IT specialists

Practical information on keeping systems and data safe from attack.

nadia yousef

News

Spotlight on ransomware

CERT NZ Incident Response Manager Nadia Yousef provides an insight into ransomware and how organisations can protect the

16 July 2021

Advisory

Apple iMessage vulnerability being exploited

14 September 2021

Guide

Mobile device management

A mobile device is any portable device that can access and hold organisational data. It's important to secure these devi

CERT TEC 180518 WEB 268

Critical Controls

Patching

Keeping your software up-to-date is one of the most simple and effective steps to take, to ensure your environment stays

Advisory

Active scanning for Microsoft Exchange Proxyshell vulnerability

8 August 2021

Guide

Traffic light protocol

The traffic light protocol (TLP) is a set of designations used to ensure that sensitive information is shared with the c

CERT TEC 180518 WEB 245

Critical Controls

Implement and test backups

After an incident, restoring your data from backups is often the best way to return to business as usual. Performing and

Guide

How to report a vulnerability

If you find a vulnerability in a service or product, you should report it to the individual or organisation (the 'vendor

2019 05 16 MTP 0632

Critical Controls

Application allowlisting

Application allowlisting (otherwise known as whitelisting) is a method of strictly controlling what programs can be run

Advisory

SonicWall EOL Devices Targeted by Ransomware

15 July 2021

q1 2021 quarterly report card

News

Cyber security incidents continue to rise

CERT NZ’s latest report shows Kiwis reported more than 1,400 cyber security incidents from 1 January to 31 March.

3 June 2021

Advisory

Vulnerability in SolarWinds Serv-U Fileserver being Exploited

13 July 2021

CERT TEC 180518 WEB 83

Critical Controls

Principle of least privilege

The principle of least privilege means only having the access you need to do your job. Restricting the level access to o

Guide

Reporting a vulnerability to CERT NZ

A vulnerability is a weakness in software, hardware, or an online service. Vulnerabilities can be exploited to damage a

CERT TEC 180518 WEB 83 v2

Critical Controls

Centralised logging

Storing and securing your logs in a central place makes log analysis and alerting easier.

Guide

Default credentials

Change the passwords on any systems that come with default credentials before you use the systems in your environment.