The phew Top Ten Greatest Hits (…Of Vulnerabilities)

First Up, The OWASP Top 10 Many of you who work or have backgrounds in web application development or cyber security will be familiar with the OWASP Top 10 project. The OWASP Top 10 is a standard awareness document for developers and web application security, which represents a broad consensus about the most critical security [...]

2023-05-20T08:34:32+12:0018 October 2022|

phew joins Government Marketplace for Information Security Professional Services

We are delighted to announce that phew has been recognised as an approved supplier of security services on the New Zealand Government's Marketplace, through a Collaborative Marketplace Agreement. phew has joined the Information Security Professional Services Panel alongside other approved suppliers to the Government, listed on MBIE's procurement platform, Marketplace, under the 'Source Code, Application [...]

2023-05-20T08:35:13+12:006 September 2022|

CERT NZ Quarterly Update Q1 2022

The Latest from CERT NZ What's New? CERT NZ is a central organisation that receives cyber incident reports from both individuals and businesses. It tracks attacks and incidents, and provides advice and alerts. The quarterly updates from CERT provide a valuable snapshot of what's going on with cyber security in NZ, and give us a [...]

2023-05-20T08:36:03+12:0030 May 2022|

Discovering and Patching Vulnerabilities

Background Software is constantly changing. Application and package authors tweak and update existing code more or less continually to provide features, improvements, fixes and workarounds. Also, most software is constructed, at least in part, from third party or open source components or packages, such that large parts of the code are integrated by, but not [...]

2022-03-17T11:47:50+12:0017 March 2022|

Was Kaseya A Supply-Chain Attack, And Why Does It Matter?

If the Kaseya attack was a "supply-chain attack" in terms of the industry accepted definition then it is a stretch of that definition. The distinction is important, because software supply-chain compromises are harder for customers of software solutions to detect using usual defensive measures, and generally involve exploitation techniques that fall outside the scope of [...]

2021-08-11T09:46:09+12:0010 August 2021|

Cert NZ Quarterly Update Q1 2021

What's New? Cert NZ has released its first quarterly report for 2021. The Cert NZ reports provide an interesting snapshot of recent cyber security incidents reported by both individuals and organisations in New Zealand. The latest report shows that a total of 1,431 incident reports were made to CERT NZ in the first quarter of [...]

2021-06-19T08:32:45+12:008 June 2021|

Pen-testing: The What, Why and How

Online Security Online apps and tools have become an integral part of how we live and work. If you own or run one of these systems, you will be aware of the constant threat of a cyberattack, and the risks this poses to your business. If you use cloud services you should also be aware [...]

2021-03-24T14:10:10+12:0024 March 2021|

Spotting Covid-19 Scams

As you might expect, the bad guys are trying to use the global Covid-19 pandemic for malicious purposes.  The hunger for information, plus the disruption from half the world going into lock-down, perhaps combined with increased receptiveness to community support, all make this a pandemic rich and morally decrepit online hunting ground. The purpose of [...]

2020-03-30T10:43:58+12:0026 March 2020|

Safe Remote Working

Many of us are already working from home (WFH), to do whatever we can to "flatten the curve" and reduce the potential burden on our healthcare system for those who need it, and those who have to operate in it.  Even more people are likely to start working from home this week, as we head [...]

2020-03-24T10:28:01+12:0024 March 2020|

Free Tools for Working from Home

The Coronavirus/Covid-19 pandemic is causing ongoing global disruption, in addition to the obvious illness and loss of life in most corners of the globe. Many countries are at different levels of lock-down, supported by the requirement or strong advice to work from home (WFH) if you possibly can.  This is putting some strain on the [...]

2020-03-20T15:30:31+12:0020 March 2020|
phew cyber security sorted

We’d love to hear from you