IT specialists

Practical information on keeping systems and data safe from attack.

Advisory

Critical vulnerabilities in Microsoft Windows Print Spooler service

2 July 2021

Guide

Mitigating denial-of-service attacks

There are multiple ways to manage a denial-of-service (DoS) incident and the way you respond depends on the controls yo
CERT CAFE 180426 WEB 21

News

Businesses encouraged to trade smart online to avoid a nightmare before Christmas

Shoring up ecommerce website security can help businesses and their customers avoid a cyber nightmare before Christmas s

11 November 2020

Advisory

Vulnerability in Adobe Acrobat and Reader being actively exploited

12 May 2021

Guide

Manage authentication

Using a combination of authentication security controls can protect your organisation from a wide range of unauthorised

2019 05 30 MTP 1674 v2

News

Stay alert to email and online shopping scams this holiday season

Christmas and the summer holidays are just around the corner, but unfortunately not everyone sees it as the season of go

6 November 2020
2019 05 16 MTP 1212

Critical Controls

Password manager

Providing a password manager for your staff to store their passwords, or other secrets like alarm codes, is a great way

Advisory

QNAP NAS vulnerabilities exploited to deploy ransomware

29 April 2021

Guide

Unused services and protocols

Unused or older services and protocols often have their own vulnerabilities. Proactively scan your network for any that

CERT TEC 180518 WEB 56

News

Complacency makes Kiwis more vulnerable to cyber attacks

The volume and sophistication of financially-motivated cyber attacks has increased over the last six months, so it is cr

19 October 2020

Advisory

Vulnerabilities in Apple operating systems reportedly being actively exploited

4 May 2021
2019 05 10 MTP 0502

Critical Controls

Security awareness building

Cyber attackers often rely on human behaviour, such as clicking on links or downloading and opening/executing files, to

CERT TEC 180518 WEB 295 v2

News

Online recruitment scams

Looking for a new job can be stressful at the best of times. It’s even more challenging when people use the opportunity

10 September 2020

Guide

Hardening RDP if you have to use it

Understanding why RDP is necessary and who needs access are important when hardening the RDP server. For example, if sta

Advisory

Vulnerabilities in SonicWall Email Security actively exploited

21 April 2021

Guide

Secure defaults for macros

While macros have a valid business function, they are often used by attackers too. Using secure default configurations w