People are the weakest link
This sounds like a nightmare too impossible to happen. US soldiers putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’
It is alleged that US Soldiers were saving sensitive information on a couple of common flashcard sites, presumably of things they were trying to memorise and learn. Even worse, their settings were on ‘public’ not ‘private’
It’s a classic warning about the risk of people, however well intentioned, saving critical data online in places the organisation is unaware of, and can’t control. That’s why our new KARE for Security S2 plan helps identify use of these sites in your organisation.
US Soldiers Accidentally Leaked Nuclear Weapons Secrets: Report (gizmodo.com)
Shadow IT
Shadow IT is one of the largest threats to data privacy in organisations today.
It’s not necessarily because these sites are going to be hacked, although that’s always possible, but just because if you don’t know the tools are in use, then there is no way that you can manage them!
The first step to maintaining this data is to identify it! That’s why you need new tools that are cloud focused. If you’re still using the same old security tools that you used to use prior to the cloud, then you are not keeping up and we need to talk!
That New Windows Warning About Remote Desktop? Don’t Ignore It.
If you've opened a Remote Desktop connection file today and been greeted by an unfamiliar orange warning banner: "Caution: Unknown remote connection" then you are not imagining things. Microsoft has introduced new protections as part of its April 2026 cumulative...
Webinar Replay: Beyond Antivirus: Understanding MDR and ITDR for Modern Cyber Defence
Your traditional security isn't stopping today's attacks. Here's what will. The Problem Every NZ Business Faces Your business has antivirus software. You have firewalls. You've implemented email filtering. Yet cybercriminals are increasingly successful at bypassing...
When “Legitimate” Tools Are Used Illegitimately (like booking a meeting time)
Cyber awareness isn’t just about blocking malware — it’s about recognising intent. Recently, we received a callout from a client after a user received what initially appeared to be a genuine business opportunity. The email exchange seemed credible, replies were...
Could you get into trouble with the law if you lose a USB stick?
A lost USB stick can be a notifiable privacy breach. Here’s why that matters It sounds old school, but USB sticks are still floating around plenty of NZ businesses. A recent draft decision note from the Office of the Privacy Commissioner is a timely reminder...
Additional M365 Security Protection Rolled Out for our KARE Foundation Customers
Turning up your cyber-security Kinetics is busy rolling out an additional security protection for Kinetics KARE Foundation customers only, designed to stop a highly active and sophisticated phishing campaign currently targeting Microsoft 365 environments worldwide. ...
Your (Home/Small Business) Router Could Be Working for Criminals Right Now
Right now, somewhere in the world, a home or office router is quietly routing cybercriminal traffic, and its owner is completely unaware. That's the reality revealed by the discovery of KadNap, a sophisticated malware campaign that has become one of the most...
When Geopolitical Conflict Becomes Your IT Problem
Lessons from the Stryker Cyberattack A global medical technology company. 56,000 employees. Operations in 60 countries. And in March 2026, systems wiped across every one of them — not because of a data breach or ransomware, but because of a school bombing in Iran....
When AI Becomes the Attack Tool
What the Mexico Government Breach Means for Your Business A cyberattack that unfolded over December 2025 and January 2026 has changed how security professionals think about AI . New Zealand business leaders should take note. A single attacker jailbroke Anthropic's...
Your Phone Is a Target
Why Mobile Security Can't Be an Afterthought Think about everything on your smartphone or tablet right now: your email, your banking app, Microsoft 365, client communications, multifactor authentication codes, and a direct line into your company's cloud systems. Now...
Webinar Replay: Decoding SMB1001. Understanding Your Cybersecurity Maturity
Cybersecurity certification doesn't have to be complex or overwhelming. Understanding SMB1001: What is SMB1001 and why it was created specifically for organisations like yours The five certification levels (Bronze to Diamond) and what each means for your organisation...