mwI
🎧 Listen to the podcast: https://www.chatcyberside.com/e/unmasking-the-amazon-q-ai-hack-the-hidden-dangers-in-software-development

#Cybersecurity #SupplyChainSecurity #AItools #DevSecOps #AmazonQHack #GitHubSecurity #Infosec #CybersideChats #LMGSecurity

Labor Day is right around the corner—are you prepared for a holiday cyberattack?

Hackers love long weekends, and history proves it. From the Kaseya ransomware outbreak on the 4th of July to the MOVEit breach over Memorial Day, cybercriminals know exactly when to strike: when your team is offline and defenses are down.

In our latest blog, we dive into some of the most infamous holiday-timed cyberattacks, including MOVEit, the Bangladesh Bank heist, and more, and share practical steps your organization can take to stay protected before and during holiday breaks.

Read our blog: https://www.lmgsecurity.com/cyberattacks-dont-take-holidays-why-hackers-love-long-weekends-and-how-to-prepare/

#Cyberattacks #Cybersecurity #IncidentResponse #HolidaySecurity #Ransomware #LMGSecurity #CISO #CyberRisk #Cyberaware #SMB #Infosec #CEO #ITSecurity

Leaked and Loaded: DOGE’s API Key Crisis

One leaked API key exposed 52 private LLMs and potentially sensitive systems across SpaceX, Twitter, and even the U.S. Treasury.

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin break down the DOGE/XAI API key leak. They share how it happened, why key management is a growing threat, and what you should do to protect your organization from similar risks.

🎥 Watch the video: https://youtu.be/Lnn225XlIc4

🎧 Listen to the podcast: https://www.chatcyberside.com/e/api-key-catastrophe-when-secrets-get-leaked/

#APIsecurity #Cybersecurity #DevSecOps #PenetrationTesting #LMGSecurity #CybersideChats #IncidentResponse #VendorRisk #KeyLeak #CISO #ITsecurity #DFIR #Pentest

Headed to Black Hat 2025? Let's grab a coffee!

Several LMG Security team members will be running training classes and attending Black Hat 2025 in Vegas next month, and we’d love to connect. Whether you’re an old friend or want to meet for the first time, let’s grab coffee and talk shop. From AI threats to pen testing, we're always up for a good security conversation.

Drop us a message to set something up: https://www.lmgsecurity.com/contact-us/

#BlackHat2025 #BHUSA #BlackHat #Cybersecurity #LMGSecurity #Infosec #PenTesting

Holiday Horror Stories: Why Hackers Love Long Weekends!

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin break down real-life cyberattacks that hit during holiday weekends, including the infamous Kaseya ransomware attack and the MOVEit data breach.

You’ll hear:
• Why 91% of ransomware attacks happen outside business hours
• How hackers strategically time attacks around holidays—when your staff is least prepared
• Lessons from Krispy Kreme, Target, and even the Bank of Bangladesh
• Practical takeaways to harden your defenses before the next long weekend

📽️ Watch the video: https://youtu.be/pCuYx9nPXgk
🎧 Listen to the podcast: https://www.chatcyberside.com/e/cyber-attacks-on-holiday-weekends-a-growing-threat/

Plan ahead. Patch before you relax, and test your holiday response plan. Contact us if you need help with testing, policy development, or training.

#Cybersecurity #Ransomware #IncidentResponse #HolidayCyberAttacks #InfoSec #CybersideChats #LMGSecurity #CISO #RiskManagement #Kaseya #MOVEit #CyberThreats #Cyberaware #Cyber

How do attackers go from file shares to full domain admin access without ever stealing a password? In this real-world case study, we'll share how a single misconfiguration opened the door to a full network compromise, and how our #pentest team exploited hidden file shares (with that sneaky $ at the end) to uncover sensitive data most IT teams don’t realize is exposed.

We'll share:
• How attackers exploit hidden file shares
• Why misconfigured Windows Deployment Services are a major risk
• The exact relay attack path that led to domain dominance
• What red flags to look for in your environment

Watch: https://youtu.be/78L2Zz2Ttbs

#Cybersecurity #PenetrationTesting #DomainAdmin #NetworkSecurity #Windows #LMGSecurity #RedTeam #ITSecurity #infosec #pentesting #IT #CISO

Online extortion is the new ransomware. Is your organization prepared?

Today’s hackers frequently skip the encryption step of ransomware and go straight to online extortion, stealing your data and threatening to leak it unless you pay.

In our latest blog, we break down:
• Why exfiltration-only attacks are surging
• How threat actors like World Leaks operate
• What your organization can do to stay ahead

Read the details: https://www.lmgsecurity.com/online-extortion-is-the-new-ransomware-why-hackers-just-want-your-data/

#Cybersecurity #CISO #Infosec #Ransomware #RiskManagement #DFIR #OnlineExtortion #ThreatIntel #LMGSecurity #IncidentResponse #DataLeak #Cyberaware #Cyber #SMB