John Leyden

Infosec journalist

2023-08-23

My latest blog post for isms_online looks at how the recently agreed EU-US Data Privacy Framework reduces privacy-realted red tape for European businesses. isms.online/data-protection/ne

2023-08-22

ICYMI my latest blog post for Evalian looks at the impact of the #SolarWinds Sunburst #supplychain attack and lessons that can be learned from the landmark data breach. evalian.co.uk/solarwinds-suppl

2023-07-12

A short history on #supplychain attacks and tips on their mitigation evalian.co.uk/supply-chain-att <-- My first blog post for Evalian

2023-07-12

Cyberattacks against Ukraine have surged, linked to attacks on the ground, but their effectiveness has been blunted csoonline.com/article/645556/u <-- My first feature for @csoonline

2023-07-12

My latest blog post for ISMS.online on the NCSC's #supplychain mapping advice and how it aligns with ISO 27001 as a framework to build cybersecurity resilience isms.online/information-securi <-- feat. expert comment from Piers Wilson of @ciisechq

2023-06-14

A look into the relative merits of bug bounty and pen testing programs assured.co.uk/2023/bug-bounty- <-- My first piece for Assured Intelligence

2023-06-08

Is your organisation prepared for the Digital Operational Resilience Act (#DORA)? isms.online/cyber-security/get <-- My first blog post for isms.online

2023-05-17

Legitimate domains turned into conduits for phishing campaigns by crooks exploiting open redirect vulnerabilities silentpush.com/blog/open-redir <-- My first blog post with Silent Push researchers

John Leyden boosted:
Smashing Security podcastsmashingsecurity@mastodon.green
2023-05-12

Twitter shares explicit photos without users' permission, one US company can look forward to a $1.4 billion payout seven years after an infamous cyberattack, and how might hackers target Eurovision?

All this and more is discussed in the latest edition of the "Smashing Security" #podcast by me, Carole Theriault, joined this week by @hac_overflow.

Find "Smashing Security" in all good podcast apps...

grahamcluley.com/smashing-secu

#cybersecurity #podcast #eurovision #ransomware #Twitter #privacy

John Leyden boosted:
2023-05-11

A new "Smashing Security" podcast! With special guest @hac_overflow

Eurovision, acts of war, and Twitter circles.

Check it out: grahamcluley.com/smashing-secu

Smashing Security episode 321
John Leyden boosted:
Javvad Malik :verified:Javvad@infosec.exchange
2023-04-05

Always great to catch up with the legendary @hac_overflow

2023-04-03

PortSwigger has closed The Daily Swig and I've been made redundant, so I'm looking for freelance tech journalism work #journojobs

2022-11-21

Hi @alevsk. I'm interested in the misconfiguration of infosec.exchange on Mastodon as a potential Daily Swig story. Can you summarize the root cause of the problem and its resolution? Are there any lessons for other Mastodon server admins from your research?
(Cc @jerry )

2022-11-21

Hi @alevsk. I'm interested in the misconfiguration of infosec.exchange on Mastodon as a potential Daily Swig story. Can you summarize the root cause of the problem and its resolution? Are there any lessons for other Mastodon server admins from your research?
(Cc @jerry )

2022-11-20

Mastodon users on some instances might be vulnerable to password-stealing attacks portswigger.net/daily-swig/mas

2022-11-10

@jerry I'm interested in covering the possible migration of some security people from Twitter to Mastodon for The Daily Swig, a web security news site.

How many new active users have moved onto infosec.exchange over the last month or so? What other instances of Mastodon are popular among cybersecurity people?

What response have you had to your appeal for volunteers? What other resources might you need?

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst