IT specialists

Practical information on keeping systems and data safe from attack.

Advisory

Apple iMessage vulnerability being exploited

14 September 2021

Guide

Default credentials

Change the passwords on any systems that come with default credentials before you use the systems in your environment.

CERT TEC 180518 WEB 83 v2

Critical Controls

Centralised logging

Storing and securing your logs in a central place makes log analysis and alerting easier.

CERT STREET 180621 WEB 1

News

Concerns over security increase as more people hit the online shops

Research shows that as more people are transacting online, concerns about the security of online shopping are on the min

29 April 2021

Advisory

Active scanning for Microsoft Exchange Proxyshell vulnerability

8 August 2021

Guide

Cloud-based identity providers and authentication

Using single sign-on with a large cloud identity provider allows your users to protect fewer passwords and your IT staff

CERT TEC 180518 WEB 265

Critical Controls

Network segmentation and separation

When paired together, segmentation and separation can add an additional level of access control and security to your net

2019 05 09 MTP 0595

News

CERT NZ’s threat feed saves New Zealanders a costly tax year

CERT NZ’s timely actions have saved some New Zealanders a costly end to the tax year. With the help of CERT NZ’s threat

22 March 2021

Advisory

SonicWall EOL Devices Targeted by Ransomware

15 July 2021

Guide

Securing access to Microsoft 365

We see a large number of Microsoft 365 (formally known as Office 365) branded phishing attacks, due to it being such a c

2019 05 30 MTP 1674 v2

Critical Controls

Asset Lifecycle Management

Limiting and securing your internet-exposed services will help you prevent unauthorised access.

CERT TEC 180518 WEB 83 v2

News

Email-related attacks cost New Zealanders close to one million dollars

CERT NZ’s latest quarterly report shows cyber attacks circulated by email posed the greatest threat to New Zealanders’ c

25 November 2020

Advisory

Vulnerability in SolarWinds Serv-U Fileserver being Exploited

13 July 2021

Guide

Mitigating the impact of incidents in M365

CERT NZ has seen a lot of phishing attacks on Microsoft 365, due to it being a commonly used cloud platform. A percentag

CERT 180420 WEB 210

News

What is a CERT, anyway?

This week marks the anniversary of the Morris Worm, the first well-known internet ‘worm’. To mark the occasion, we’re ta

6 November 2020

Advisory

Kaseya management software being used to deploy ransomware

12 July 2021