J.M. Porup

Senior Writer

J.M. Porup has been a security geek since 2002, when he got his first job in IT. Since then he's covered national security and information security for a variety of publications, and now calls CSOonline home. He previously reported from Colombia for four years, where he wrote travel guidebooks to Latin America, and speaks Spanish fluently with a hilarious gringo-Colombian accent.

How and why deepfake videos work — and what is at risk

9 top hacker movies and TV shows of all time

9 top hacker movies and TV shows of all time

Movies and TV shows have long influenced how lawmakers and society think about information security. We all have our personal favorite we're obsessed with. What's yours?

SoftNAS Cloud 0day found: Upgrade ASAP

SoftNAS Cloud 0day found: Upgrade ASAP

SoftNAS Cloud users should upgrade immediately following a report by Digital Defense that the virtual cloud appliance is vulnerable to a session management security issue.

What is Mimikatz? And how to defend against this password stealing tool

What is Mimikatz? And how to defend against this password stealing tool

Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets.

Better, badder, bigger SIEM coming your way, folks, courtesy of Google

Better, badder, bigger SIEM coming your way, folks, courtesy of Google

Google/Alphabet's Chronicle cybersecurity moonshot has a doozy of a mega-gargantuan SIEM with huge pluses--and minuses. Take note.

Add cybersecurity to Doomsday Clock concerns, says Bulletin of Atomic Scientists

Add cybersecurity to Doomsday Clock concerns, says Bulletin of Atomic Scientists

The Doomsday Clock, once a ritual feature of the Cold War, warns that cybersecurity issues like IoT and cyber-enabled information warfare endanger humanity.

Fear and loathing defending ICS security at DoE's CyberForce Competition

Fear and loathing defending ICS security at DoE's CyberForce Competition

Defending critical infrastructure from determined attackers is not an easy task, CSO reporter J.M. Porup learned competing in the Department of Energy's CyberForce Competition 2018, a cyber security training initiative.

BlackBerry's acquisition of Cylance raises eyebrows in the security community

BlackBerry's acquisition of Cylance raises eyebrows in the security community

BlackBerry's move into the endpoint security game may create public safety issues, given the company's history with encryption backdoors, experts say.

Cylance researchers discover powerful new nation-state APT

Cylance researchers discover powerful new nation-state APT

A new APT, dubbed White Company, is flexing its muscle on the world stage, and it has security researchers worried.

Learn to play defense by hacking these broken web apps

Learn to play defense by hacking these broken web apps

OWASP's Broken Web Applications Project makes it easy to learn how to hack web applications--a critical skill for web application developers playing defense, junior penetration testers, and security-curious management.

Doctored Jim Acosta video shows why fakes don’t need to be deep to be dangerous

Doctored Jim Acosta video shows why fakes don’t need to be deep to be dangerous

White House promotion of an allegedly doctored press conference video shows how "shallow fakes" can manipulate opinion.

Burned malware returns, says Cylance report: Is Hacking Team responsible?

Burned malware returns, says Cylance report: Is Hacking Team responsible?

Burning malware forces attackers to evolve, not go away. Network defenders take note.

Load More