Security Blog
Practical cybersecurity guides for NZ businesses
Email Spoofing vs Phishing vs Impersonation: What NZ Staff Need to Know
Email Spoofing vs Phishing vs Impersonation: What NZ Staff Need to Know Email remains the single most common delivery mechanism for cyber attacks on New Zealand businesses. According to the NCSC, 40% of incidents responded to in Q4 202
Trend Micro Rebrands Enterprise Business to TrendAI: What NZ Businesses Need to Know
Trend Micro has announced a major rebrand of its enterprise business to TrendAI, signalling a strategic pivot toward AI-driven cybersecurity. Here's what the change means for New Zealand businesses and how to prepare.
How NIST's Cutback of CVE Handling Impacts Cyber Teams
The US National Institute of Standards and Technology (NIST) has scaled back its enrichment of CVE data in the National Vulnerability Database (NVD) — a resource that underpins vulnerability management worldwide, including here in New Zealand. For local security teams who rely on NVD data to triage
ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability
QNAP NAS devices are widely deployed across New Zealand businesses for file storage, backups, and surveillance. A newly disclosed vulnerability in the TS-453E's QVRPro plugin allows unauthenticated attackers on the same network segment to execute arbitrary code — making this a priority patch for any
SPF Include Chain Limits: Why You Might Be Hitting PermError (And How to Fix It)
SPF records have a strict 10 DNS lookup limit, and it's easier to breach than you think. Here's why your SPF might be returning permerror, what's causing the bloat, and how to flatten your include chain without breaking mail flow.
DMARC Explained: The None to Quarantine to Reject Progression
DMARC enforcement isn't a switch you flip overnight. Learn how to safely progress from monitoring (p=none) to quarantine, and finally to reject — protecting your domain from spoofing without losing legitimate email.
How to Set Up DKIM for Google Workspace and Microsoft 365: A Step-by-Step Guide
DKIM is one of the three pillars of modern email authentication, alongside SPF and DMARC. This guide walks New Zealand businesses through setting up DKIM on both Google Workspace and Microsoft 365, with practical DNS examples and troubleshooting tips.
How to Get Removed from Email Blacklists: A Step-by-Step Guide for NZ Businesses
Finding your domain or IP on an email blacklist can cripple your communications overnight. This guide walks New Zealand businesses through identifying the cause, requesting delisting, and preventing future listings.
What is BIMI and How to Add Your Logo to Gmail: A Complete NZ Business Guide
BIMI (Brand Indicators for Message Identification) lets your logo appear next to emails in Gmail and other inboxes. Here's what BIMI is, why it matters for New Zealand businesses, and exactly how to set it up.