Shows
Cyberside Chats: Cybersecurity Insights from the ExpertsThe Amazon Q AI Hack: A Wake-Up Call for Developer Tool SecurityA silent compromise, nearly a million developers affected, and no one at Amazon knew for six days. In this episode of Cyberside Chats, we’re diving into the Amazon Q AI Hack, a shocking example of how vulnerable our software development tools have become.
Join hosts Sherri Davidoff and Matt Durrin as they unpack how a misconfigured GitHub token allowed a hacker to inject destructive AI commands into a popular developer tool. We’ll walk through exactly what happened, how GitHub security missteps enabled the attack, and why this incident is a critical wake-up call for supply chai...2025-08-0521 minCyberside Chats: Cybersecurity Insights from the ExpertsIran’s Cyber Surge: Attacks Intensify in 2025Iranian cyber operations have sharply escalated in 2025, targeting critical infrastructure, defense sectors, and global businesses—especially those linked to Israel and the U.S. From destructive malware and coordinated DDoS attacks to sophisticated hack-and-leak campaigns leveraging generative AI, Iranian threat actors are rapidly evolving. Join us to explore their latest tactics, notable incidents, and essential strategies to defend your organization.
Hosts Sherri Davidoff and Matt Durrin break down wiper malware trends, AI-powered phishing, the use of deepfakes for psychological operations, and the critical role of patching and MFA in protecting against collateral damage.
Key Takeaways for C...2025-07-2928 minCyberside Chats: Cybersecurity Insights from the ExpertsThe AI Insider Threat: EchoLeak and the Rise of Zero-Click ExploitsCan your AI assistant become a silent data leak? In this episode of Cyberside Chats, Sherri Davidoff and Matt Durrin break down EchoLeak, a zero-click exploit in Microsoft 365 Copilot that shows how attackers can manipulate AI systems using nothing more than an email. No clicks. No downloads. Just a cleverly crafted message that turns your AI into an unintentional insider threat.
They also share a real-world discovery from LMG Security’s pen testing team: how prompt injection was used to extract system prompts and override behavior in a live web application. With examples ranging from corporate chatbots to...2025-06-2413 minCyberside Chats: Cybersecurity Insights from the ExpertsRetailgeddon Reloaded: Beyond Card Theft, Into ChaosRetail breaches are back — but they’ve evolved. This isn’t about skimming cards anymore. From ransomware taking down pharmacies to credential stuffing attacks hitting brand loyalty, today’s breaches are about disruption, trust, and third-party exposure. In this episode of Cyberside Chats, hosts Sherri Davidoff and Matt Durrin break down the latest retail breach wave, revisit lessons from the 2013 “Retailgeddon” era, and highlight what every security leader — not just in retail — needs to know today.
Key Takeaways
Redefine what “sensitive data” means. Names, emails, and access tokens are often more valuable to attackers than payment data.
Sc...2025-06-1017 minCyberside Chats: Cybersecurity Insights from the ExpertsWhen Microsoft Goes Down: Cyber Risk & ResilienceThe March 2025 Microsoft Outlook outage left thousands of organizations scrambling. But this wasn’t just an isolated event—recent outages from CrowdStrike, AT&T, and UK banks highlight the systemic risks businesses face. In this episode, we break down the latest Microsoft outage, discuss its impact on cyber insurance, and provide actionable steps to help organizations reduce the risk of business disruption.
Join Sherri Davidoff and Matt Durrin as they discuss the broader implications of such outages, emphasizing the importance of effective risk management, especially for organizations heavily reliant on cloud services.
Actionable Takeaways:
Develop a Comm...2025-03-1114 minCyberside Chats: Cybersecurity Insights from the ExpertsRansomware Watch: Ghost, RansomHub, and the Latest TrendsIn this episode of Cyberside Chats, we dive into the world of ransomware, focusing on the notorious Ghost Ransomware Gang. Recently flagged by the FBI and CISA, Ghost has targeted organizations in over 70 countries. We explore their methods of infiltration, with a spotlight on outdated software vulnerabilities, and discuss how organizations can fortify their defenses.
We'll also provide insights into the broader ransomware landscape, including trends and statistics for 2024, and offer practical advice on protecting against these cyber threats. Lastly, we delve into the operations of the RansomHub group, revealing their so-called 'ethical' hacking practices.
...2025-02-2514 min
CyberSecurity SummaryRansomware and Cyber Extortion: Response and PreventionThis Book is from a Book titled "Ransomware and Cyber Extortion Response and Prevention," which provides a comprehensive guide to understanding, responding to, and preventing ransomware and cyber extortion attacks. The book details the evolution of these attacks, including the technological advancements and business models employed by cybercriminals. It offers practical guidance on negotiation strategies, ransom payment processes, and data recovery methods. Furthermore, the book emphasizes the importance of proactive cybersecurity measures, such as implementing strong security programs, employee training, and robust monitoring systems. Finally, it includes checklists and real-world case studies to illustrate key concepts and best practices.2025-02-1721 minCyberside Chats: Cybersecurity Insights from the ExpertsDeepSeek or Deep Risk? The AI Power Play With ChinaDeepSeek or DeepRisk?
A new AI powerhouse is making waves—DeepSeek has skyrocketed in popularity, rivaling top AI models at a fraction of the cost.
But with data stored in China and unknown security safeguards, is your organization at risk? In this episode of Cyberside Chats, Sherri Davidoff and Matt Durrin break down the cybersecurity implications of AI tools like DeepSeek. You'll learn about:
▪ DeepSeek's unique IP exposure risks and cybersecurity challenges.
▪ The growing threat of "Shadow AI" in your organization and supply chain.
▪ How to update your policies, vet vendors, and prot...2025-02-0413 minCyberside Chats: Cybersecurity Insights from the ExpertsCyber Trust or Bust? The New FTC Cyber Trust MarkIn Episode 2 of CyberSide Chats, Sherri Davidoff and Matt Durrin dive into the launch of the U.S. Cyber Trust Mark, a new security initiative aimed at making Internet of Things (IoT) devices more secure for consumers. As the number of connected devices continues to rise, the U.S. Cyber Trust Mark promises to help users make informed decisions about the security of products like cameras, smart locks, and voice assistants.
Sherri and Matt will discuss the potential impacts of the Cyber Trust Mark and discuss the ongoing challenges of securing IoT devices. They also tackle the...2025-01-1412 minCyberside Chats: Cybersecurity Insights from the Experts2025 Cybersecurity Priorities: The Top 3 Moves to MakeJoin hosts Sherri Davidoff and Matt Durrin in this first engaging episode of CyberSide Chats, as they dive into the top cybersecurity priorities for 2025. This insightful discussion was recorded with a live Q & A, and it covers the pervasive influence of AI, the emerging threats of deepfakes, and the complexities of managing third-party risks in an increasingly digital world.
This episode not only prepares listeners for the potential challenges of 2025 but also equips them with the knowledge to enhance their cybersecurity measures effectively. Tune in to stay informed and ready for the future!
2024-12-1723 min
Shift & Thrive: CEO Insights on Driving ChangeBuilding Community in Cybersecurity - Sherri Davidoff - Shift & Thrive - Episode # 021In this episode of Shift and Thrive, Natalie interviews Sherri Davidoff, CEO of LMG Security. Sherri, a seasoned professional with over 16 years in the cybersecurity industry, shares her journey in leading her company, the challenges of bootstrapping a company, the benefits of becoming employee-owned, and the value of maintaining a flexible and supportive company culture. She provides insights into how her family’s entrepreneurial background influenced her leadership style and underscores the need for self-care among leaders. The conversation also delves into the impact of AI on cybersecurity and the necessity for continuous vigilance and adaptation....2024-11-1529 min
Unauthorized AccessCaregivers in CybersecurityUnauthorized Access, our privacy and cybersecurity-focused podcast, spotlights the human side of the cybersecurity industry. In this episode, Sadia welcomes Sherri Davidoff, CEO of LMG Security, to discuss the challenges and experiences associated with being a primary caregiver in the cybersecurity space. Whether as a mother, father, elder-care provider, or in any other role, this is a topic that many individuals in the cybersecurity community struggle with, but go to great lengths to conceal. Both Sadia and Sherri pause to share their personal journeys and highlight the individuals who have supported them in excelling in both their professional and...2024-03-2628 min
The Stuph File Program#0708: Sherri Davidoff; Kristen Lopez; & Andrew FazekasThe Stuph File Program
Featuring cyber security expert, Sherri Davidoff; Kristen Lopez, author of But Have You Read The Book?; & science writer Andrew Fazekas, author of National Geographic Backyard Guide to the Night Sky and National Geographic’s Stargazer Atlas: The Ultimate Guide To The Night Sky
Download
Cyber security expert, Sherri Davidoff, CEO of LMG Security, talks about artificial intelligence, some of the pitfalls, and where it can take us in the future. Sherri is also the author or co-author of several books, including Network Forensics: Tracking Hackers through Cyberspace; Ransomware and Cyber Extortion: Response and Prevention and Data Breac...2023-03-1358 min
Chattinn CyberHow The Russia-Ukraine War Is Bolstering Ransomware Gang Attacks With Sherri Davidoff and Michael KleinmanIn this episode of CHATTIN CYBER, Marc Schein interviews Sherri Davidoff and Michael Kleinman about the rising ransomware attacks in cyberspace and the legal and operational ways to confront them. Sherri Davidoff is the CEO of LMG Security, and the author of three books, including "Ransomware and Cyber Extortion" and "Data Breaches: Crisis and Opportunity." Michael Kleinman is Special Counsel in the Data Strategy, Security, and Privacy Practice at Fried, Frank, Harris, Shriver & Jacobson LLP.
The Russian-Ukrainian war has given us an open window into ransomware gang operations, thanks to some gangs facing internal discord, like the Conte ransomware gang...2023-01-0929 min
Can Do: Essential Business LessonsCan Do: Cybersecurity sleuthing with Sherri DavidoffLMG Security founder and CEO Sherri Davidoff provides insight into the world of cybersecurity.2022-02-1440 min
BarCodeAlien InvasionThe US government and military have recently confirmed investigations and sightings of UFOs, reigniting the phenomenon of aliens among us. Ironically, an unidentified spaceship descends into BarCode, and official contact is made. Sherri Davidoff is the CEO of LMG Security and the author of “Data Breaches.” She is a recognized expert in cybersecurity and data breach response, co-author of Network Forensics: Tracking Hackers Through Cyberspace and is the subject for the book , Breaking and En...2021-12-0338 min
Digital DetectivesPlanning Your Cybersecurity Budget for 2022Prevention is key when it comes to cybersecurity, and lawyers simply can’t afford to skimp on security technologies. Sharon and John talk with expert Sherri Davidoff about growing cyber threats and the changing nature of attack tactics. They discuss the impacts of these new developments on lawyers and law firms and chat about how to prioritize security measures, reduce your risks, and create a budget plan that addresses all your cybersecurity needs. Sherri Davidoff is a cybersecurity expert, author, speaker and CEO of both LMG Security and BrightWise, Inc.Special thanks to our sponsors Case...2021-09-2832 min
ADCG on Privacy & CybersecurityA Forensic Investigator’s View of Privacy (with Sherri Davidoff)*****Contact us:Jerry Buckley | jbuckley@buckleyfirm.comJody Westby | westby@globalcyberrisk.comADCG | info@adcg.org
2021-06-3026 minChattinn CyberGetting Smart Against Ransomware with Sherri Davidoff and Michael A. Kleinman – part 2In part two of our Chattinn Cyber with with host Marc Schein, our guests, Sherri and Michael, continue talking about ransomware. They start with the question of whether or not you should actually pay the ransom. Sherri recommends making sure you have backups. Have a plan to resecure your data even if you have to engage with the hackers. From the legal side, Michael recommends contacting law enforcement—but not the local police. These days, the FBI works really hard to help. It also helps to have built a relationship with federal police ahead of time. Sherri suggests looking into co...2021-03-3137 minChattinn CyberGetting Smart Against Ransomware with Sherri Davidoff and Michael A. Kleinman – part 1In this episode of Chattinn Cyber Marc Schein interviews guests; Sherri Davidoff, CEO of LMG Security and author of the recently released book, “Data Breaches.” And Michael A. Kleinman, Special Counsel, Fried Frank. Sherri started working in cyber security before that was even a term. And Michael, on the other hand, comes from the legal world. A litigator, Michael started to see more and more clients needing counsel with regard to cyber and use privacy issues.
They begin their conversation digging into the issue of ransomware. Sherri explains what ransomware is and moves into how ransomware continues to evolve. She share...2021-03-1031 min
The ALPS In Brief PodcastALPS In Brief — Episode 47: Guard Your Data Like Gold and Other Practical Tips from a HackerWe are using personal devices for work (and working from home) more than we ever have before. These are both big risk factors as cybersecurity threats have soared during the pandemic. So, how do we make security sustainable and not live life at the hackers’ mercy? ALPS Risk Manager Mark Bassingthwaighte sits down with Sherri Davidoff, CEO and Founder of LMG Security and the latest addition to the ALPS Board of Directors, to give you some practical advice in guarding your data like the gold it is.
TRANSCRIPT:
Mark:
Let's rock and roll. He...2020-06-2530 min
Legal Talk TodayClient-Data Security Whilst Working RemoteLMG Security’s Sherri Davidoff summarizes steps for securing client data in work-remote environments. Stay tuned for tips on spotting new and more sophisticated phishing emails.
Among many topics discussed:
Data-security policies
Two Factor Authentication
Physical security
Phishing
Vishing2020-05-0115 min
Smart People Podcast328 – Sherri Davidoff and Jeremy Smith – Hackers, from Subculture to Industry
Jeremy Smith, author of, ‘Breaking and Entering: The Extraordinary Story of a Hacker Called “Alien”‘ and Sherri Davidoff, the hacker known as “Alien”
Jeremy Smith has written for The Atlantic, Discover, and the New York Times. Jeremy’s work have been featured by CNN, NPR, The Today Show, and Wired. He is a graduate of Harvard College and the University of Montana. Jeremy’s book, Breaking and Entering: The Extraordinary Story of a Hacker Called “Alien” is available now.
Sherri Davidoff is a noted cybersecurity expert, author, speaker and CEO of both LMG Security and BrightWise, Inc. During her hacker days, s...2019-07-1647 min
Smart People PodcastSherri Davidoff and Jeremy Smith - Hackers: from Subculture to Industry
Jeremy Smith has written for The Atlantic, Discover, and the New York Times. Jeremy's work have been featured by CNN, NPR, The Today Show, and Wired. He is a graduate of Harvard College and the University of Montana. Jeremy's book, Breaking and Entering: The Extraordinary Story of a Hacker Called "Alien" is available now.Sherri Davidoff is a noted cybersecurity expert, author, speaker and CEO of both LMG Security and BrightWise, Inc. During her hacker days, she was known as, "Alien." Sherri holds her degree in Computer Science and Electrical Engineering from MIT.We...2019-07-1649 min
The CU2.0 PodcastCU2.0 Podcast Episode 41 Sherri Davidoff on Cyber Insecurities and YouSend us a textPut phishing emails in front of credit union employees and how many will fall for them and cough up sensitive info? 20 to 60% will get conned.And that can be costly to a credit union, both in terms of money and reputation.Enter BrightWise, a Des Moines Iowa cyber training company created by Sherri Davidoff, CEO of LMG Security, and the Iowa Credit Union League’s holding company Affiliates Management Company (AMC).After training, said Davidoff, the number of employees who fall for the phishing con tumbles below 10%....2019-06-2728 min
Hacking HumansThe best way to break in is to walk through the front door.Joe describes one of history's great con artists, Victor Lustig, who sold the Eiffel Tower. Twice. Dave shares a story from a listener involving a UPS tracking number scam. The catch of the day involves am attempted romance scam on the XBOX platform. Dave interviews Sherri Davidoff, CEO of LMG Security and is the hacker named "Alien" in Jeremy Smith's book, "Breaking and Entering." She has her own book coming out this summer, "Data Breaches: Crisis and Opportunity."
Links to this week's stories:
http://mentalfloss.com/article/12809/smooth-operator-how-victor-lustig-sold-eiffel-tower
https://community.ebay.com/t5/Archive-Shipping-Returns/Seller-Scam-UPS-Tracking-Shows-Delivered/td-p/26206551
Have a Catch of t...2019-06-0629 min
Hacking HumansThe best way to break in is to walk through the front door.Joe describes one of history's great con artists, Victor Lustig, who sold the Eiffel Tower. Twice. Dave shares a story from a listener involving a UPS tracking number scam. The catch of the day involves am attempted romance scam on the XBOX platform. Dave interviews Sherri Davidoff, CEO of LMG Security and is the hacker named "Alien" in Jeremy Smith's book, "Breaking and Entering." She has her own book coming out this summer, "Data Breaches: Crisis and Opportunity." Links to this week's stories:http://mentalfloss.com/article/12809/smooth-operator-how-victor-lustig-sold-eiffel-towerhttps://community.ebay.c...2019-06-0632 min
DirtySecuritySherri Davidoff: Data is Hazardous Material… Act AccordinglySherri Davidoff: Data is Hazardous Material… Act Accordingly If you want to make sure that all the data in your bank is safely secured… who better to talk to than someone who used to break into banks? Sherri Davidoff was a hacker who then turned those skills she learned as a student into a career helping others protect their data and their clients’ data. Over the years, organizations ranging from the Department of Defense to the FDIC have come to her in order to learn from her expertise. This week on DirtySecurity, Edward Presto...2019-06-0500 min
Digital DetectivesBreaking and Entering: The Fascinating Life of a Professional Pen TesterIn this 100th episode, Sharon Nelson and John Simek talk to Sherri Davidoff about her career as a penetration tester and what she has developed with the companies in the area of cybersecurity. They discuss why law firms should consider pen testing in order to illustrate areas of weakness in security and become better protectors of their information. They also get a sneak peek of Sherri’s upcoming sessions at ABA TECHSHOW 2019. Learn more about your ad choices. Visit megaphone.fm/adchoices2019-02-2629 min
On the Road with Legal Talk NetworkABA TECHSHOW 2017: Secure Your Legal Data!New and improving technology, like voice enabled software or the internet of things, are really cool and may help out at your law firm, but they also introduce a new need for security. In this report from On The Road, host Laurence Colletti talks to Sherri Davidoff and John Simek about keeping legal data secure. They talk about free (that’s right, free) ways to encrypt devices and emails, as well as promoting two factor identification as an extra means of protection. Sherri Davidoff is a nationally-recognized cyber security expert who is a founder and senior security co...2017-03-1710 min
Digital DetectivesThe Ransomware Epidemic in Law Firms: A Guide to Defense and SurvivalTo those unfamiliar with ransomware, it is a malicious software that effectively holds your files hostage until you pay a ransom. For lawyers, this could mean losing or compromising the data that keeps your business running smoothly. In this episode of Digital Detectives, hosts Sharon Nelson and John Simek discuss this malware with the CEO of LMG Security, Sherri Davidoff. Sherri divulges what we know about ransomware, what to do when it has infected your computer, and how to prevent data loss. While there are few ways to stop the infection when it has started, backing up your information...2017-01-1727 min
Digital DetectivesCyber Security Audits and Options for Your Law FirmAs technology continues to become ever more integrated into our
daily lives, the challenges that law firms face grow and evolve.
Many tech savvy clients are not only concerned with a lawyer's
ability to represent them but also their ability to protect their
files and privileged communications. With more instances of data
breaches and hacking being mentioned in the mainstream media, what
can a law firm do to shore up their cyber security?
In this episode of the Digital
Detectives, hosts Sharon Nelson and
John Simek sit down with LMG Security Founder and
Senior Security Consultant Sherri...2016-04-0628 min
On the Road with Legal Talk NetworkBeers, Bloggers, and Buzzers: Three Questions in 60 SecondsDuring our recent trip to ABA TECHSHOW, we challenged 31 legal bloggers to answer three questions in 60 seconds at the Beer for Bloggers party in Chicago, Illinois. Some of them made it, some of them didn’t, and others were nearly disqualified. Participants who failed to make time or deviated from the “strict” rules (not really) were given the buzzer, an obnoxious must-have from audio engineer Adam Lockwood.
Hosted by Laurence Colletti, this episode was a true team effort enlisting the assistance of all team members still in Chicago (Adam Camras, Kimberly Faber, Jabarie Brown, Kelsey Johnson, and Adam L...2016-04-0456 min
On the Road with Legal Talk NetworkABA TECHSHOW 2016: Passing Your IT Security AuditCyber security experts Sherri Davidoff and Sharon Nelson spoke in a presentation titled “Passing Your IT Security Audit” at ABA TECHSHOW 2016. Before their presentation, they stop by to discuss the topic with Legal Talk Network producer Laurence Colletti. Tune in to learn why more and more clients are demanding IT security audits from their legal service providers and how you can prepare your law firm. Sharon opens the conversation by explaining how the internet has changed the way companies perceive data security. The discussion then shifts to tips and best practices that you can implement within your firm to buil...2016-03-2112 min
Exploring Information Security Archive 1What is a SIEM?In this most excellent edition of the Exploring Information Security podcast, I talk with Derek Thomas a senior information security analyst specializing in log management and SIEM on the topic of: "What is a SIEM?"Derek (@dth0m) has a lot of experience with SIEM and can be found on Linkedin participating in discussions on the technology. I had the opportunity to hang out with Derek at DerbyCon in 2015 and I came away impressed with his knowledge of SIEM. He seemed to be very passionate about the subject and that showed in this interview.In...2015-12-2823 min![DEFCON 17 [Video and Slides] Speeches from the Hacker Convention.](http://www.defcon.org/images/podcast/defcon-17-itunes-logo-video.png){kind=logo}
DEFCON 17 [Video and Slides] Speeches from the Hacker Convention.Sherri Davidoff - Death of Anonymous Travel - Video and SlidesDeath of Anonymous TravelSherri Davidoff PhilosecurityWorldwide, people who use cars, buses, trains, and carry cell phones are tracked in increasingly centralized corporate and government databases. This capability is still in its infancy, and has been facilitated by payment systems which are linked to identification and refer to centralized electronic databases.Mass tracking and surveillance capabilities have arisen organically, often as side effects of new technologies, and are being increasingly leveraged by government and law enforcement in the name of national security. For security purposes, the public is generally not provided with detailed information...2009-10-071h 38
FIRSTCON Podcast2009.11: Sherri Davidoff and Jonathan Ham, Proprietary Data LeaksIn this at-the-conference interview, Sherri and Jonathan recap their presentation, add insight and talk about their new SANS course being offered. Sherri Davidoff is a longtime information security consultant specializing in forensics, penetration testing and incident response. Jonathan Ham is an independent consultant who specializes in large-scale enterprise security issues.2009-08-1000 min