IT specialists
Practical information on keeping systems and data safe from attack.
Guide
Traffic light protocol
The traffic light protocol (TLP) is a set of designations used to ensure that sensitive information is shared with the c
Critical Controls
Implement and test backups
After an incident, restoring your data from backups is often the best way to return to business as usual. Performing and
News
Don’t blame the IT crowd - cyber security is everyone’s concern
Cyber security incidents caused nearly $17m losses last year, but most organisations still see it as an 'IT problem'.
Advisory
Microsoft Exchange Autodiscover exposing credentials
Critical Controls
Implement application control
Application allowlisting (otherwise known as whitelisting) is a method of strictly controlling what programs can be run
Guide
How to report a vulnerability
If you find a vulnerability in a service or product, you should report it to the individual or organisation (the 'vendor
Advisory
Active scanning for VMware vCenter Vulnerability
Guide
Reporting a vulnerability to CERT NZ
A vulnerability is a weakness in software, hardware, or an online service. Vulnerabilities can be exploited to damage a
Critical Controls
Principle of least privilege
The principle of least privilege means only having the access you need to do your job. Restricting the level access to o
News
Cyber security incidents continue to rise
CERT NZ’s latest report shows Kiwis reported more than 1,400 cyber security incidents from 1 January to 31 March.
Advisory
Apple iMessage vulnerability being exploited
Guide
Default credentials
Change the passwords on any systems that come with default credentials before you use the systems in your environment.
Critical Controls
Centralised logging
Storing and securing your logs in a central place makes log analysis and alerting easier.
News
Cyber security strengthens in the Pacific with the launch of SamCERT
A partnership between New Zealand and Samoa has strengthened cyber security resilience in the Pacific with the establish