Security Blog
Practical cybersecurity guides for NZ businesses
Email Spoofing vs Phishing vs Impersonation: What NZ Staff Need to Know
Email Spoofing vs Phishing vs Impersonation: What NZ Staff Need to Know Email remains the single most common delivery mechanism for cyber attacks on New Zealand businesses. According to the NCSC, 40% of incidents responded to in Q4 202
Trend Micro Rebrands Enterprise Business to TrendAI: What NZ Businesses Need to Know
Trend Micro has announced a major rebrand of its enterprise business to TrendAI, signalling a strategic pivot toward AI-driven cybersecurity. Here's what the change means for New Zealand businesses and how to prepare.
How NIST's Cutback of CVE Handling Impacts Cyber Teams
The US National Institute of Standards and Technology (NIST) has scaled back its enrichment of CVE data in the National Vulnerability Database (NVD) — a resource that underpins vulnerability management worldwide, including here in New Zealand. For local security teams who rely on NVD data to triage
ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability
QNAP NAS devices are widely deployed across New Zealand businesses for file storage, backups, and surveillance. A newly disclosed vulnerability in the TS-453E's QVRPro plugin allows unauthenticated attackers on the same network segment to execute arbitrary code — making this a priority patch for any
MTA-STS Explained: Protect Your Domain from TLS Downgrade Attacks
MTA-STS is a modern email security standard that forces SMTP traffic to use strong TLS encryption, blocking downgrade and man-in-the-middle attacks. Here's how to deploy it properly for your New Zealand business.
DANE/TLSA Records Explained: Locking Down Mail Server Security with DNSSEC
DANE and TLSA records use DNSSEC to guarantee your mail server's TLS certificate is authentic — blocking downgrade attacks and man-in-the-middle interception. Here's how they work and how to deploy them for your New Zealand business.