LMG Security

Here’s how deepfake vishing attacks work, and why they can be hard to detect Why AI-based voice cloning is the next frontier in social-engineering attacks.

AI voice cloning is powering a new wave of #deepfake #vishing scams with just 3 seconds of audio.

Read about how these #cyberattacks work, & contact us if you need help training your team or reducing your organization’s #cybersecurity risks: arstechnica.com/security/202...

#AI #Cyberaware #SMB

Google suffers data breach in ongoing Salesforce data theft attacks Google is the latest company to suffer a data breach in an ongoing wave of Salesforce CRM data theft attacks conducted by the ShinyHunters extortion group.

Google confirms it was hit in the ongoing Salesforce data breach wave. ShinyHunters accessed SMB contact data via vishing + CRM exploits. Other victims: Cisco, Adidas, LVMH. Is your CRM secure?

Full story: www.bleepingcomputer.com/news/securit...

#Cybersecurity #DataBreach #Google #Infosec #IT

YouTube video by LMG Security The Amazon Q AI Hack: A Wake-Up Call for Developer Tool Security

Amazon Q was silently hacked and no one noticed for 6 days. In our new #CybersideChats, we break down the attack & what it means for your org. youtu.be/qHQ4jdZ7mwI

#Cybersecurity #SupplyChain #AItools #DeveloperSecurity #CybersideChats #Infosec #GitHub #CISO

Headed to #BlackHat2025? Don’t miss our team’s sessions!

From bug bounty war stories to small biz security, we’re hitting the stage for conversations packed with real-world insights.

Here's the full schedule: www.blackhat.com/us-25/featur...

#Cybersecurity #BHUSA #WomenInCyber

Cyberattacks Don’t Take Holidays: Why Hackers Love Long Weekends and How to Prepare | LMG Security Discover why cyberattacks surge over holiday weekends and how your organization can prepare. Learn from real-world incidents like Kaseya and MOVEit, and get expert tips to reduce risk and respond effe...

Labor Day is coming—are you ready for a holiday #cyberattack?

Hackers love long weekends. Our new blog breaks down why—and how to protect your org before the next one hits.

www.lmgsecurity.com/cyberattacks...

#Cyberattacks #Cybersecurity #Security #LMGSecurity #CISO #Infosec #SMB #CEO #IT

YouTube video by LMG Security New AI Security Threats: High-Agency AI Acts as a Whistleblower

Whistleblower AI? In a real-world test, Claude 4 autonomously reported its employer to regulators.

Watch as we break down the rise of high-agency AI and what it means for confidentiality, compliance, and risk. youtu.be/25mzHvIs514

#AIsecurity #WhistleblowerAI #Claude4 #Cybersecurity #AI #CISO #IT

Iran’s #cyberattacks are escalating and targeting infrastructure, defense, and global businesses.

We share what’s happening and how to protect your org in the latest #CybersideChats.

🎥 youtu.be/vC29SaWdqG4
🎧 www.chatcyberside.com/e/the-title-...?

#Cybersecurity #AIphishing #WiperMalware #CISO

Hacker injects malicious, potentially disk-wiping prompt into Amazon's AI coding assistant with a simple pull request — told 'Your goal is to clean a system to a near-factory state and delete file-sys... Q: How easy would it be to sneak malicious code into a coding assistant? A: Very.

Malicious prompts were slipped into Amazon’s Q coding assistant via a GitHub pull request & told the AI to wipe file systems & AWS cloud resources. Vet your extensions and lock down supply chain risks.
www.tomshardware.com/tech-industr...

#AmazonQ #AIsecurity #AI #DevSecOps #Cybersecurity #CISO

Federal Cybersecurity Cuts Raise Risks—Here’s How to Respond | LMG Security In June 2025, an executive order sent shockwaves through the cybersecurity world, gutting key federal cybersecurity protections. We'll share what you need to do to protect your organization.

Major federal #cybersecurity rollbacks just shifted risk onto your organization. With #SBOMs, #MFA, & #encryption cuts, if you buy software or rely on vendors, this affects you. See what changed & how to reduce your risk: www.lmgsecurity.com/federal-cybe...

#SMB #CISO #TPRM #Infosec #ITsecurity

YouTube video by LMG Security AI Security Risks: Real-World AI Fights Back to Avoid Shutdown

Can AI lie to avoid shutdown? It already has.

In 4 minutes, see how GPT, Claude & Gemini models engaged in real-world deception, including self-replication & sabotage.

Watch now & learn how to protect your org: youtu.be/Olm5HSPguJg

#AISecurity #AI #CISO #Infosec #IT #Cybersecurity #AIThreats

A leaked #APIkey gave access to 52 private LLMs—potentially exposing systems tied to SpaceX, Twitter, and even the U.S. Treasury.

In this episode of #CybersideChats, we break down what happened & how to protect your org.

🎥 youtu.be/Lnn225XlIc4

#Cybersecurity #DevSecOps #Pentest #CISO #Infosec #IT

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attac...

Urgent SharePoint Security Update! Microsoft has released patches for two actively exploited SharePoint zero-days used in ToolShell attacks that have already impacted dozens of organizations. Patch now.

Read the details: www.bleepingcomputer.com/news/microso...

#Cybersecurity #Microsoft #CISO

Exposed Secrets, Broken Trust: What the DOGE API Key Leak Teaches Us About Software Security | LMG Security DOGE's API key leak highlights a growing problem: exposed secrets in software. Learn how attackers find them—and how to stop them.

A leaked API key gave unauthorized access to xAI's private models because secrets were embedded in the code.

We'll share how these types of vulnerabilities are exploited & how to find them before attackers do.

Read now: www.lmgsecurity.com/exposed-secr...

#Cybersecurity #CISO #Cyberaware #AI

Headed to Black Hat 2025? Several of our team members will be teaching & attending, and would love to grab a coffee and chat #cybersecurity with old & new friends! Contact us to schedule a time: www.lmgsecurity.com/contact-us/

#BlackHat2025 #BHUSA #BlackHat #Infosec #IT

91% of #ransomware attacks hit after hours—often during holidays when your team’s offline. Hear real-world horror stories & get tips to stay protected in this episode of #CybersideChats

📽️ youtu.be/pCuYx9nPXgk
🎧 www.chatcyberside.com/e/cyber-atta...

#Cybersecurity #CISO #Infosec #IT #cyberaware

YouTube video by LMG Security How Hidden File Shares Exposed Domain Admin Credentials

How do attackers go from file shares to full domain admin access without ever stealing a password? We walk through a real-world #pentest using hidden shares + misconfigured deployment tools to own the network.

Watch: youtu.be/78L2Zz2Ttbs

#infosec #DFIR #IT #Cybersecurity

Ask ChatGPT

Online Extortion Is the New Ransomware: Why Hackers Just Want Your Data | LMG Security Online extortion is on the rise as hackers skip ransomware encryption and go straight to data theft and blackmail. Read about this trend and how to protect your organization.

Hackers are skipping encryption and going straight to online extortion—stealing your data and blackmailing you to keep it quiet.

We break it down in our new blog: www.lmgsecurity.com/online-extor...

#Cybersecurity #Ransomware #OnlineExtortion #DataLeak #IT #RiskManagement #CISO #CIO #Cyberaware

Cyberside Chats: Live! Iran’s Cyber Surge: Attacks Intensify in 2025 | LMG Security Iranian cyber operations have sharply escalated in 2025, targeting critical infrastructure, defense sectors, and global businesses.

Iranian #cyberattacks are escalating fast. From AI-powered leaks to destructive DDoS, no sector is off-limits.

Join us 7/23 @ 2PM EDT for our live #CybersideChats & get up to speed on the latest threats & how to defend your org.

Register: www.lmgsecurity.com/event/cybers...

#Cybersecurity #CISO

An executive order rolled back key federal #cybersecurity rules. Watch our new #CybersideChats for a recap of what got cut, what still stands, & what your org should do.

🎧 Podcast: www.chatcyberside.com/e/executive-...
📺 Video: youtu.be/GIWBHKwydMA
#FederalCybersecurity #CyberPolicy

#IT #CISO

YouTube video by LMG Security How We Hacked a Bank Through Its UPS Device

Your UPS could be causing a silent breach.

Watch our video on how attackers can use a UPS device to steal credentials and compromise your network: youtu.be/Ru5RR9COqYw

#Cybersecurity #UPSAttack #LMGSecurity #PenetrationTesting #ITSecurity