J.M. Porup

Senior Writer

J.M. Porup has been a security geek since 2002, when he got his first job in IT. Since then he's covered national security and information security for a variety of publications, and now calls CSOonline home. He previously reported from Colombia for four years, where he wrote travel guidebooks to Latin America, and speaks Spanish fluently with a hilarious gringo-Colombian accent.

What is Wireshark? What this essential troubleshooting tool does and how to use it

Don't abandon that domain name

Don't abandon that domain name

Penny-wise, pound-foolish: Letting old domain names expire might save a few bucks a year, but lets attackers register your old domain and pretend to be you.

Traveling to China for work? Punch through the Great Firewall and securely connect with your home office

Traveling to China for work? Punch through the Great Firewall and securely connect with your home office

Security is not just about confidentiality and integrity. It's also about availability. The new partnership between Wickr and Psiphon is worth a look for global enterprises with traveling employees.

Do you need a vulnerability disclosure program? The feds say yes

Do you need a vulnerability disclosure program? The feds say yes

The FTC and DOJ are pushing companies to provide a means for good-faith security researchers to report bugs and put effective processes in place to act on those reports.

What are deepfakes? How and why they work

What are deepfakes? How and why they work

Once the bailiwick of Hollywood special effects studios with multi-million-dollar budgets, now anyone can download deepfake software and use machine learning to make believable fake videos. This makes a lot of people nervous.

What is the Tor Browser? How it works and how it can help you protect your identity online

What is the Tor Browser? How it works and how it can help you protect your identity online

The Tor Browser is a web broswer that anonymizes your web traffic using the Tor network, making it easy to protect your identity online.

What is a zero-day exploit? A powerful but fragile weapon

What is a zero-day exploit? A powerful but fragile weapon

A zero-day is a security flaw that has not yet been patched by the vendor and can be exploited. These vulnerabilities fetch high prices on the black market

What is Shodan? The search engine for everything on the internet

What is Shodan? The search engine for everything on the internet

Defenders find this simple tool valuable for finding vulnerable devices attached to the web that need to be secured.

Georgia governor vetoes bill that would criminalize good-faith security research, permit vigilante action

Georgia governor vetoes bill that would criminalize good-faith security research, permit vigilante action

Veto comes in response to overwhelming criticism from industry. Georgia cybersecurity folks had been outraged about SB 315, and warned that it could cost the state jobs.

Online voting is impossible to secure. So why are some governments using it?

Online voting is impossible to secure. So why are some governments using it?

If you thought electronic voting machines were insecure, wait 'til you meet online voting. Dr. Vanessa Teague has twice demonstrated massive security flaws in online voting systems. Instead of fixes and support, she got official...

What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders

What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders

With XSS, attackers enter malicious code into a web form or web app URL to trick the application into doing something it's not supposed to do.

Voting machine vendor firewall config, passwords posted on public support forum

Voting machine vendor firewall config, passwords posted on public support forum

"This is gold" for a nation-state attacker that wanted to hack an election.

Load More