J. M. Porup, CSOonline

J. M. Porup

CSOonline

Toronto, ON, Canada

Contact J.M.

Discover and connect with journalists and influencers around the world, save time on email research, monitor the news, and more.

Start free trial

Recent:
  • Unknown
Past:
  • CSOonline
  • ITworld
  • Ars Technica
  • Ars Technica UK
  • OpenNews Source
  • VICE

Past articles by J.M.:

Deepfake videos: How and why they work — and what is at risk

Deepfakes are fake videos or audio recordings that look and sound just like the real thing. Once the bailiwick of Hollywood special effects studios and intelligence agencies producing propaganda, deepfakes swap celebrities' faces into porn videos and put words in politicians' mouths, but they could do a lot worse. → Read More

Hashcat explained: Why you might need this password cracker

Hashcat is a popular and effective password cracker widely used by both penetration testers and sysadmins as well as criminals and spies. → Read More

Bug bounty platforms buy researcher silence, violate labor laws, critics say

The promise of crowdsourced cybersecurity, fueled by "millions of hackers," turns out to be a pipe dream, despite high-octane marketing from the bug bounty platforms. → Read More

What is mitmproxy? A tool to inspect TLS-encrypted traffic

The free, open-source mitmproxy tool makes it easy to inspect TLS-encrypted app and web traffic to see exactly who your phone is talking to. → Read More

How a bank got hacked

Notorious hacker Phineas Phisher claims to have netted hundreds of thousands of pounds sterling in a 2016 hack of the Cayman National Isle of Man Bank. Here's how he did it and why it's cause for concern. → Read More

What is Shodan? The search engine for everything on the internet

Defenders find this simple tool valuable for finding vulnerable devices attached to the web that need to be secured. → Read More

Stop ignoring printer security: It's time for CSOs to take control

Despite shipping with mature security features, most printer deployments are insecure because of misplaced financial and organizational incentives. → Read More

Presidential campaign websites fail at privacy, new study shows

A non-partisan analysis of 23 presidential campaign websites reveals glaring privacy issues. → Read More

Speaker disinvites at CyberCon spark controversy

NSA whistleblower Thomas Drake and Australian academic Dr. Suelette Dreyfus disinvited from speaking at CyberCon a week before the conference. → Read More

6 questions candidates should ask at every security job interview

The cybersecurity skills shortage means security pros can be picky about where they work. Here's how to suss out bad employers. → Read More

Improving BGP routing security by minding your MANRS

Enterprises can improve their routing security for modest costs, according to the Mutually Agreed Norms for Routing Security (MANRS) project. → Read More

IT services giant HCL left employee passwords, other sensitive data exposed online

HCL left employee passwords, customer project details, and other sensitive information exposed online with no authentication. → Read More

Will the U.S. government draft cybersecurity professionals?

A Congressional commission might soon recommend conscription of cybersecurity professionals to serve in both the military and civil service. Will the government force security pros to work for Uncle Sam? → Read More

How New York City plans to become a cybersecurity hub

America's largest city has been hit hard by the cybersecurity skills shortage and is working to grow its cybersecurity workforce. → Read More

Inside the 2014 hack of a Saudi embassy

According to documents seen by CSO, an unknown attacker took control of the official email account of the Saudi embassy in The Netherlands and demanded a ransom of $50 million for ISIS. → Read More

Better, badder, bigger SIEM coming your way, folks, courtesy of Google

Google/Alphabet's Chronicle cybersecurity moonshot has a doozy of a mega-gargantuan SIEM with huge pluses--and minuses. Take note. → Read More

Bruce Schneier takes his pitch for public-interest security to RSA Conference

Bruce Schneier's new all-day track at the RSA Conference explores idea that security pros, like lawyers, should be expected to engage in a certain amount of pro bono work. → Read More

Bruce Schneier takes his pitch for public-interest security to RSA Conference

Bruce Schneier's new all-day track at the RSA Conference explores idea that security pros, like lawyers, should be expected to engage in a certain amount of pro bono work. → Read More

7 cheap or free cyber security training resources

Use these free and cheap resources to train employees in entry-level cybersecurity skills, and to help job seekers "hack through the HR firewall." → Read More

7 cheap or free cyber security training resources

Use these free and cheap resources to train employees in entry-level cybersecurity skills, and to help job seekers "hack through the HR firewall." → Read More