Featured Articles
SSS Internship Programme – providing opportunities to students to gain real-world experience
With COVID-19 and the subsequent closure of our borders, things have become more challenging for many organisations in New Zealand to secure the resources they need. […]
Recognising Excellence
With COVID-19 and the subsequent closure of our borders, things have become more challenging for many organisations in New Zealand to secure the resources they need. […]
SolarWinds critical vulnerability
Around 18:30 last night (14/12/2020) CERT NZ released an advisory regarding a critical vulnerability in the SolarWinds Orion network management platform. A known nation-state actor is actively exploiting this vulnerability and has already used it to compromise at least one major cybersecurity company (FireEye) and multiple US Government agencies (Department of the Treasury and the Commerce Department). […]
Junior Excellence in Digital Technology
It’s no secret that one of the biggest issues for IT security is the general shortage of talent. One solution is to expand the diversity of talent that we attract into our field. There is a perception from many of the students we speak to that IT Security is largely about Penetration Testing and IT […]
IMPORTANT ADVISORY: New Windows exploit lets an attacker instantly become admin
As of 18 September, there are many publicly available exploits circulating for this vulnerability. These exploits allow an attacker who can communicate with a domain controller, using the Netlogon-Remote Protocol (MS-NRPC), to gain Domain Administrator access. […]
Read More… from IMPORTANT ADVISORY: New Windows exploit lets an attacker instantly become admin
Recommended mitigations for DDoS attacks
The recent distributed denial-of-service (DDoS) attacks have had a major impact on several major organisations in New Zealand and many more globally. In the New Zealand Stock Exchange attack, it was noted that the attack was preceded by a ransomware note, and then further demands when the NZX did not comply. CERT NZ has some really […]
Partnership with ZX Security bringing digital penetration testing to SSS clients
We are proud to announce that we have recently partnered with ZX Security. ZX is a leader in penetration testing and the partnership enables us to provide you with a range of services to supplement our other capabilities. In conjunction with ZX, we can help you in a range of different areas that include: External penetration tests Internal penetration […]
Read More… from Partnership with ZX Security bringing digital penetration testing to SSS clients
Phriendly Phishing – new features
Phriendly Phishing has released exciting new features available to all existing subscribers. Spearphishing Add additional targeting to phishing campaigns. Spearphishing allows admins to create a specific email, target a specific person (or group of people) and deploy at specific times. Spearphishing is designed as a point in time assessment, to complement your current campaign learning […]
Switch & Save – Entrust SSL Certificates
Entrust Datacard is running a limited-time offer*. They are our partner and preferred provider for SSL / TLS certificates. Save 25% when you switch to Entrust Datacard SSL / TLS certificates Reliable CA Entrust Datacard is a reliable CA and industry pioneer for TLS/SSL certificates and meet and exceed the industry’s highest security standards. Flexible Subscription […]
