IT specialists
Practical information on keeping systems and data safe from attack.
Critical Controls
Patching
Keeping your software up-to-date is one of the most simple and effective steps to take, to ensure your environment stays
Guide
Mobile device management
A mobile device is any portable device that can access and hold organisational data. It's important to secure these devi
News
Spotlight on ransomware
CERT NZ Incident Response Manager Nadia Yousef provides an insight into ransomware and how organisations can protect the
Advisory
Critical vulnerability in Windows’ Kerberos protocol
Guide
Traffic light protocol
The traffic light protocol (TLP) is a set of designations used to ensure that sensitive information is shared with the c
Critical Controls
Implement and test backups
After an incident, restoring your data from backups is often the best way to return to business as usual. Performing and
Advisory
Microsoft Exchange Autodiscover exposing credentials
Critical Controls
Implement application control
Application allowlisting (otherwise known as whitelisting) is a method of strictly controlling what programs can be run
Guide
How to report a vulnerability
If you find a vulnerability in a service or product, you should report it to the individual or organisation (the 'vendor
News
Cyber security incidents continue to rise
CERT NZ’s latest report shows Kiwis reported more than 1,400 cyber security incidents from 1 January to 31 March.
Advisory
Active scanning for VMware vCenter Vulnerability
Guide
Reporting a vulnerability to CERT NZ
A vulnerability is a weakness in software, hardware, or an online service. Vulnerabilities can be exploited to damage a
Critical Controls
Principle of least privilege
The principle of least privilege means only having the access you need to do your job. Restricting the level access to o
News
Cyber security strengthens in the Pacific with the launch of SamCERT
A partnership between New Zealand and Samoa has strengthened cyber security resilience in the Pacific with the establish