OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Explore Docker’s security aspects: Understand how taking precautions is crucial to avoid vulnerabilities in this
The best practices with OnSecurity’s cyber security checklist 2023. Identify crucial steps to protect data
A simple bug in the ‘forgotten password’ and password reset mechanism led to a malicious
Penetration testing is a mostly manual process carried out by experienced consultants, using some of
Discover how one of our pentesters found that client-side security controls hadn’t been enabled in
Here we delve into the evolution of ransomware with OnSecurity’s article on Triple Extortion ransomware
Delve into an effective external vulnerability scanning strategy and adopt best practices. This guide offers
Discover why over half of UK businesses are hiring CISOs to combat cyber threats, with
New report reveals increasing cyber threats to drilling rigs, potentially leading to severe safety incidents.
Explore how remote working can define an organisation’s agility and crisis response, all while also
Discover crucial insights on the actively exploited Microsoft zero-day vulnerability. Protect your systems with expert
Stay informed with the latest strategies tackling cybercrime as governments announce robust plans. Dive into
Microsoft email servers are being targeted by hackers after a series of vulnerabilities were detailed
Holyrood reports on the UK Government’s £700,000 fund initiative to expand the cyber security sector,
Learn how external vulnerability scanning can support your organisation in achieving operational resilience in this
Explore the top penetration testing challenges CISOs face in 2025 and how AI-powered continuous pentesting is reshaping security assurance.
CEO explains his opinion on how AI is transforming cybersecurity. He explores how hackers exploit AI, how defenders fight back, and who holds the upper hand in today’s AI cybersecurity battle
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and what it means for the future.
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks, practical defensive applications, and future trends in AI-powered security.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Enforceable by January 2025, the EU’s Digital Operational Resilience Act (DORA) introduces a landmark EU regulation framework, designed to help
2024 has been a transformative year for the OnSecurity team, marked by progress and significant milestones. To celebrate the company’s
In the blink of an eye, artificial intelligence and emerging technology are shattering the old rules of cybersecurity, rendering traditional
ISO 27001 and SOC 2, Type 2 are two of the most prominent regulatory frameworks in the cybersecurity industry. While
Many retailers face rising cyber threats. Discover key challenges and practical solutions to protect systems, data, and customer trust.
Discover what the Digital Operational Resilience Act (DORA) means for cybersecurity in the financial sector. Learn the compliance requirements, and how to prepare with penetration testing.
With the rise of remote and flexible work policies, many employees have adopted cafes, libraries, and other public spaces as
Conor O’Neill is not your typical CEO. In 2023 he completed an Ironman marathon. He practises archery in his spare
What is a penetration test and why should I get one? A penetration test (aka pen-test), is an authorised simulated
Discover effective strategies to streamline and simplify penetration testing. Learn how to alleviate the complexities for a more efficient testing process.
Recruitment companies are a prime target for hackers. We go over the main aspects that recruitment companies should be careful of with their CyberSecurity
Phishing, a cyber-crime that targets victims through email, has become the most common form of online attack. Hackers will attempt
Recently I was tasked to conduct an external infrastructure penetration test against a select few IP addresses of a certain
Uncover the mechanics of ransomware and prevention strategies to safeguard your network against cybercriminal tactics with OnSecurity’s expert insights
Explore the financial implications of data breaches, a frequent occurrence in today’s digital world. Learn about the actual costs behind a data breach.
Discover the process and insights behind making Rapid7’s Project Sonar accessible and searchable. Explore the journey now within cybersecurity now.
Get insights into email phishing from an Ethical Hacking Veteran. Learn common tactics with real-world examples and practical tips for businesses & Individuals
Discover how you use Burpsuite Collaborator persistently for enhanced cybersecurity testing. Now it’s possible to leverage this tool more effectively.
Explore Kerberos abuse techniques on Linux with our comprehensive guide. Delve into the available tools and methods for effective Kerberos exploitation.
Join Gus on a deep dive into crafting Jinja2 SSTI payloads from scratch. Explore bypass methods and various exploitation techniques in this insightful post.
Explore the buffer overflow vulnerability in Easy Chat Server 3.1. Gain insights into this security issue and how to successfully these mitigate risks.
A Penetration Testing Pro shows how social engineering works in the real world. Hackers techniques, real-life examples and practical tips on staying safe.
Gain insight and learn responsible cURL usage and secure scripting practices in this essential OnSecurity blog on web requests and data transfers. Read now.
Discover the challenges of managing extensive database audits and our innovative solution using Elasticsearch, a custom Node tool, and PostgreSQL triggers.
What is social engineering? This blog will define what is meant by ‘social engineering’ in cybersecurity, providing a breakdown of the behavioural techniques that cybercriminals use to manipulate their victims into giving up confidential information or allowing hackers access to secure areas.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.