OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Discover the differences between ethical hacking and penetration testing, how they protect your business from
Learn how Mike Oram, VP of engineering at OnSecurity, taught himself coding, and how to
Explore API pen testing, its benefits, common vulnerabilities, and best practices to strengthen your business’s
Explore OnSecurity’s services and products for enhancing your organisation’s security posture. Understand the importance of
Unravel the essentials of ISO 27001 certification in this blog. Explore critical insights and guidelines
Explore the intricacies of this vital framework designed to fortify businesses against diverse cyber threats.
The risks of typosquatting and its implications for online security. Explore cybercriminal tactics, real-world cases,
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security,
Understanding the importance of cybersecurity for SaaS companies. Explore the awareness of threats and proactive
Discover how we exploited a SSRF vulnerability in a web application to acquire API credentials
Delve into an overview of 2021’s significant data breaches. Explore the most notable incidents and
Phishing emails are very common. They are spam emails that land in your inbox or
What is Email Phishing a Definition ‘Phishing’ is a cyberattack in which email is the
Protect your startup from threat with 7 key security tips. Expert insights to fortify your
Join our unique and growing pen-testing company and showcase your talent. We’re seeking skilled pen-testers
For National Coding Week, we reached out to some of our software developers at OnSecurity to hear their perspective on
Learn about the key components of hybrid cloud security and the benefits and challenges of adopting a hybrid cloud environments and setups in business.
Uncover strategies for recognizing impending phishing attacks. This post details our proactive approach in warning a customer about a serious fraud attempt.
Discover crucial insights on the actively exploited Microsoft zero-day vulnerability. Protect your systems with expert advice and stay ahead of cyber threats.
Explore how remote working can define an organisation’s agility and crisis response, all while also considering the potential risks associated with the cloud security landscape.
Holyrood reports on the UK Government’s £700,000 fund initiative to expand the cyber security sector, signaling huge significant growth and development.
Microsoft email servers are being targeted by hackers after a series of vulnerabilities were detailed at a computer security conference in August
Stay informed with the latest strategies tackling cybercrime as governments announce robust plans. Dive into the blog for crucial cybersecurity updates.
Discover why over half of UK businesses are hiring CISOs to combat cyber threats, with OnSecurity’s updated insights on the evolving role in cybersecurity
Sony is a gigantic multipartite corporation that has been prone to multiple different types of hacks, find out why and how they improve their security posture
Explore the risks businesses face with internet-stored data and the prevalent distrust in online security, highlighting the need for robust protection.
“Online US retail giant Amazon has used its cloud operations to do a deal with the GCHQ, MI5, and MI6, The Financial Times reports.
Google’s very impressive record: Zero successful phishing attacks on a massive workforce of 140,000+ employees. Discover their security success story.
Online US retail giant Amazon has used its cloud operations to do a deal with the GCHQ, MI5, and MI6, The
Catch Of The Week Did you know that Google has never been the victim of a successful phishing attack? Not bad for
Explore the pros and cons of public and private cloud computing to determine the best fit for your needs. Learn how to secure any cloud environment with best practices.
Discover what an internal infrastructure test reveals about your systems. Gain insights to enhance security and performance. Read the article for more.
Discover what an ISMS is and how it enhances your organisation’s information security. Read our clear guide to implement effective management systems.
Discover the key differences between vulnerability assessment and penetration testing, and learn which approach is right for your security needs.
Discover what ISO 27001 entails and how it can enhance your information security. Read our comprehensive guide to strengthen your security framework.
Learn about LLM prompt injection attacks and exclusive tips and tricks on prompt injection defence in our latest expert blog.
LLM jailbreak guide: examples, attack types, and a practical testing checklist to identify vulnerabilities and boost model safety
Discover what AI red teaming is, why it’s essential for AI security, and how to start testing your systems for vulnerabilities before attackers do.
Discover how AI is transforming cybersecurity. Explore how hackers exploit AI, how defenders fight back, and who holds the upper hand in today’s AI cybersecurity battle
Discover essential LLM red teaming techniques to secure AI systems. Learn step-by-step frameworks, attack vectors & best practices.
Improve DevOps infrastructure security with post-pentest insights. Learn how to turn findings into action and protect your CI/CD pipeline effectively.
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and what it means for the future.
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks, practical defensive applications, and future trends in AI-powered security.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Do you suspect a phishing attempt? Explore this guide for actionable steps on what to do next. Get assistance in handling potential phishing incidents.
Dive deeper into Spear Phishing, a sophisticated cyber attack targeting specific individuals to gain unauthorized access to confidential data and files.
Explore the financial implications of data breaches, a frequent occurrence in today’s digital world. Learn about the actual costs behind a data breach.
Recently I was tasked to conduct an external infrastructure penetration test against a select few IP addresses of a certain
Uncover the mechanics of ransomware and prevention strategies to safeguard your network against cybercriminal tactics with OnSecurity’s expert insights
What is social engineering? This blog will define what is meant by ‘social engineering’ in cybersecurity, providing a breakdown of the behavioural techniques that cybercriminals use to manipulate their victims into giving up confidential information or allowing hackers access to secure areas.
Learn the definition of spear phishing and the potential threats it poses to businesses in this article, supported by real-life anecdotes of successful spear phishing attacks on organisations.
Discover the process and insights behind making Rapid7’s Project Sonar accessible and searchable. Explore the journey now within cybersecurity now.
Get insights into email phishing from an Ethical Hacking Veteran. Learn common tactics with real-world examples and practical tips for businesses & Individuals
Discover how you use Burpsuite Collaborator persistently for enhanced cybersecurity testing. Now it’s possible to leverage this tool more effectively.
Explore Kerberos abuse techniques on Linux with our comprehensive guide. Delve into the available tools and methods for effective Kerberos exploitation.
Join Gus on a deep dive into crafting Jinja2 SSTI payloads from scratch. Explore bypass methods and various exploitation techniques in this insightful post.
Explore the buffer overflow vulnerability in Easy Chat Server 3.1. Gain insights into this security issue and how to successfully these mitigate risks.
A Penetration Testing Pro shows how social engineering works in the real world. Hackers techniques, real-life examples and practical tips on staying safe.
Gain insight and learn responsible cURL usage and secure scripting practices in this essential OnSecurity blog on web requests and data transfers. Read now.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.