LMG Security
@lmgsecurity.bsky.social
LMG Security is a top cybersecurity firm providing penetration testing, advisory services, training, & more. Our experts speak at conferences like Black Hat and RSA, and have been featured in The Wall Street Journal, The New York Times, & many other pubs.
This Thanksgiving, we’re feeling grateful for the clients, partners, and colleagues who make our work meaningful all year long.
Thank you for the conversations, the collaboration, and the chance to tackle big challenges together. Wishing everyone a happy and restful holiday.
Thank you for the conversations, the collaboration, and the chance to tackle big challenges together. Wishing everyone a happy and restful holiday.
November 27, 2025 at 6:20 PM
This Thanksgiving, we’re feeling grateful for the clients, partners, and colleagues who make our work meaningful all year long.
Thank you for the conversations, the collaboration, and the chance to tackle big challenges together. Wishing everyone a happy and restful holiday.
Thank you for the conversations, the collaboration, and the chance to tackle big challenges together. Wishing everyone a happy and restful holiday.
A single “smart” device can quietly tunnel out of your network. Today on #CybersideChats: real-world scenarios where hidden radios, #cloud paths, and offshore update servers slipped in through routine #hardware purchases.
Listen: www.chatcyberside.com/e/chinas-hid...
Watch: youtu.be/WYq6YTqanA4
Listen: www.chatcyberside.com/e/chinas-hid...
Watch: youtu.be/WYq6YTqanA4
November 25, 2025 at 3:43 PM
A single “smart” device can quietly tunnel out of your network. Today on #CybersideChats: real-world scenarios where hidden radios, #cloud paths, and offshore update servers slipped in through routine #hardware purchases.
Listen: www.chatcyberside.com/e/chinas-hid...
Watch: youtu.be/WYq6YTqanA4
Listen: www.chatcyberside.com/e/chinas-hid...
Watch: youtu.be/WYq6YTqanA4
#Holiday season scams now hit businesses as hard as consumers. This checklist highlights practical steps #security teams can take now—from enforcing strong #MFA to tuning #botdetection rules & more: www.lmgsecurity.com/resources/ho...
#Cybersecurity #FraudPrevention #DNSFiltering #BYOD #Phishing
#Cybersecurity #FraudPrevention #DNSFiltering #BYOD #Phishing
November 21, 2025 at 5:29 PM
#Holiday season scams now hit businesses as hard as consumers. This checklist highlights practical steps #security teams can take now—from enforcing strong #MFA to tuning #botdetection rules & more: www.lmgsecurity.com/resources/ho...
#Cybersecurity #FraudPrevention #DNSFiltering #BYOD #Phishing
#Cybersecurity #FraudPrevention #DNSFiltering #BYOD #Phishing
#AI driven #fraud is hitting holiday shoppers at machine speed. Today on #CybersideChats, Sherri & Matt discuss how #phishing kits, prebuilt configs, and bot-driven takeovers enable #CredentialAbuse.
Podcast: www.chatcyberside.com/e/holiday-ha...
Video: youtu.be/TpMD5v5JUNc
#Cybersecurity
Podcast: www.chatcyberside.com/e/holiday-ha...
Video: youtu.be/TpMD5v5JUNc
#Cybersecurity
November 18, 2025 at 1:23 PM
#AI driven #fraud is hitting holiday shoppers at machine speed. Today on #CybersideChats, Sherri & Matt discuss how #phishing kits, prebuilt configs, and bot-driven takeovers enable #CredentialAbuse.
Podcast: www.chatcyberside.com/e/holiday-ha...
Video: youtu.be/TpMD5v5JUNc
#Cybersecurity
Podcast: www.chatcyberside.com/e/holiday-ha...
Video: youtu.be/TpMD5v5JUNc
#Cybersecurity
When #security assessments leak, the fallout can eclipse the incident. In our latest #CybersideChats on the #Louvre heist, we dig into how exposed #audit findings fueled scrutiny. Listen to hear how a seven-minute #robbery turned into a reputational firestorm: www.chatcyberside.com/e/louvre-hei...
November 17, 2025 at 3:55 PM
When #security assessments leak, the fallout can eclipse the incident. In our latest #CybersideChats on the #Louvre heist, we dig into how exposed #audit findings fueled scrutiny. Listen to hear how a seven-minute #robbery turned into a reputational firestorm: www.chatcyberside.com/e/louvre-hei...
Last week, LMG Security had the pleasure of speaking with the Las Vegas ISSA chapter! Matt Durrin led a thought-provoking session on “ #DeepFakes & AI: The New Frontier of #Cybercrime.” He explored how rapidly evolving #AI tools are transforming #SocialEngineering, fraud, and digital trust.
November 12, 2025 at 7:00 PM
Last week, LMG Security had the pleasure of speaking with the Las Vegas ISSA chapter! Matt Durrin led a thought-provoking session on “ #DeepFakes & AI: The New Frontier of #Cybercrime.” He explored how rapidly evolving #AI tools are transforming #SocialEngineering, fraud, and digital trust.
When the #Louvre was robbed, most people blamed the thieves. But leaked audit reports told a story of weak passwords, ignored warnings, & outdated systems. Hear more from Sherri & Matt on Cyberside Chats.
Podcast: www.chatcyberside.com/e/louvre-hei...
Video: youtu.be/3ErXdXv_bN8
#cybersecurity
Podcast: www.chatcyberside.com/e/louvre-hei...
Video: youtu.be/3ErXdXv_bN8
#cybersecurity
November 11, 2025 at 2:53 PM
When the #Louvre was robbed, most people blamed the thieves. But leaked audit reports told a story of weak passwords, ignored warnings, & outdated systems. Hear more from Sherri & Matt on Cyberside Chats.
Podcast: www.chatcyberside.com/e/louvre-hei...
Video: youtu.be/3ErXdXv_bN8
#cybersecurity
Podcast: www.chatcyberside.com/e/louvre-hei...
Video: youtu.be/3ErXdXv_bN8
#cybersecurity
Attackers are turning Google results into #malware delivery systems, using fake software installers and sponsored ads to plant backdoors inside organizations. Podcast: www.chatcyberside.com/e/search-res...
Video: youtu.be/xKKA1ikoZ-4
#SEOpoisoning #Malvertising #Cybersecurity #Software #Phishing
Video: youtu.be/xKKA1ikoZ-4
#SEOpoisoning #Malvertising #Cybersecurity #Software #Phishing
November 4, 2025 at 3:16 PM
Attackers are turning Google results into #malware delivery systems, using fake software installers and sponsored ads to plant backdoors inside organizations. Podcast: www.chatcyberside.com/e/search-res...
Video: youtu.be/xKKA1ikoZ-4
#SEOpoisoning #Malvertising #Cybersecurity #Software #Phishing
Video: youtu.be/xKKA1ikoZ-4
#SEOpoisoning #Malvertising #Cybersecurity #Software #Phishing
What happens when you mix a high-stakes #cybersecurity #tabletopexercise with top-shelf whiskey? An unforgettable night.
LMG Security & Constangy hosted an exclusive #AI Fraud Tabletop & Whiskey Tasting where guests tackled a live #IncidentResponse scenario.
Thanks to everyone who joined us!
LMG Security & Constangy hosted an exclusive #AI Fraud Tabletop & Whiskey Tasting where guests tackled a live #IncidentResponse scenario.
Thanks to everyone who joined us!
October 31, 2025 at 2:19 PM
What happens when you mix a high-stakes #cybersecurity #tabletopexercise with top-shelf whiskey? An unforgettable night.
LMG Security & Constangy hosted an exclusive #AI Fraud Tabletop & Whiskey Tasting where guests tackled a live #IncidentResponse scenario.
Thanks to everyone who joined us!
LMG Security & Constangy hosted an exclusive #AI Fraud Tabletop & Whiskey Tasting where guests tackled a live #IncidentResponse scenario.
Thanks to everyone who joined us!
We had a great time at #BSidesPDX connecting with the local security community! Matt Durrin took the stage to present “Hackers + #AI: Faster, Smarter, More Dangerous,” a demo showing how criminals are using tools like #WormGPT to uncover vulnerabilities, generate exploits, and weaponize zero-days.
October 29, 2025 at 2:37 PM
We had a great time at #BSidesPDX connecting with the local security community! Matt Durrin took the stage to present “Hackers + #AI: Faster, Smarter, More Dangerous,” a demo showing how criminals are using tools like #WormGPT to uncover vulnerabilities, generate exploits, and weaponize zero-days.
When #AWS went offline, the outage exposed a global web of dependencies. Sherri & Matt explore what really happened, how fourth-party risks can undermine resilience, and practical steps to take on Cyberside Chats.
Listen: www.chatcyberside.com/e/when-the-c...
Watch: youtu.be/Djz-_VblMAw
#cloud
Listen: www.chatcyberside.com/e/when-the-c...
Watch: youtu.be/Djz-_VblMAw
#cloud
October 28, 2025 at 1:41 PM
When #AWS went offline, the outage exposed a global web of dependencies. Sherri & Matt explore what really happened, how fourth-party risks can undermine resilience, and practical steps to take on Cyberside Chats.
Listen: www.chatcyberside.com/e/when-the-c...
Watch: youtu.be/Djz-_VblMAw
#cloud
Listen: www.chatcyberside.com/e/when-the-c...
Watch: youtu.be/Djz-_VblMAw
#cloud
Diversity builds resilience — especially in the #cloud. Matt Durrin reminds us that spreading workloads across multiple clouds isn’t just a best practice, it’s a safeguard against systemic risk.
More on our blog: www.lmgsecurity.com/beyond-aws-h...
#AWS #DNS #CloudSecurity #FourthPartyRisk
More on our blog: www.lmgsecurity.com/beyond-aws-h...
#AWS #DNS #CloudSecurity #FourthPartyRisk
October 24, 2025 at 12:49 PM
Diversity builds resilience — especially in the #cloud. Matt Durrin reminds us that spreading workloads across multiple clouds isn’t just a best practice, it’s a safeguard against systemic risk.
More on our blog: www.lmgsecurity.com/beyond-aws-h...
#AWS #DNS #CloudSecurity #FourthPartyRisk
More on our blog: www.lmgsecurity.com/beyond-aws-h...
#AWS #DNS #CloudSecurity #FourthPartyRisk
When #ransomware halted Jaguar Land Rover’s production, it disrupted entire supply chains. In our latest #CybersideChats, we discuss what made this attack so impactful and share insights on how to strengthen resilience.
Podcast: www.chatcyberside.com/e/manufactur...
Video: youtu.be/LTW59YBJe-Q
Podcast: www.chatcyberside.com/e/manufactur...
Video: youtu.be/LTW59YBJe-Q
October 21, 2025 at 3:10 PM
When #ransomware halted Jaguar Land Rover’s production, it disrupted entire supply chains. In our latest #CybersideChats, we discuss what made this attack so impactful and share insights on how to strengthen resilience.
Podcast: www.chatcyberside.com/e/manufactur...
Video: youtu.be/LTW59YBJe-Q
Podcast: www.chatcyberside.com/e/manufactur...
Video: youtu.be/LTW59YBJe-Q
We had a great time at the @seckc.org meetup! Tom Pohl shared insights on Microsoft CA exploits, showing how small misconfigurations can lead to full domain admin takeover. Big thanks to SecKC for the welcome and for making cybersecurity even more fun with a Halloween twist. #Cybersecurity #SecKC
October 20, 2025 at 2:48 PM
We had a great time at the @seckc.org meetup! Tom Pohl shared insights on Microsoft CA exploits, showing how small misconfigurations can lead to full domain admin takeover. Big thanks to SecKC for the welcome and for making cybersecurity even more fun with a Halloween twist. #Cybersecurity #SecKC
Why does the “why” matter in #cybersecurity? Matt Durrin & Todd Stewart discuss how understanding and communicating purpose, not just process, improves engagement, retention, & impact.
#podcast: www.chatcyberside.com/e/lead-with-...
Video: www.youtube.com/watch?v=xMKi...
#CybersecurityTraining
#podcast: www.chatcyberside.com/e/lead-with-...
Video: www.youtube.com/watch?v=xMKi...
#CybersecurityTraining
October 14, 2025 at 2:50 PM
Why does the “why” matter in #cybersecurity? Matt Durrin & Todd Stewart discuss how understanding and communicating purpose, not just process, improves engagement, retention, & impact.
#podcast: www.chatcyberside.com/e/lead-with-...
Video: www.youtube.com/watch?v=xMKi...
#CybersecurityTraining
#podcast: www.chatcyberside.com/e/lead-with-...
Video: www.youtube.com/watch?v=xMKi...
#CybersecurityTraining
When #threatintelligence stops flowing, everyone feels the impact—even those who never see it directly. The expiration of the CISA raises questions about how organizations can stay informed and protected. Full conversation here: www.chatcyberside.com/e/when-cisa-...
October 10, 2025 at 1:26 PM
When #threatintelligence stops flowing, everyone feels the impact—even those who never see it directly. The expiration of the CISA raises questions about how organizations can stay informed and protected. Full conversation here: www.chatcyberside.com/e/when-cisa-...
Scattered Spider isn’t using cutting-edge exploits. They’re calling the #helpdesk and tricking staff into resetting passwords or MFA. Full podcast: https://www.chatcyberside.com/e/inside-scattered-spider-how-teen-hackers-and-crypto-trails-brought-down-a-global-ransom-network/ #socialengineering
October 6, 2025 at 4:45 PM
Scattered Spider isn’t using cutting-edge exploits. They’re calling the #helpdesk and tricking staff into resetting passwords or MFA. Full podcast: https://www.chatcyberside.com/e/inside-scattered-spider-how-teen-hackers-and-crypto-trails-brought-down-a-global-ransom-network/ #socialengineering
Telegram isn’t just chat—it’s emerging as a new iteration of the #darkweb. Encrypted channels are now hubs where cybercriminals share tools, sell products, and even run services like #WormGPT.
Full podcast: www.chatcyberside.com/e/inside-sca...
Video: www.youtube.com/watch?v=Dxd9...
Full podcast: www.chatcyberside.com/e/inside-sca...
Video: www.youtube.com/watch?v=Dxd9...
October 3, 2025 at 3:14 PM
Telegram isn’t just chat—it’s emerging as a new iteration of the #darkweb. Encrypted channels are now hubs where cybercriminals share tools, sell products, and even run services like #WormGPT.
Full podcast: www.chatcyberside.com/e/inside-sca...
Video: www.youtube.com/watch?v=Dxd9...
Full podcast: www.chatcyberside.com/e/inside-sca...
Video: www.youtube.com/watch?v=Dxd9...
#ScatteredSpider is back in the spotlight — but indictments tell the bigger story. Today on Cyberside Chats, Sherri & Matt break down the lessons, from tightening help desk verification to #socialengineering training.
Listen: www.chatcyberside.com/e/inside-sca...
Watch: youtu.be/Dxd9UR3nKXU
Listen: www.chatcyberside.com/e/inside-sca...
Watch: youtu.be/Dxd9UR3nKXU
September 30, 2025 at 1:14 PM
#ScatteredSpider is back in the spotlight — but indictments tell the bigger story. Today on Cyberside Chats, Sherri & Matt break down the lessons, from tightening help desk verification to #socialengineering training.
Listen: www.chatcyberside.com/e/inside-sca...
Watch: youtu.be/Dxd9UR3nKXU
Listen: www.chatcyberside.com/e/inside-sca...
Watch: youtu.be/Dxd9UR3nKXU
Vibe hacking isn’t just about writing malicious code with #AI — it’s also about what happens after your data is stolen. Listen to the podcast to hear Sherri Davidoff & Matt Durrin explain how #vibehacking works and how attackers are using tools like #WormGPT: www.chatcyberside.com/e/vibe-hacki...
September 24, 2025 at 2:44 PM
Vibe hacking isn’t just about writing malicious code with #AI — it’s also about what happens after your data is stolen. Listen to the podcast to hear Sherri Davidoff & Matt Durrin explain how #vibehacking works and how attackers are using tools like #WormGPT: www.chatcyberside.com/e/vibe-hacki...
AI coding tools are reshaping development & giving rise to #VibeHacking. In today’s episode of Cyberside Chats, Sherri Davidoff and Matt Durrin explore what this means for security, supply chain, & IR planning.
Video: www.youtube.com/watch?v=fTOJ...
Podcast: www.chatcyberside.com/e/vibe-hacki...
Video: www.youtube.com/watch?v=fTOJ...
Podcast: www.chatcyberside.com/e/vibe-hacki...
September 23, 2025 at 12:39 PM
AI coding tools are reshaping development & giving rise to #VibeHacking. In today’s episode of Cyberside Chats, Sherri Davidoff and Matt Durrin explore what this means for security, supply chain, & IR planning.
Video: www.youtube.com/watch?v=fTOJ...
Podcast: www.chatcyberside.com/e/vibe-hacki...
Video: www.youtube.com/watch?v=fTOJ...
Podcast: www.chatcyberside.com/e/vibe-hacki...
The Salesforce–Drift breach was too big for just one episode. On today’s episode of #CybersideChats, Sherri Davidoff and Matt Durrin unpack the latest disclosures and share steps to prepare for the next #SaaS compromise.
Podcast: www.chatcyberside.com/e/massive-dr...
Video: youtu.be/tl4qK4CaeVw
Podcast: www.chatcyberside.com/e/massive-dr...
Video: youtu.be/tl4qK4CaeVw
September 16, 2025 at 2:53 PM
The Salesforce–Drift breach was too big for just one episode. On today’s episode of #CybersideChats, Sherri Davidoff and Matt Durrin unpack the latest disclosures and share steps to prepare for the next #SaaS compromise.
Podcast: www.chatcyberside.com/e/massive-dr...
Video: youtu.be/tl4qK4CaeVw
Podcast: www.chatcyberside.com/e/massive-dr...
Video: youtu.be/tl4qK4CaeVw
Attackers didn’t break into #Salesforce — they walked in through a trusted app. The Salesforce–Drift #breach shows how OAuth tokens can become skeleton keys when app permissions aren’t tightly controlled.
Cyberside Chats Podcast: www.chatcyberside.com/e/how-a-stol...
Video: youtu.be/riEcUehZCd4
Cyberside Chats Podcast: www.chatcyberside.com/e/how-a-stol...
Video: youtu.be/riEcUehZCd4
September 9, 2025 at 8:14 PM
Attackers didn’t break into #Salesforce — they walked in through a trusted app. The Salesforce–Drift #breach shows how OAuth tokens can become skeleton keys when app permissions aren’t tightly controlled.
Cyberside Chats Podcast: www.chatcyberside.com/e/how-a-stol...
Video: youtu.be/riEcUehZCd4
Cyberside Chats Podcast: www.chatcyberside.com/e/how-a-stol...
Video: youtu.be/riEcUehZCd4
A forgotten stack of papers in a hotel printer exposed U.S. State Department schedules, contacts, and more. Unmanaged printers still create blind spots. Sherri & Matt share more in this Cyberside Chats episode.
Watch: www.youtube.com/watch?v=xTFd...
Listen: www.chatcyberside.com/e/printer-pr...
Watch: www.youtube.com/watch?v=xTFd...
Listen: www.chatcyberside.com/e/printer-pr...
August 26, 2025 at 1:21 PM
A forgotten stack of papers in a hotel printer exposed U.S. State Department schedules, contacts, and more. Unmanaged printers still create blind spots. Sherri & Matt share more in this Cyberside Chats episode.
Watch: www.youtube.com/watch?v=xTFd...
Listen: www.chatcyberside.com/e/printer-pr...
Watch: www.youtube.com/watch?v=xTFd...
Listen: www.chatcyberside.com/e/printer-pr...
"Deepfake technology is no longer a novelty—it’s an insider threat tool." - Sherri Davidoff
Learn how to protect your organization from state-backed #deepfake employees.
Full podcast: www.chatcyberside.com/e/unmasking-...
Video: youtu.be/ypY5r__aZ1M
#InsiderThreat #CyberSecurity
Learn how to protect your organization from state-backed #deepfake employees.
Full podcast: www.chatcyberside.com/e/unmasking-...
Video: youtu.be/ypY5r__aZ1M
#InsiderThreat #CyberSecurity
August 13, 2025 at 2:25 PM
"Deepfake technology is no longer a novelty—it’s an insider threat tool." - Sherri Davidoff
Learn how to protect your organization from state-backed #deepfake employees.
Full podcast: www.chatcyberside.com/e/unmasking-...
Video: youtu.be/ypY5r__aZ1M
#InsiderThreat #CyberSecurity
Learn how to protect your organization from state-backed #deepfake employees.
Full podcast: www.chatcyberside.com/e/unmasking-...
Video: youtu.be/ypY5r__aZ1M
#InsiderThreat #CyberSecurity