LMG Security
@lmgsecurity.bsky.social
LMG Security is a top cybersecurity firm providing penetration testing, advisory services, training, & more. Our experts speak at conferences like Black Hat and RSA, and have been featured in The Wall Street Journal, The New York Times, & many other pubs.
Last week, LMG Security had the pleasure of speaking with the Las Vegas ISSA chapter! Matt Durrin led a thought-provoking session on “ #DeepFakes & AI: The New Frontier of #Cybercrime.” He explored how rapidly evolving #AI tools are transforming #SocialEngineering, fraud, and digital trust.
November 12, 2025 at 7:00 PM
Last week, LMG Security had the pleasure of speaking with the Las Vegas ISSA chapter! Matt Durrin led a thought-provoking session on “ #DeepFakes & AI: The New Frontier of #Cybercrime.” He explored how rapidly evolving #AI tools are transforming #SocialEngineering, fraud, and digital trust.
When the #Louvre was robbed, most people blamed the thieves. But leaked audit reports told a story of weak passwords, ignored warnings, & outdated systems. Hear more from Sherri & Matt on Cyberside Chats.
Podcast: www.chatcyberside.com/e/louvre-hei...
Video: youtu.be/3ErXdXv_bN8
#cybersecurity
Podcast: www.chatcyberside.com/e/louvre-hei...
Video: youtu.be/3ErXdXv_bN8
#cybersecurity
November 11, 2025 at 2:53 PM
When the #Louvre was robbed, most people blamed the thieves. But leaked audit reports told a story of weak passwords, ignored warnings, & outdated systems. Hear more from Sherri & Matt on Cyberside Chats.
Podcast: www.chatcyberside.com/e/louvre-hei...
Video: youtu.be/3ErXdXv_bN8
#cybersecurity
Podcast: www.chatcyberside.com/e/louvre-hei...
Video: youtu.be/3ErXdXv_bN8
#cybersecurity
The #CISA #AIS program delivered real-time, machine-readable threat intelligence across sectors. With participation disrupted, defense is at risk. In this video, we explain how AIS worked, why it mattered, and what your organization can do to stay protected post-AIS. www.youtube.com/watch?v=qFPC...
What Is The Automated Indicator Sharing Program (AIS) & Why Does It Matter?
YouTube video by LMG Security
www.youtube.com
November 7, 2025 at 2:47 PM
The #CISA #AIS program delivered real-time, machine-readable threat intelligence across sectors. With participation disrupted, defense is at risk. In this video, we explain how AIS worked, why it mattered, and what your organization can do to stay protected post-AIS. www.youtube.com/watch?v=qFPC...
A great #PenetrationTest doesn’t just find vulnerabilities—it shows how attackers could exploit them and exposes the gaps behind technical issues. That’s why #PenetrationTesting is our Top #Cybersecurity Control of Q4: https://www.lmgsecurity.com/top-control-of-q4-2025-penetration-testing/
Top Control of Q4 2025: Penetration Testing | LMG Security
Discover why LMG Security named Penetration Testing the Top Control of Q4 2025. Learn how real-world testing uncovers attack paths, strengthens defenses, and turns vulnerabilities into lasting resilience.
www.lmgsecurity.com
November 6, 2025 at 4:54 PM
A great #PenetrationTest doesn’t just find vulnerabilities—it shows how attackers could exploit them and exposes the gaps behind technical issues. That’s why #PenetrationTesting is our Top #Cybersecurity Control of Q4: https://www.lmgsecurity.com/top-control-of-q4-2025-penetration-testing/
What can a jewel heist teach us about #cybersecurity? When Hank Green sat down with Sherri Davidoff to analyze the #Louvre theft, striking parallels between physical and digital breaches were revealed. youtu.be/NIGbQ9NHFEg?... #RiskManagement #IncidentResponse #InformationSecurity #DataProtection
The Genius of the Louvre Heist
YouTube video by Hank Green
youtu.be
November 5, 2025 at 4:34 PM
What can a jewel heist teach us about #cybersecurity? When Hank Green sat down with Sherri Davidoff to analyze the #Louvre theft, striking parallels between physical and digital breaches were revealed. youtu.be/NIGbQ9NHFEg?... #RiskManagement #IncidentResponse #InformationSecurity #DataProtection
Attackers are turning Google results into #malware delivery systems, using fake software installers and sponsored ads to plant backdoors inside organizations. Podcast: www.chatcyberside.com/e/search-res...
Video: youtu.be/xKKA1ikoZ-4
#SEOpoisoning #Malvertising #Cybersecurity #Software #Phishing
Video: youtu.be/xKKA1ikoZ-4
#SEOpoisoning #Malvertising #Cybersecurity #Software #Phishing
November 4, 2025 at 3:16 PM
Attackers are turning Google results into #malware delivery systems, using fake software installers and sponsored ads to plant backdoors inside organizations. Podcast: www.chatcyberside.com/e/search-res...
Video: youtu.be/xKKA1ikoZ-4
#SEOpoisoning #Malvertising #Cybersecurity #Software #Phishing
Video: youtu.be/xKKA1ikoZ-4
#SEOpoisoning #Malvertising #Cybersecurity #Software #Phishing
What happens when you mix a high-stakes #cybersecurity #tabletopexercise with top-shelf whiskey? An unforgettable night.
LMG Security & Constangy hosted an exclusive #AI Fraud Tabletop & Whiskey Tasting where guests tackled a live #IncidentResponse scenario.
Thanks to everyone who joined us!
LMG Security & Constangy hosted an exclusive #AI Fraud Tabletop & Whiskey Tasting where guests tackled a live #IncidentResponse scenario.
Thanks to everyone who joined us!
October 31, 2025 at 2:19 PM
What happens when you mix a high-stakes #cybersecurity #tabletopexercise with top-shelf whiskey? An unforgettable night.
LMG Security & Constangy hosted an exclusive #AI Fraud Tabletop & Whiskey Tasting where guests tackled a live #IncidentResponse scenario.
Thanks to everyone who joined us!
LMG Security & Constangy hosted an exclusive #AI Fraud Tabletop & Whiskey Tasting where guests tackled a live #IncidentResponse scenario.
Thanks to everyone who joined us!
Hackers don’t need to email you anymore—they just need you to search. SEO poisoning & fake ads are spreading #malware and stealing credentials. Learn how to defend against the poisoned web: https://www.lmgsecurity.com/poisoned-search-how-hackers-turn-google-results-into-backdoors/ #Phishing #AI
Poisoned Search: How Hackers Turn Google Results into Backdoors | LMG Security
Hackers are poisoning Google search results with fake ads and malware. We share the new malvertising attack trends and how to protect your organization.
www.lmgsecurity.com
October 30, 2025 at 3:31 PM
Hackers don’t need to email you anymore—they just need you to search. SEO poisoning & fake ads are spreading #malware and stealing credentials. Learn how to defend against the poisoned web: https://www.lmgsecurity.com/poisoned-search-how-hackers-turn-google-results-into-backdoors/ #Phishing #AI
We had a great time at #BSidesPDX connecting with the local security community! Matt Durrin took the stage to present “Hackers + #AI: Faster, Smarter, More Dangerous,” a demo showing how criminals are using tools like #WormGPT to uncover vulnerabilities, generate exploits, and weaponize zero-days.
October 29, 2025 at 2:37 PM
We had a great time at #BSidesPDX connecting with the local security community! Matt Durrin took the stage to present “Hackers + #AI: Faster, Smarter, More Dangerous,” a demo showing how criminals are using tools like #WormGPT to uncover vulnerabilities, generate exploits, and weaponize zero-days.
When #AWS went offline, the outage exposed a global web of dependencies. Sherri & Matt explore what really happened, how fourth-party risks can undermine resilience, and practical steps to take on Cyberside Chats.
Listen: www.chatcyberside.com/e/when-the-c...
Watch: youtu.be/Djz-_VblMAw
#cloud
Listen: www.chatcyberside.com/e/when-the-c...
Watch: youtu.be/Djz-_VblMAw
#cloud
October 28, 2025 at 1:41 PM
When #AWS went offline, the outage exposed a global web of dependencies. Sherri & Matt explore what really happened, how fourth-party risks can undermine resilience, and practical steps to take on Cyberside Chats.
Listen: www.chatcyberside.com/e/when-the-c...
Watch: youtu.be/Djz-_VblMAw
#cloud
Listen: www.chatcyberside.com/e/when-the-c...
Watch: youtu.be/Djz-_VblMAw
#cloud
When the #Cybersecurity Information Sharing Act lapsed, organizations lost a key federal threat feed. Watch this video to learn how to strengthen private intel networks, manage legal exposure, and integrate intel loss scenarios into your #IncidentResponse plans: www.youtube.com/watch?v=2JeB... #CISA
How to Protect Your Organization After the Loss of CISA Threat Intelligence Sharing
YouTube video by LMG Security
www.youtube.com
October 27, 2025 at 3:06 PM
When the #Cybersecurity Information Sharing Act lapsed, organizations lost a key federal threat feed. Watch this video to learn how to strengthen private intel networks, manage legal exposure, and integrate intel loss scenarios into your #IncidentResponse plans: www.youtube.com/watch?v=2JeB... #CISA
Diversity builds resilience — especially in the #cloud. Matt Durrin reminds us that spreading workloads across multiple clouds isn’t just a best practice, it’s a safeguard against systemic risk.
More on our blog: www.lmgsecurity.com/beyond-aws-h...
#AWS #DNS #CloudSecurity #FourthPartyRisk
More on our blog: www.lmgsecurity.com/beyond-aws-h...
#AWS #DNS #CloudSecurity #FourthPartyRisk
October 24, 2025 at 12:49 PM
Diversity builds resilience — especially in the #cloud. Matt Durrin reminds us that spreading workloads across multiple clouds isn’t just a best practice, it’s a safeguard against systemic risk.
More on our blog: www.lmgsecurity.com/beyond-aws-h...
#AWS #DNS #CloudSecurity #FourthPartyRisk
More on our blog: www.lmgsecurity.com/beyond-aws-h...
#AWS #DNS #CloudSecurity #FourthPartyRisk
The #AWS outage exposed a threat: #FourthPartyRisk. When your vendors’ vendors go down, so do you. Learn what the #outage revealed & how to strengthen your #cloud resilience before the next disruption: https://www.lmgsecurity.com/beyond-aws-how-hidden-fourth-party-risks-threaten-digital-resilience/
Beyond AWS: How Hidden Fourth-Party Risks Threaten Digital Resilience | LMG Security
Discover how the October 2025 AWS outage exposed hidden fourth-party risks that threaten digital resilience across every industry. In this blog, LMG Security’s experts unpack how one faulty DNS update triggered a global ripple effect—and what your organization can do to identify and mitigate unseen dependencies in your cloud supply chain.
www.lmgsecurity.com
October 23, 2025 at 4:29 PM
The #AWS outage exposed a threat: #FourthPartyRisk. When your vendors’ vendors go down, so do you. Learn what the #outage revealed & how to strengthen your #cloud resilience before the next disruption: https://www.lmgsecurity.com/beyond-aws-how-hidden-fourth-party-risks-threaten-digital-resilience/
Attackers are exploiting search results and online ads to spread #malware through fake software installers—and it’s working. In our next Cyberside Chats: Live! on 10/29, we'll uncover the latest #SEOpoisoning & #malvertising techniques & how they evade defenses. www.lmgsecurity.com/event/cybers...
Cyberside Chats: Live! Poisoned Search: How Hackers Turn Google Results into Backdoors
In this episode, Sherri Davidoff and Matt Durrin break down the latest SEO poisoning and malvertising research, including the Oyster/Broomstick campaign that hid backdoors inside fake installers. Lear...
www.lmgsecurity.com
October 22, 2025 at 2:43 PM
Attackers are exploiting search results and online ads to spread #malware through fake software installers—and it’s working. In our next Cyberside Chats: Live! on 10/29, we'll uncover the latest #SEOpoisoning & #malvertising techniques & how they evade defenses. www.lmgsecurity.com/event/cybers...
When #ransomware halted Jaguar Land Rover’s production, it disrupted entire supply chains. In our latest #CybersideChats, we discuss what made this attack so impactful and share insights on how to strengthen resilience.
Podcast: www.chatcyberside.com/e/manufactur...
Video: youtu.be/LTW59YBJe-Q
Podcast: www.chatcyberside.com/e/manufactur...
Video: youtu.be/LTW59YBJe-Q
October 21, 2025 at 3:10 PM
When #ransomware halted Jaguar Land Rover’s production, it disrupted entire supply chains. In our latest #CybersideChats, we discuss what made this attack so impactful and share insights on how to strengthen resilience.
Podcast: www.chatcyberside.com/e/manufactur...
Video: youtu.be/LTW59YBJe-Q
Podcast: www.chatcyberside.com/e/manufactur...
Video: youtu.be/LTW59YBJe-Q
We had a great time at the @seckc.org meetup! Tom Pohl shared insights on Microsoft CA exploits, showing how small misconfigurations can lead to full domain admin takeover. Big thanks to SecKC for the welcome and for making cybersecurity even more fun with a Halloween twist. #Cybersecurity #SecKC
October 20, 2025 at 2:48 PM
We had a great time at the @seckc.org meetup! Tom Pohl shared insights on Microsoft CA exploits, showing how small misconfigurations can lead to full domain admin takeover. Big thanks to SecKC for the welcome and for making cybersecurity even more fun with a Halloween twist. #Cybersecurity #SecKC
Why do some cybersecurity trainings work while others fall flat? The difference is engagement—it starts with the “why.” Read our blog for advice on how to make training resonate https://www.lmgsecurity.com/the-power-of-why-making-cybersecurity-training-stick/ #NCSAM #CybersecurityAwarenessMonth
The Power of Why: Making Cybersecurity Training Stick | LMG Security
Discover how to make cybersecurity training stick. Learn how storytelling, hands-on exercises, and relevance turn awareness into real security action.
www.lmgsecurity.com
October 16, 2025 at 2:55 PM
Why do some cybersecurity trainings work while others fall flat? The difference is engagement—it starts with the “why.” Read our blog for advice on how to make training resonate https://www.lmgsecurity.com/the-power-of-why-making-cybersecurity-training-stick/ #NCSAM #CybersecurityAwarenessMonth
#LawFirms face mounting #cyber risks — from phishing and ransomware to AI-driven social engineering.
In the ALA's Legal Management Magazine, LMG’s Madison Iler explains why legal organizations are prime targets. Read the article: www.alanet.org/legal-manage... #cybersecurity #legalindustry
In the ALA's Legal Management Magazine, LMG’s Madison Iler explains why legal organizations are prime targets. Read the article: www.alanet.org/legal-manage... #cybersecurity #legalindustry
Understanding the Need for Cybersecurity in 2025
As cyberattacks increase in frequency across all industries, law firms need to pre-emptively prepare by creating internal safety measures.
www.alanet.org
October 15, 2025 at 3:04 PM
#LawFirms face mounting #cyber risks — from phishing and ransomware to AI-driven social engineering.
In the ALA's Legal Management Magazine, LMG’s Madison Iler explains why legal organizations are prime targets. Read the article: www.alanet.org/legal-manage... #cybersecurity #legalindustry
In the ALA's Legal Management Magazine, LMG’s Madison Iler explains why legal organizations are prime targets. Read the article: www.alanet.org/legal-manage... #cybersecurity #legalindustry
Why does the “why” matter in #cybersecurity? Matt Durrin & Todd Stewart discuss how understanding and communicating purpose, not just process, improves engagement, retention, & impact.
#podcast: www.chatcyberside.com/e/lead-with-...
Video: www.youtube.com/watch?v=xMKi...
#CybersecurityTraining
#podcast: www.chatcyberside.com/e/lead-with-...
Video: www.youtube.com/watch?v=xMKi...
#CybersecurityTraining
October 14, 2025 at 2:50 PM
Why does the “why” matter in #cybersecurity? Matt Durrin & Todd Stewart discuss how understanding and communicating purpose, not just process, improves engagement, retention, & impact.
#podcast: www.chatcyberside.com/e/lead-with-...
Video: www.youtube.com/watch?v=xMKi...
#CybersecurityTraining
#podcast: www.chatcyberside.com/e/lead-with-...
Video: www.youtube.com/watch?v=xMKi...
#CybersecurityTraining
Attackers are poisoning Google search results and ads to spread #malware disguised as trusted software. Join us for a live Cyberside Chats on October 29th for the latest SEO poisoning and #malvertising tactics and steps to keep your organization safe. Register: www.lmgsecurity.com/event/cybers...
Cyberside Chats: Live! Poisoned Search: How Hackers Turn Google Results into Backdoors
In this episode, Sherri Davidoff and Matt Durrin break down the latest SEO poisoning and malvertising research, including the Oyster/Broomstick campaign that hid backdoors inside fake installers. Lear...
www.lmgsecurity.com
October 13, 2025 at 2:18 PM
Attackers are poisoning Google search results and ads to spread #malware disguised as trusted software. Join us for a live Cyberside Chats on October 29th for the latest SEO poisoning and #malvertising tactics and steps to keep your organization safe. Register: www.lmgsecurity.com/event/cybers...
When #threatintelligence stops flowing, everyone feels the impact—even those who never see it directly. The expiration of the CISA raises questions about how organizations can stay informed and protected. Full conversation here: www.chatcyberside.com/e/when-cisa-...
October 10, 2025 at 1:26 PM
When #threatintelligence stops flowing, everyone feels the impact—even those who never see it directly. The expiration of the CISA raises questions about how organizations can stay informed and protected. Full conversation here: www.chatcyberside.com/e/when-cisa-...
The expiration of the CISA cuts off a key channel of #threatintelligence just when we need it most. Read our blog for practical steps to strengthen your intel network & more. https://www.lmgsecurity.com/the-cybersecurity-information-sharing-act-has-lapsed-heres-how-to-adapt-stay-ahead-of-attackers/
The Cybersecurity Information Sharing Act Has Lapsed—Here’s How to Adapt & Stay Ahead of Attackers | LMG Security
Since the Cybersecurity Information Sharing Act has lapsed in the government shutdown, learn how to rebuild threat-intel pipelines, reduce liability, and protect your organization now.
www.lmgsecurity.com
October 9, 2025 at 5:25 PM
The expiration of the CISA cuts off a key channel of #threatintelligence just when we need it most. Read our blog for practical steps to strengthen your intel network & more. https://www.lmgsecurity.com/the-cybersecurity-information-sharing-act-has-lapsed-heres-how-to-adapt-stay-ahead-of-attackers/
#AI tools are reshaping development—and #cybercrime. “Vibe coding” makes it easier for new developers to generate code, but attackers are using the same tools for “vibe hacking,” producing malware with minimal skill. AI can speed up attacks as quickly as it speeds up innovation. youtu.be/VpF2N-Lk2a4
What is Vibe Coding vs. Vibe Hacking?
YouTube video by LMG Security
youtu.be
October 8, 2025 at 1:49 PM
#AI tools are reshaping development—and #cybercrime. “Vibe coding” makes it easier for new developers to generate code, but attackers are using the same tools for “vibe hacking,” producing malware with minimal skill. AI can speed up attacks as quickly as it speeds up innovation. youtu.be/VpF2N-Lk2a4
With CISA expired, the future of public-private #cybersecurity threat sharing is uncertain & liability protections are gone. Today on Cyberside Chats, Sherri Davidoff & Matt Durrin explore how security leaders can adapt.
Video: youtu.be/ZLSbBE4CgJ8
Podcast: www.chatcyberside.com/e/when-cisa-...
Video: youtu.be/ZLSbBE4CgJ8
Podcast: www.chatcyberside.com/e/when-cisa-...
Shutdown Fallout: The Cybersecurity Information Sharing Act Expires
YouTube video by LMG Security
youtu.be
October 7, 2025 at 1:04 PM
With CISA expired, the future of public-private #cybersecurity threat sharing is uncertain & liability protections are gone. Today on Cyberside Chats, Sherri Davidoff & Matt Durrin explore how security leaders can adapt.
Video: youtu.be/ZLSbBE4CgJ8
Podcast: www.chatcyberside.com/e/when-cisa-...
Video: youtu.be/ZLSbBE4CgJ8
Podcast: www.chatcyberside.com/e/when-cisa-...
Scattered Spider isn’t using cutting-edge exploits. They’re calling the #helpdesk and tricking staff into resetting passwords or MFA. Full podcast: https://www.chatcyberside.com/e/inside-scattered-spider-how-teen-hackers-and-crypto-trails-brought-down-a-global-ransom-network/ #socialengineering
October 6, 2025 at 4:45 PM
Scattered Spider isn’t using cutting-edge exploits. They’re calling the #helpdesk and tricking staff into resetting passwords or MFA. Full podcast: https://www.chatcyberside.com/e/inside-scattered-spider-how-teen-hackers-and-crypto-trails-brought-down-a-global-ransom-network/ #socialengineering