J.M. Porup

Senior Writer

J.M. Porup got his start in security working as a Linux sysadmin in 2002. Since then he's covered national security and information security for a variety of publications, and now calls CSO Online home. He previously reported from Colombia for four years, where he wrote travel guidebooks to Latin America, and speaks Spanish fluently with a hilarious gringo-Colombian accent. He holds a Masters degree in Information and Cybersecurity (MICS) from UC Berkeley.

How Adobe monitors cloud deployments to control shadow IT

Inspecting TLS-encrypted traffic with mitmproxy

Inspecting TLS-encrypted traffic with mitmproxy

The free, open-source mitmproxy tool makes it easy to inspect TLS-encrypted app and web traffic to see exactly who your phone is talking to.

How to stop email spoofing of parked domains

How to stop email spoofing of parked domains

Publishing a DMARC record for unused domains is a good idea. Here's how.

Backdoors and Breaches incident response card game makes tabletop exercises fun

Backdoors and Breaches incident response card game makes tabletop exercises fun

New Backdoors and Breaches card game makes it easy to build a random, realistic incident as part of a tabletop exercise.

Are we running out of time to fix aviation cybersecurity?

Are we running out of time to fix aviation cybersecurity?

A new report from the Atlantic Council on aviation cybersecurity underscores the poor state of aviation security — and worse, how poorly understood the problem is within the industry.

"Penn Test" challenge helps infosec team think like attackers

At Penn Medicine, gamifying security training builds skills, drives employee retention.

How a nuclear plant got hacked

How a nuclear plant got hacked

India's Kudankulam Nuclear Power Plant (KNPP) publicly admitted they discovered malware on their networks. It likely could have been easily avoided.

How a bank got hacked

How a bank got hacked

Notorious hacker Phineas Phisher claims to have netted hundreds of thousands of pounds sterling in a 2016 hack of the Cayman National Isle of Man Bank. Here's how he did it and why it's cause for concern.

What is Shodan? The search engine for everything on the internet

What is Shodan? The search engine for everything on the internet

Defenders find this simple tool valuable for finding vulnerable devices attached to the web that need to be secured.

Can Security Onion replace your commercial IDS?

Can Security Onion replace your commercial IDS?

Security Onion is a free intrusion detection system (IDS), security monitoring, and log management solution. Just one catch: You need skilled employees to manage it.

Boeing's poor information security posture threatens passenger safety, national security, researcher says

Boeing's poor information security posture threatens passenger safety, national security, researcher says

The aircraft maker failed to perform minimum due diligence in securing its networks, then tried to cover it up, security researcher Chris Kubecka tells Aviation Cyber Security conference attendees.

Stop ignoring printer security: It's time for CSOs to take control

Stop ignoring printer security: It's time for CSOs to take control

Despite shipping with mature security features, most printer deployments are insecure because of misplaced financial and organizational incentives.

Load More