Ngā Aratohu Technical guides

Practical information on keeping systems and data safe from attack.

Ransomware attacks are becoming increasingly common and sophisticated. This is how CERT NZ’s critical controls can help.

Understanding why RDP is necessary and who needs access are important when hardening the RDP server. For example, if sta

There are multiple ways to manage a denial-of-service (DoS) incident and the way you respond depends on the controls yo

Denial-of-service (DoS) attacks aim to exhaust your resources and take your operations offline. They can have a signific

CERT NZ has seen a lot of phishing attacks on Microsoft 365, due to it being a commonly used cloud platform. A percentag

When your business experiences a cyber security incident, it’s easy to forget that responding to the technical issue is

We see a large number of Microsoft 365 (formally known as Office 365) branded phishing attacks, due to it being such a c

Using a combination of authentication security controls can protect your organisation from a wide range of unauthorised

While macros have a valid business function, they are often used by attackers too. Using secure default configurations w

Using single sign-on with a large cloud identity provider allows your users to protect fewer passwords and your IT staff

If you find a vulnerability in a service or product, you should report it to the individual or organisation (the 'vendor

A mobile device is any portable device that can access and hold organisational data. It's important to secure these devi