Do you know that every single website certificate your external perimeter is valid? What about your VPN certificate? Many companies have robust solutions in place to rotate certificates, but how can you actually guarantee that every IP has the correct certificate installed?

One of the easiest ways is to use your vulnerability scanner, but, if you don’t look carefully carefully, you may be missing this information, and a lot more.

In many organizations, it’s a challenge to look at the highest severity issues that are found in vulnerability scans. Using a risk-based approach to remediation is fine. There’s only so…

Of course, right after I recommended using LastPass, a password manager that securely stores and generates passwords for you, the company decided to start charging for it.

It’s still a fine product, and it has useful features like password sharing between multiple users. If you want to share a single online bank login or your Netflix password with your significant other, you can without insecurely sending a text message. It will even send your passwords to next of kin, if you pass.

The price of entry isn’t really that high. Commercial password managers like LastPass can actually be cheaper than…

For many organizations, when they first think about Vulnerability Management, they focus on which one of the big three vulnerability scanner companies to use. Next, they think about where to put the scanners. Then, when can the scans be run? Since this is my specialty, during a conversation about VM, I will get asked about these important things, but there are strategies that should be developed before any actual deployment takes place.

Do you already know about problems within your organization?

Hold on, you say. If I haven’t scanned and don’t know what’s wrong with my assets, how can I…

If you’ve been watching online videos or TV recently, you might feel like you’re being left behind by not having 5G on your phone. But if you’re in the market for a new phone, don’t worry about getting 5G quite yet.

The major service providers are aggressively pushing the supposedly must-have technology through a series of commercials promoting the iPhone 12 and Samsung Galaxy S21. All three major carriers have started deploying 5G, reusing radio frequencies previously used for 2G, 3G, and even 4G.

Certainly, this is a case that you should carefully watch the messenger. Both the phone manufacturers…

A Chromebook (credit: Google)

PC manufacturers have seen their business go up an incredible amount of the past year. Suddenly, it wasn’t good enough to have just one PC in your house for everyone to share, on the occasions that they couldn’t use their smartphones and tablets. Everyone needed to get remote work and remote school done, all day, and all at the same time. As a result, shipments of PCs, including laptops, desktops, and workstations, were up 26.1% in the last quarter of 2020.

Even if they are popular now, PCs are no longer the coolest thing to buy. That honor goes to…

This might be news to some Android users, but iPhone users can tell you have an Android phone when you text them.

How? On an iPhone, texts from non-iPhones come in a green bubble, indicating the text is sent via the phone company’s text messaging. For iPhone to iPhone communication, the bubbles are blue, indicating that, rather than being sent via the carrier’s text message service, the message was sent through Apple’s encrypted iMessage platform through the internet.

Apple’s iMessage has some nice benefits over regular texting, like full resolution pictures, read receipts, and special effects like fireworks, but security…

It’s annoying. Your computers and phones are constantly asking you if you’d like to apply the latest security update now… or maybe tonight.

At work, these updates are usually handled for you, but for your personal devices you’re on your own. Don’t give into the temptation to not apply updates because you don’t think your personal devices don’t matter. There’s plenty of important data on them that you care about, like your family photos or that screenplay you’ve been writing for 10 years.

You’re important, just like everyone else

People always tell me, “it doesn’t matter if I apply updates…

I’ve caught more than one person using a notes app on their phone to keep track of passwords. This seems like an OK idea to some because they assume that someone would have to steal your phone and know the passcode to it in order to access the passwords. Theoretically, it sounds great.

Your phone is being too helpful and it’s making your passwords insecure

However, you most likely sync your phone or the notes app to the cloud. Now, you’ve introduced a potentially easy way for someone to steal your important passwords. …

When you think of AT&T, Verizon, and T-Mobile, you probably think of their postpaid networks, the kind that sends you a bill after you’ve used their service.

You may cringe when you think of prepaid service, imagining they are low quality and not worth your time. Reset your thoughts because prepaid is worth a look. Prepaid service could deliver you most of the coverage of your favorite cell network at a much lower cost, if you’re willing to put up with some occasional (and only potential) inconveniences.

Prepaid services are provided by the big guys

All major providers have a…

When you move into a city, you expect that things cost more. That’s just the way it is. There’s limited space, which means that rent is more, and it’s logistically more difficult to get goods into stores. CVS, for instance, uses half semi trucks to drive around the Chicago Loop.

Expectations are set

So when I go into a store, even a big box one, located in the City of Chicago, I expect to be charged more than someone in Naperville, about 30 miles away from downtown Chicago. …

Jerry Galvin

Jerry Galvin has over 15 years of experience in systems engineering and cybersecurity operations. He currently specializes in vulnerability management.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store