Security Blog
Practical cybersecurity guides for NZ businesses
How NIST's Cutback of CVE Handling Impacts Cyber Teams
The US National Institute of Standards and Technology (NIST) has scaled back its enrichment of CVE data in the National Vulnerability Database (NVD) — a resource that underpins vulnerability management worldwide, including here in New Zealand. For local security teams who rely on NVD data to triage
ZDI-26-292: QNAP TS-453E QVRPro excpostgres Exposed Dangerous Method Remote Code Execution Vulnerability
QNAP NAS devices are widely deployed across New Zealand businesses for file storage, backups, and surveillance. A newly disclosed vulnerability in the TS-453E's QVRPro plugin allows unauthenticated attackers on the same network segment to execute arbitrary code — making this a priority patch for any
SPF Include Chain Limits: Why You Might Be Hitting PermError (And How to Fix It)
SPF records have a strict 10 DNS lookup limit, and it's easier to breach than you think. Here's why your SPF might be returning permerror, what's causing the bloat, and how to flatten your include chain without breaking mail flow.
How to Set Up DKIM for Google Workspace and Microsoft 365: A Step-by-Step Guide
DKIM is one of the three pillars of modern email authentication, alongside SPF and DMARC. This guide walks New Zealand businesses through setting up DKIM on both Google Workspace and Microsoft 365, with practical DNS examples and troubleshooting tips.
DMARC Explained: The None to Quarantine to Reject Progression
DMARC enforcement isn't a switch you flip overnight. Learn how to safely progress from monitoring (p=none) to quarantine, and finally to reject — protecting your domain from spoofing without losing legitimate email.
MTA-STS Explained: Protect Your Domain from TLS Downgrade Attacks
MTA-STS is a modern email security standard that forces SMTP traffic to use strong TLS encryption, blocking downgrade and man-in-the-middle attacks. Here's how to deploy it properly for your New Zealand business.
How to Get Removed from Email Blacklists: A Step-by-Step Guide for NZ Businesses
Finding your domain or IP on an email blacklist can cripple your communications overnight. This guide walks New Zealand businesses through identifying the cause, requesting delisting, and preventing future listings.
What is BIMI and How to Add Your Logo to Gmail: A Complete NZ Business Guide
BIMI (Brand Indicators for Message Identification) lets your logo appear next to emails in Gmail and other inboxes. Here's what BIMI is, why it matters for New Zealand businesses, and exactly how to set it up.
Email Deliverability Checklist for New Zealand Businesses: The Complete 2025 Guide
Emails landing in spam? This comprehensive deliverability checklist helps New Zealand businesses get messages into the inbox. Covers authentication, sender reputation, content hygiene and ongoing monitoring — with NZ-specific examples.