Skip to main content
Cert logo Created with Sketch. Return to homepage

Main navigation

  • IT specialists
    • Advisories
    • Critical controls
      • Critical controls
      • Patching
        • Patching
        • Implementation advice for patching
        • Creating a standard patching process
        • Report an incident
      • Legacy systems
        • Legacy systems
        • Identifying and managing legacy systems
        • Mitigating legacy systems
        • Report an incident
      • Application whitelisting
        • Application whitelisting
        • Implementing application whitelisting
        • Report an incident
      • Default credentials
        • Default credentials
        • Changing default credentials
        • Report an incident
      • Multi-factor authentication
        • Multi-factor authentication
        • Implementing multi-factor authentication
        • Report an incident
      • Report an incident
    • Guides
    • Report an incident
  • Businesses and individuals
    • Recent threats
      • Recent threats
      • Misuse of Cisco devices
      • Cisco Smart Install misuse
      • Memcached reflection denial-of-service
      • Meltdown and Spectre vulnerabilities in computer processors
      • Certain TLS-RSA implementations susceptible to ROBOT attack
      • Bad Rabbit Ransomware affecting Eastern European networks
      • Ransomware, called Bad Rabbit, affecting international systems
      • KRACK attack: Security weaknesses affecting Wi-Fi enabled devices
      • Kovter malware being distributed on adult websites
      • Email compromise and invoice scam
      • Webcam blackmail scam
      • NotPetya ransomware campaign targeting Microsoft Windows computers
      • New ransomware campaign known as NotPetya
      • Meltdown and Spectre CPU vulnerabilities
      • Phone scammers claiming to provide WannaCry ransomware support
      • WannaCry Ransomware used in large scale international attacks
      • Shadow Brokers release of software vulnerabilities
      • 1 billion username and password credentials released
      • Anti Public and Exploit.in release of credentials
      • Google Docs phishing attack
      • Global campaign targeting multi-national IT service providers
      • Phone scammers claiming to be from CERT NZ
      • Phone scam affecting businesses and government organisations
      • MPI phishing scam
      • Onliner Spambot release of 711 million credentials
      • BlueBorne: Bluetooth security vulnerabilities
      • BlueBorne: Security vulnerabilities affecting Bluetooth devices
      • Office 365 phishing and credential harvesting campaign
      • KRACK attack: security vulnerabilities in WPA1+2
      • ROCA: Major security flaw in crypto keys discovered
      • RealMe phishing emails
      • MikroTik RouterOS vulnerability
      • S/MIME and OpenPGP email client vulnerability
      • VPNFilter malware
      • New malware found on routers
      • Report an issue
    • Explore
      • Explore
      • Credential dumps
      • Report an issue
    • Guides
      • Guides
      • Simple steps to cyber security
        • Simple steps to cyber security
        • Getting started with cyber security
        • Keeping your mobile phone safe and secure
        • Cyber security and social media
        • Report an issue
      • Cyber security and your business
        • Cyber security and your business
        • Protecting your business from spear phishing and whaling
        • Using two-factor authentication (2FA) to secure your business
        • Benefits of making your website use HTTPS
        • Incident response: planning for when things go wrong
        • Report an issue
      • Keeping yourself safe and secure online
        • Keeping yourself safe and secure online
        • Buying a new device
        • Keep your data safe with a password manager
        • How to create a good password
        • How the cloud works
        • Use two-factor authentication to protect your accounts
        • Backing up data and devices
        • Ditch your older device
        • Shopping online safely
        • Cryptocurrency security
        • Report an issue
      • Report an issue
    • Report an issue
  • About
    • About us
    • Quarterly report
      • Quarterly report
      • Quarter One Report 2018
      • Quarter Four Report 2017
      • Quarter Three Report 2017
      • Quarter Two Report 2017
    • Our partners
    • Contact us
Subscribe to updates Group 18 Copy 6 Created with Sketch.
Twitter updates Fill 1 Copy 4 Created with Sketch.

Advisories

Our advisories highlight current cyber security threats and vulnerabilities in New Zealand, and provide guidance on how to mitigate their impact.

Subscribe to our updates above to be notified as soon as we publish an advisory.

07 Jun 2018

VPNFilter malware

Newly identified malware called VPNFilter gives attackers the ability to control the router and see the data that flows through it.

 15 May 2018

S/MIME and OpenPGP email client vulnerability

CERT NZ is aware of a new vulnerability in email clients and their use of OpenPGP and S/MIME, which are two major standards for providing end-to-end encryption for emails.

 18 Apr 2018

Cisco Smart Install misuse

CERT NZ is aware of an active campaign targeting Cisco devices with Smart Install (SMI) enabled.

 29 Mar 2018

MikroTik RouterOS vulnerability

CERT NZ has been informed of an active attack targeting MikroTik RouterOS devices.

28 Feb 2018

Memcached reflection denial-of-service

CERT NZ has been informed of an active attack that is using memcached servers to perform a reflected denial-of-service (DoS) attack.

08 Jan 2018

Meltdown and Spectre CPU vulnerabilities

Researchers have found multiple vulnerabilities in computer processors which may allow attackers to extract information from affected systems, including passwords and other sensitive data.

Show More

Footer

  • About us
  • Contact us
  • Traffic light protocol

  • © 2018 CERTNZ

  • Copyright
  • Disclaimer
  • Privacy and information statement
NZ coat of arms logo New Zealand Government NZ govt logo Created with Sketch.

>Glossary Term

Subscription options