×
Close
J.M. Porup

J.M. Porup

Senior Writer

J.M. Porup has been a security geek since 2002, when he got his first job in IT. Since then he's covered national security and information security for a variety of publications, and now calls CSOonline home. He previously reported from Colombia for four years, where he wrote travel guidebooks to Latin America, and speaks Spanish fluently with a hilarious gringo-Colombian accent.

The Latest from J.M.
BlackBerry's acquisition of Cylance raises eyebrows in the security community
Opinion

BlackBerry's acquisition of Cylance raises eyebrows in the security community

Cylance researchers discover powerful new nation-state APT
News Analysis

Cylance researchers discover powerful new nation-state APT

A new APT, dubbed White Company, is flexing its muscle on the world stage, and it has security researchers worried.

Learn to play defense by hacking these broken web apps
Review

Learn to play defense by hacking these broken web apps

OWASP's Broken Web Applications Project makes it easy to learn how to hack web applications--a critical skill for web application developers playing defense, junior penetration testers, and security-curious management.

What are deepfakes? How and why they work
Feature

What are deepfakes? How and why they work

Once the bailiwick of Hollywood special effects studios with multi-million-dollar budgets, now anyone can download deepfake software and use machine learning to make believable fake videos. This makes a lot of people nervous.

Doctored Jim Acosta video shows why fakes don’t need to be deep to be dangerous
News Analysis

Doctored Jim Acosta video shows why fakes don’t need to be deep to be dangerous

White House promotion of an allegedly doctored press conference video shows how "shallow fakes" can manipulate opinion.

Critical authentication flaw in DJI drone web app fixed
News Analysis

Critical authentication flaw in DJI drone web app fixed

Check Point researcher finds vulnerability that could have allowed attackers to spy on drone fleets in real time.

Burned malware returns, says Cylance report: Is Hacking Team responsible?
News Analysis

Burned malware returns, says Cylance report: Is Hacking Team responsible?

Burning malware forces attackers to evolve, not go away. Network defenders take note.

3 ways politicians could prevent voting machines from being hacked (if they wanted to)
Opinion

3 ways politicians could prevent voting machines from being hacked (if they wanted to)

The current state of voting security is laughably bad, but we know how to secure voting machines. The problem isn't technical, but a lack of political will.

What is Shodan? The search engine for everything on the internet
Feature

What is Shodan? The search engine for everything on the internet

Defenders find this simple tool valuable for finding vulnerable devices attached to the web that need to be secured.

Bruce Schneier's Click Here to Kill Everybody reveals the looming cybersecurity crisis
Review

Bruce Schneier's Click Here to Kill Everybody reveals the looming cybersecurity crisis

Everything is broken, and government and corporations like it that way. But when people start dying because of insecure cyberphysical systems, the overreaction from panicked policymakers could be worse than after 9/11.We need to solve...

SQL injection explained: How these attacks work and how to prevent them
Feature

SQL injection explained: How these attacks work and how to prevent them

There are several types of SQL injection, but they all involve an attacker inserting arbitrary SQL into a web application database query. The good news? SQLi is the lowest of the low-hanging fruit for both attackers and defenders.

Hey Facebook: Quit discouraging people from using 2FA
Opinion

Hey Facebook: Quit discouraging people from using 2FA

Facebook is spying on user 2FA phone numbers to target them with ads. A non-trivial percentage of Facebook users will not use two-factor authentication as a result, a net loss to security.

Load More
Popular Resources
See All