John Leyden
@jleyden.bsky.social
Cybersecurity journalist for csoonline.com (past Daily Swig, The Register and others). Sports fan and travel enthusiast.
Mikko Hypponen announces he is leaving the anti-malware industry after 34 years to join an anti- drone startup Sensofusion in August <— One of the deepest thinkers and best speakers in the industry moves on. Muchas gracias por todo y buena suerte. #InfosecurityEurope
June 4, 2025 at 10:30 AM
Mikko Hypponen announces he is leaving the anti-malware industry after 34 years to join an anti- drone startup Sensofusion in August <— One of the deepest thinkers and best speakers in the industry moves on. Muchas gracias por todo y buena suerte. #InfosecurityEurope
Listening to Rory Stewart talking geopolitics #infosec. Trump’s decision to dismantle federal funding for universities and science, laying off US govt cybersecurity staff is bad news. Stewart predict regulatory divergence
June 4, 2025 at 10:00 AM
Listening to Rory Stewart talking geopolitics #infosec. Trump’s decision to dismantle federal funding for universities and science, laying off US govt cybersecurity staff is bad news. Stewart predict regulatory divergence
SANS Institute’s James Lyne and Cairan Martin talking about trends for cybersecurity leaders at #InfosecEurope
June 3, 2025 at 3:30 PM
SANS Institute’s James Lyne and Cairan Martin talking about trends for cybersecurity leaders at #InfosecEurope
Mikko Hypponen introducing a panel on AI by mentioning his 34 year career in infosecurity, back to the days of viruses on floppy discs. Mikko says cybersecurity is no longer just about securing computers but about securing society
June 3, 2025 at 12:20 PM
Mikko Hypponen introducing a panel on AI by mentioning his 34 year career in infosecurity, back to the days of viruses on floppy discs. Mikko says cybersecurity is no longer just about securing computers but about securing society
Listening to NCSC’s Paul Chichester talking about geopolitics driving cyber threats
June 3, 2025 at 12:00 PM
Listening to NCSC’s Paul Chichester talking about geopolitics driving cyber threats
Let’s get it right about ColostomyBagBoy and their historic malware writing exploits…
Before a geek “I think you’ll-find”s me, I should point out Colostomy Bagboy wrote file viruses rather BSVs…
Anyway, good to know you’re here John! Hope we can catch up.
Anyway, good to know you’re here John! Hope we can catch up.
June 3, 2025 at 10:30 AM
Let’s get it right about ColostomyBagBoy and their historic malware writing exploits…
Prof Brian Cox talking about black holes, quantum physics and quantum computing
June 3, 2025 at 9:40 AM
Prof Brian Cox talking about black holes, quantum physics and quantum computing
Standing room only for the first Infosec Europe keynote
June 3, 2025 at 9:00 AM
Standing room only for the first Infosec Europe keynote
Great day at the #DTXM25 conference in Manchester yesterday. Saw talks by @rikferguson.com and @jakemooreuk.bsky.social as well as a timely panel on mental health in cybersecurity teams
April 3, 2025 at 12:00 PM
Great day at the #DTXM25 conference in Manchester yesterday. Saw talks by @rikferguson.com and @jakemooreuk.bsky.social as well as a timely panel on mental health in cybersecurity teams
I'm putting together a follow-up piece on SEC breach disclosure rules.
www.csoonline.com/article/3609...
How can CISOs pre-prepare to assess whether or not a breach has a "material impact" and meet these tight reporting requirements?
I'm looking for comments from industry (non-vendor) CISOs.
www.csoonline.com/article/3609...
How can CISOs pre-prepare to assess whether or not a breach has a "material impact" and meet these tight reporting requirements?
I'm looking for comments from industry (non-vendor) CISOs.
What CISOs need to know about the SEC’s breach disclosure rules
Security leaders can face personal liability peril for security fails or misleading disclosures to the SEC and navigating the reporting guidelines is not always a straightforward task.
www.csoonline.com
December 18, 2024 at 1:00 PM
I'm putting together a follow-up piece on SEC breach disclosure rules.
www.csoonline.com/article/3609...
How can CISOs pre-prepare to assess whether or not a breach has a "material impact" and meet these tight reporting requirements?
I'm looking for comments from industry (non-vendor) CISOs.
www.csoonline.com/article/3609...
How can CISOs pre-prepare to assess whether or not a breach has a "material impact" and meet these tight reporting requirements?
I'm looking for comments from industry (non-vendor) CISOs.
UK government is running consultations in coop with French to improve transparency into the cyber intrusion market #BlackHatEU <— Analogies with defence procurement don’t map well, say foreign office reps
December 12, 2024 at 12:00 PM
UK government is running consultations in coop with French to improve transparency into the cyber intrusion market #BlackHatEU <— Analogies with defence procurement don’t map well, say foreign office reps
Defending off the land: Using existing Windows OS capabilities rather the XDR agents or similar from security vendors to detect and alert on attackers (HT Thinkst Canary) #BlackHatEU2024
December 12, 2024 at 11:00 AM
Defending off the land: Using existing Windows OS capabilities rather the XDR agents or similar from security vendors to detect and alert on attackers (HT Thinkst Canary) #BlackHatEU2024
Senior French interior ministry chief Brigadier General Eric Freyssinet talking cybercrime trends #BlackHatEU2024
December 12, 2024 at 9:30 AM
Senior French interior ministry chief Brigadier General Eric Freyssinet talking cybercrime trends #BlackHatEU2024
Research into 4 years of threat intel on SAP vulnerabilities revealed a sharp spike in discussions in 2020 #BlackHatEU
December 12, 2024 at 9:00 AM
Research into 4 years of threat intel on SAP vulnerabilities revealed a sharp spike in discussions in 2020 #BlackHatEU
Interesting talk by Johann Rehberger of embracethered.com on advanced prompt injection exploits in LLM applications such as Microsoft Copilot #BlackHatEU2024
December 11, 2024 at 7:00 PM
Interesting talk by Johann Rehberger of embracethered.com on advanced prompt injection exploits in LLM applications such as Microsoft Copilot #BlackHatEU2024
WorstFit: character conversion issue with Window’s BestFit tech creates numerous vulnerabilities in various applications, Orange Tsai tells #BlackHatEU
December 11, 2024 at 12:00 PM
WorstFit: character conversion issue with Window’s BestFit tech creates numerous vulnerabilities in various applications, Orange Tsai tells #BlackHatEU
KeyTrap denial of service attack against DNSSec: 10 requests per second enough to create a viable DOS attack. Worse strain of attack - single request 18 mins DOS. All resolvers vulnerable. #BlackHatEU2024
December 11, 2024 at 11:00 AM
KeyTrap denial of service attack against DNSSec: 10 requests per second enough to create a viable DOS attack. Worse strain of attack - single request 18 mins DOS. All resolvers vulnerable. #BlackHatEU2024
French geopolitics academic Frédérick Douzet talking about the geopolitical implications of network connectivity and complexity #BlackHatEU2024
December 11, 2024 at 9:40 AM
French geopolitics academic Frédérick Douzet talking about the geopolitical implications of network connectivity and complexity #BlackHatEU2024
A monoculture isn’t going to work well in a chaotic political environment, says Black Hat’s Jeff Moss #BlackHatEU2024 <—- Need to have flexibility in skills and avoid vendor lock-in
December 11, 2024 at 9:20 AM
A monoculture isn’t going to work well in a chaotic political environment, says Black Hat’s Jeff Moss #BlackHatEU2024 <—- Need to have flexibility in skills and avoid vendor lock-in
Thinking of trying out "I'm from the internet and I'm here to help" as a new icebreaker. "You can trust me, I'm a journalist" is far too 90s
December 10, 2024 at 10:00 PM
Thinking of trying out "I'm from the internet and I'm here to help" as a new icebreaker. "You can trust me, I'm a journalist" is far too 90s