IT specialists

Practical information on keeping systems and data safe from attack.

CERT TEC 180518 WEB 245

Critical Controls

Implement and test backups

After an incident, restoring your data from backups is often the best way to return to business as usual. Performing and

Guide

How to report a vulnerability

If you find a vulnerability in a service or product, you should report it to the individual or organisation (the 'vendor

2019 05 16 MTP 0632

Critical Controls

Application allowlisting

Application allowlisting (otherwise known as whitelisting) is a method of strictly controlling what programs can be run

CERT TEC 180518 WEB 56

News

Complacency makes Kiwis more vulnerable to cyber attacks

The volume and sophistication of financially-motivated cyber attacks has increased over the last six months, so it is cr

19 October 2020

Advisory

Critical vulnerability in Microsoft Windows Server

15 July 2020

Guide

Reporting a vulnerability to CERT NZ

A vulnerability is a weakness in software, hardware, or an online service. Vulnerabilities can be exploited to damage a

CERT TEC 180518 WEB 295 v2

News

Online recruitment scams

Looking for a new job can be stressful at the best of times. It’s even more challenging when people use the opportunity

10 September 2020

Guide

Default credentials

Change the passwords on any systems that come with default credentials before you use the systems in your environment.

Advisory

Targeted attacks exploiting vulnerabilities in Microsoft Windows

24 March 2020

CERT TEC 180518 WEB 83

Critical Controls

Principle of least privilege

The principle of least privilege means only having the access you need to do your job. Restricting the level access to o

Guide

Cloud-based identity providers and authentication

Using single sign-on with a large cloud identity provider allows your users to protect fewer passwords and your IT staff

Advisory

Critical vulnerabilities in Microsoft Windows

15 January 2020

CERT TEC 180518 WEB 8 v2

News

COVID-19: operating your business under Alert Levels 1 and 2

Auckland is at Alert Level 2 and the rest of New Zealand at Alert Level 1. It’s important you run your business in line

28 September 2020

CERT TEC 180518 WEB 83 v2

Critical Controls

Centralised logging

Storing and securing your logs in a central place makes log analysis and alerting easier.

Advisory

Updated: Exploitation of critical Citrix vulnerability

21 January 2020

CERT TEC 180518 WEB 265

Critical Controls

Network segmentation and separation

When paired together, segmentation and separation can add an additional level of access control and security to your net