IT specialists

Practical information on keeping systems and data safe from attack.

Guide

Hardening RDP if you have to use it

Understanding why RDP is necessary and who needs access are important when hardening the RDP server. For example, if sta

2019 05 30 MTP 1674 v2

Critical Controls

Securing internet-exposed services

Limiting and securing your internet-exposed services will help you prevent unauthorised access.

Advisory

SolarWinds Orion vulnerability being actively exploited - updated advisory

14 December 2020

CERT TEC 180518 WEB 83 v3

News

Reserve Bank of New Zealand data breach

The Reserve Bank of New Zealand has suffered a data breach which has been widely reported in New Zealand media. The bre

13 January 2021

Guide

Mitigating denial-of-service attacks

There are multiple ways to manage a denial-of-service (DoS) incident and the way you respond depends on the controls yo

2019 05 30 MTP 1664 v2

Critical Controls

Secure defaults for macros

While macros have a valid business function, they are often used by attackers too. Using secure default configurations w

Advisory

Vulnerability in Fortinet firewalls being exploited

1 December 2020

CERT TEC 180518 WEB 42

News

2020 CERTainly upped the ante

Michael Shearer, Principal Advisor - Threat and Vulnerabilities, takes a look at how the cyber security landscape shaped

22 December 2020

Guide

Preparing for denial-of-service incidents

Denial-of-service (DoS) attacks aim to exhaust your resources and take your operations offline. They can have a signific

CERT TEC 180518 WEB 265

Critical Controls

Network segmentation and separation

When paired together, segmentation and separation can add an additional level of access control and security to your net

Advisory

Oracle WebLogic Server vulnerability being exploited

30 October 2020

CERT TEC 180518 WEB 83 v2

News

Email-related attacks cost New Zealanders close to one million dollars

CERT NZ’s latest quarterly report shows cyber attacks circulated by email posed the greatest threat to New Zealanders’ c

25 November 2020

Guide

Asset lifecycle management

Tracking assets throughout their lifecycle allows your organisation to securely carry out system hardening, patching and

CERT TEC 180518 WEB 83 v2

Critical Controls

Centralised logging

Storing and securing your logs in a central place makes log analysis and alerting easier.