Fake employees and compromised contractors are forcing organizations to rethink vendor vetting, hiring security, and identity controls.

Our team is seeing more incidents where attackers don’t exploit vulnerabilities—they exploit trust. In the latest Cyberside Chats episode, @sherridavidoff and @MDurrin unpack Amazon’s recent incident in which a North Korean IT worker was detected through behavioral anomalies and a Russian state-sponsored campaign abusing trusted infrastructure and edge devices.

Watch or listen to hear why hiring workflows, contractors, credentials, and edge devices are now part of your attack surface and what to do about it.

Watch the video: https://youtu.be/WE8p9I3uUuA

Listen to the podcast: https://www.chatcyberside.com/e/amazon-s-deepfake-hire-and-a-5-year-espionage-campaign-what-happened/

#LMGSecurity #CybersideChats #IdentitySecurity #VendorRisk #InitialAccess #ZeroTrust #SecurityLeadership

Many organizations still treat identity as something you check once at login. On this week’s Cyberside Chats, Sherri Davidoff and Matt Durrin break down how AI-driven impersonation has made that model unsafe, and why authentication has to extend into calls, chats, approvals, and support workflows in 2026.

They also cover practical ways to add verification where mistakes are costly and how to retrain employees when visual and verbal cues can’t be trusted. If identity is on your 2026 roadmap, this conversation helps clarify what needs to change.

Watch the video: https://youtu.be/J0UJSV6wYlI

Listen here: https://www.chatcyberside.com/e/when-ai-steals-trust-deepfakes-phishing-and-the-new-identity-crisis/

#CybersideChats #IdentitySecurity #Authentication #AIThreats #EnterpriseSecurity #SecurityPrograms #RiskManagement #ITSecurity

Collaboration tools like Teams, Slack, and Zoom have become prime targets for attackers—and Microsoft’s latest roadmap updates reflect that shift.

These new security features tell us a lot about the evolving threat landscape and where organizations still need to pay attention. If your security strategy hasn’t caught up with how people actually communicate, this Cyberside Chats episode is worth a listen: https://www.chatcyberside.com/e/collaboration-under-siege-microsoft-s-teams-security-overhaul/

#CybersideChats #Cybersecurity #ThreatLandscape #Microsoft365 #CollaborationSecurity #Phishing #IdentitySecurity #SecurityAwareness

What do Microsoft’s 2026 security features tell us about how attackers are actually breaching collaboration platforms?

On this week’s Cyberside Chats, Sherri Davidoff and Matt Durrin break down the updates—from anomaly reporting to tenant restrictions—and show why every organization needs clearer data classifications, stronger identity boundaries, and easier ways for users to report suspicious activity. It’s a practical roadmap for securing the tools employees rely on every day.

Watch the video: https://www.youtube.com/watch?v=60bYlgCI7zw

Listen here: https://www.chatcyberside.com/e/collaboration-under-siege-microsoft-s-teams-security-overhaul/

Or find Cyberside Chats wherever you get your podcasts.

#CollaborationTools #Microsoft365 #IdentityManagement #AnomalyDetection #AICopilots #DataSecurity #SecurityTraining #CybersideChats

More than 4.3 million users were affected before anyone realized ShadyPanda’s extensions had turned into full surveillance tools.

In the latest Cyberside Chats episode, Sherri Davidoff and Matt Durrin break down how attackers built trust for years, then used auto-updates to harvest browsing data, authentication tokens, and even live session cookies. The discussion also covers why session hijacking is so dangerous—and the safeguards security leaders should be implementing now.

Watch the full conversation: https://youtu.be/x9AaE94KanM

Or listen to the podcast: https://www.chatcyberside.com/e/shady-panda-s-browser-backdoor-%E2%80%94-43m-chrome-edge-users-compromised/

#CybersideChats #BrowserSecurity #SupplyChainRisk #SessionHijacking #CyberThreats #IdentitySecurity #EnterpriseSecurity #SecurityOperations

When insider incidents can hit even the most security-focused companies, it forces every organization to reconsider how much “trust” is built into their workflows. Effective insider-threat defense now requires continuous monitoring, tighter access governance, and stronger guardrails around employee privileges—because the risk isn’t theoretical anymore.

Explore how these attacks unfold and what you can do to reduce exposure on our blog: https://www.lmgsecurity.com/betrayed-from-within-the-modern-insider-attack/

Or listen to the podcast: https://www.chatcyberside.com/e/when-security-fails-crowdstrike-insider-leaks-and-the-threat-within/

#InsiderThreat #Cybersecurity #ZeroTrust #AccessManagement #SecurityOperations #RiskManagement #InsiderRisk

Insider threats aren’t theoretical anymore—they’re happening inside organizations just like yours.

This week on Cyberside Chats, Sherri and Matt break down major insider cases—from the new CrowdStrike leak and DigitalMint ransomware indictments to Tesla’s multi-year insider problems, and the crackdown on North Korean operatives using stolen identities to get hired.

Attackers are buying, recruiting, and embedding insiders faster than organizations are adapting their defenses.

Watch this week’s full episode for actionable strategies to reduce your organization’s risk.

Watch: https://youtu.be/s7QW_BkkAvM

Listen: https://www.chatcyberside.com/e/when-security-fails-crowdstrike-insider-leaks-and-the-threat-within/?token=80d65859eee83d3963239e2310e4d035

#Ransomware #InsiderThreats #Cybersecurity #CrowdStrike #DigitalMint #Tesla #Cyberaware #Infosec

A single “smart” device with undocumented connectivity can quietly tunnel out of your network—and most organizations don’t discover it until something goes wrong.

On the latest Cyberside Chats episode, Sherri Davidoff and Matt Durrin walk through real-world scenarios where hidden radios, cloud paths, and offshore update servers slipped in through routine hardware purchases. They explain how simple policies, ABOM requirements, and smart segmentation can stop these surprises before they become security incidents.

Listen here: https://www.chatcyberside.com/e/chinas-hidden-backdoors-buses-cranes-and-critical-infrastructure/

Watch the video: https://youtu.be/WYq6YTqanA4

#CybersideChats #HardwareRisk #SupplyChainSecurity #ThirdPartyRisk #ABOM #NetworkSecurity #FirmwareIntegrity #ConnectedTech

Holiday-season scams now hit businesses as hard as consumers, with bots, spoofed sites, and AI-driven phishing targeting employees across SSO, VPN, and admin portals.

This checklist highlights practical steps security teams can take now — from enforcing strong MFA to tuning bot-detection rules and running focused awareness pushes before Black Friday and Christmas. Download it here: https://www.lmgsecurity.com/resources/holiday-fraud-defense-checklist/

#Cybersecurity #FraudPrevention #MFA #DNSFiltering #BotDetection #SecurityAwareness #BYOD #Phishing

AI-driven fraud is hitting holiday shoppers at machine speed. In today’s Cyberside Chats episode, Sherri Davidoff and Matt Durrin unpack what that looks like in the real world. They discuss how phishing kits, prebuilt configs, and bot-driven takeovers are giving attackers a near-instant launchpad for credential abuse.

This breakdown shows how quickly these tools scale—and why teams need to shore up people, passwords, and payments before the rush.

Listen here: https://www.chatcyberside.com/e/holiday-hack-alert-ai-bots-phishing-and-the-gift-card-scam-surge/

Watch the video: https://youtu.be/TpMD5v5JUNc

Or find Cyberside Chats wherever you get your podcasts.

#CyberDefense #SecurityAwareness #OnlineFraud #DigitalRisk #ThreatResearch #AIinSecurity #Malvertising #HolidayThreats