Retail breaches are back — but they’ve evolved. This isn’t about skimming cards anymore. From ransomware taking down pharmacies to credential stuffing attacks hitting brand loyalty, today’s breaches are about disruption, trust, and third-party exposure. In this episode of Cyberside Chats, hosts Sherri Davidoff and Matt Durrin break down the latest retail breach wave, revisit lessons from the 2013 “Retailgeddon” era, and highlight what every security leader — not just in retail — needs to know today.

Key Takeaways

1. Redefine what “sensitive data” means. Names, emails, and access tokens are often more valuable to attackers than payment data.
2. Scrutinize third-party and SaaS access. You can’t protect what you don’t know is exposed.
3. Monitor and protect customer-facing systems. Logging, anomaly detection, and fast response are essential for accounts and APIs — especially when attackers target credentials.
4. Test your incident response plan for downtime. Retail isn’t the only sector where uptime = revenue and lives impacted.

Resources

2025 Verizon Data Breach Investigations Report: https://www.verizon.com/business/resources/reports/dbir/

Victoria’s Secret security incident coverage: https://www.bleepingcomputer.com/news/security/victorias-secret-takes-down-website-after-security-incident/

LMG Security: Third-Party Risk Assessments: https://lmgsecurity.com/third-party-risk-assessments/

Think your network is locked down? Think again. In this episode of Cyberside Chats, we’re joined by Tom Pohl, LMG Security’s head of penetration testing, whose team routinely gains domain admin access in over 90% of their engagements. How do they do it—and more importantly, how can you stop real attackers from doing the same?

Tom shares the most common weak points his team exploits, from insecure default Active Directory settings to overlooked misconfigurations that persist in even the most mature environments. We’ll break down how features like SMB signing, legacy broadcast protocols, and other out-of-the-box settings designed for ease, not security, can quietly open the door for attackers—and what security leaders can do today to shut those doors for good.

Whether you're preparing for your next pentest or hardening your infrastructure against advanced threats, this is a must-watch for CISOs, IT leaders, and anyone responsible for securing Windows networks.

Takeaways:

1. Eliminate Default Credentials: Regularly audit and replace default logins on network-connected devices, including UPS units, printers, cameras, and other infrastructure.
2. Harden AD Certificate Services: Review certificate template permissions and AD CS configurations to block known exploitation paths that enable privilege escalation.
3. Enforce SMB Signing Everywhere: Enable and enforce both client and server SMB signing via Group Policy to prevent authentication relay attacks.
4. Clean Up File Shares: Scan internal shares for exposed passwords, scripts, and sensitive data, then implement role-based access control by locking down permissions and eliminating unnecessary access.
5. Disable Legacy Protocols: Turn off LLMNR, NetBIOS, and similar legacy protocols to reduce the risk of spoofing and name service poisoning attacks.

References:

“Critical Windows Server 2025 DMSA Vulnerability Exposes Enterprises to Domain Compromise” (The Hacker News)

https://thehackernews.com/2025/05/critical-windows-server-2025-dmsa.html

“Russian GRU Cyber Actors Targeting Western Logistics Entities and Tech Companies” (CISA Alert)

https://www.cisa.gov/news-events/alerts/2025/05/21/russian-gru-cyber-actors-targeting-western-logistics-entities-and-tech-companies

LMG Security – Penetration Testing Services (Identify weaknesses before attackers do)

https://www.lmgsecurity.com/services/penetration-testing/

What happens to your digital world when you die? In this episode of Cyberside Chats, LMG Security’s Tom Pohl joins the conversation to discuss the often-overlooked cybersecurity and privacy implications of death. From encrypted files and password managers to social media and device access, we’ll explore how to ensure your loved ones can navigate your digital legacy—without needing a password-cracking expert. Learn practical strategies for secure preparation, policy design, and real-world implementation from a security professional’s perspective.

Takeaways

1) Take a Digital Inventory of Your Assets

• Include details like account recovery options, two-factor authentication settings, and related devices.

• Update the inventory regularly and store it securely.

• Create a comprehensive list of your digital assets, including accounts, devices, files, cloud services, and subscriptions.

2) Implement Emergency Access Protocols in Password Managers

• Use features like 1Password’s Emergency Kit or designate trusted emergency contacts.

• Store emergency credentials securely (e.g., safe deposit box) and reference in legal documents.

• Ensure all critical credentials are actually stored in your password manager—don’t leave them in separate notes or documents.

3) Establish a Digital Executor

• Choose a trusted individual to manage your digital assets after death or incapacitation.

• Document access instructions and store them securely, such as in an encrypted file with a shared key.

• Ensure your digital executor knows where these instructions are located—or give them a copy in advance.

4) Prepare Recovery Access for Critical Devices

• Ensure recovery keys and PINs for devices (e.g., smartphones, laptops, smart home hubs) are stored securely and can be accessed by designated individuals.

• Register a Legacy Contact for Apple and other cloud services.

5) Create a Plan for Your Online Presence

• Decide whether your social media and email accounts should be memorialized, deleted, or handed over.

• Use services like Google Inactive Account Manager or Facebook’s Legacy Contact feature.

6) At Work, Develop Internal Organizational Policies

• Implement IT procedures for handling the death or incapacity of key personnel.

• Regularly audit and securely store credentials for essential systems, especially for sole-proprietor scenarios.

References:

How to Add a Legacy Contact for Your Apple Account: https://support.apple.com/en-us/102631

Get To Know Your Emergency Kit: https://support.1password.com/emergency-kit/

Wayne Crowder’s LinkedIn Page: https://www.linkedin.com/in/wcrowder

Digital Afterlife Planning Checklist: https://www.lmgsecurity.com/resources/digital-afterlife-planning-checklist/

#Cybersecurity #Cyberaware #Cyber #DigitalPlanning