OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Delve into the fascinating narrative of how a love letter altered the landscape of computer
Delve into OnSecurity’s research on Go’s server-side template injection vulnerabilities, revealing potential for file reads
Unravel the simplicity of gRPC with Project Crobat. Learn to streamline development with gRPC and
A compilation of tricks and checks for when a file upload is encountered in an
Apple claims that its Mac computers are well protected by in-built antivirus features, and there
A computer hacker in the US was able to gain access to the water system
The myths surrounding cloud security hesitancy. Gain clarity on common misconceptions and make informed decisions
Learn 3 essential steps to enhance your cybersecurity posture, and effectively mitigate emerging zero-day vulnerabilities
Because so much of life is carried out online these days, it’s essential that you
Protecting the data, valuables and account information related to your business has become even more
Uncover the latest threat looming over government servers. The newfound vulnerability impacts Microsoft systems, leaving
Do you suspect a phishing attempt? Explore this guide for actionable steps on what to
Vulnerability scans look for known vulnerabilities in your systems, while penetration tests systemically exploit weaknesses
We love using Clubhouse to helps us develop our security projects
Learn proactive cyber threat prevention through threat modeling. Discover how to anticipate and mitigate security
Understand the most common high-impact penetration testing findings that OnSecurity’s testers discover and the steps to take to remediate them.
Many retailers face rising cyber threats. Discover key challenges and practical solutions to protect systems, data, and customer trust.
Protect your small business with our 7 essential cybersecurity tips. Learn about employee training, system updates, penetration testing, and MFA to safeguard against cyber threats and financial losses.
Discover how AI is transforming enterprise cybersecurity with smarter threat detection, proactive defence, and pentest automation.
Understanding the importance of cybersecurity for SaaS companies. Explore the awareness of threats and proactive measures to safeguard data and systems.
Duncan Butchart, VP of Sales at OnSecurity, shares insights into his 25-year career journey, the evolution of the cybersecurity industry, and how OnSecurity stands out with its expert team and customer-centric approach.
Learn what quishing is, how it works, and why it’s a major threat to businesses. Protect your data with OnSecurity’s penetration testing services.
Learn about brute force attacks in cyber security, how they work, types, signs to watch for, and ways to protect systems from unauthorised access and potential data breaches.
Ransomware can cripple businesses by locking critical data and demanding payment. Learn what ransomware is, how it works, and how penetration testing can help prevent attacks.
Protect your business from phishing scams with these 5 essential tips. Learn how to avoid phishing attacks and safeguard your data from cybercriminals.
What are the differences between ISO 27001 and SOC 2, Type 2? How can I choose the right cybersecurity framework for my organisation?
Learn the key differences between penetration testing vs. vulnerability scanning. Understand when to use each method for optimal cybersecurity protection.
From doctor to pentester: Archana Singh’s inspiring journey into cybersecurity shows how passion and resilience can shape new careers.
Explore the journeys of women in cybersecurity at OnSecurity, with insights from Product Manager Beth Watts on navigating and thriving in tech.
OnSecurity’s CEO emphasises a merit-based hiring approach, career development, and life/work balance. By nurturing talent, fostering a supportive workplace, and offering flexibility, OnSecurity has boosted productivity and employee satisfaction.
Penetration testing is a crucial investment in your organisation’s cybersecurity, but understanding the associated costs can be challenging. While there’s
External and internal penetration testing both exist as part of a broader cybersecurity strategy, supporting organisations in pinpointing vulnerabilities through
Firewall penetration testing is a method of locating, scoping, and penetrating a specific firewall to test an organisation’s network infrastructure.
The term “penetration testing” or “pentesting” might be familiar, but the different types available—and how each can enhance your business’s
Sometimes referred to as ‘internal infrastructure tests’, or ‘internal network tests’, internal penetration tests are the backbone of any thorough
External penetration testing methodology: what is it and how does it work? External penetration testing is a crucial cybersecurity measure
Cybercriminals are no longer targeting just the big players. In fact, small businesses are firmly in their sights too. With
Cyber threats are evolving, and every business – large or small – faces potential risks. A single vulnerability in your network infrastructure can lead to data breaches, financial losses and reputational damage. Network penetration testing is a proactive approach to uncover and address these vulnerabilities.
Mobile devices are firmly embedded as a huge part of daily life, and therefore making sure Android apps and devices
Maximise your pentest impact with OnSecurity’s guide on leveraging reports to enhance your security posture and confidently and quickly share results
What is Penetration Testing? Penetration Testing, otherwise known as “pentesting” or ethical hacking, is the beating heart of all good
Explore OnSecurity’s services and products for enhancing your organization’s security posture. Understand the importance of SOC 2 compliance requirements.
Discover now how our tester skillfully exploited multiple SQL injection vulnerabilities to extract valuable data from an application’s backend databases.
Cloud-native security systems are transforming the way businesses protect their digital assets. Built for the cloud, these systems offer dynamic and scalable solutions to defend against evolving threats. In this blog, we’ll explore what cloud-native security systems are and why they’re essential for modern businesses.
Highlighting a critical cybersecurity issue: Unauthorised access is inevitable wherever default credentials are used, underscoring the need for caution.
Craig has delved into his research on CVE-2019-11510, uncovering over 736 vulnerable hosts and sharing insights on this critical cybersecurity threat.
Do you suspect a phishing attempt? Explore this guide for actionable steps on what to do next. Get assistance in handling potential phishing incidents.
Explore the financial implications of data breaches, a frequent occurrence in today’s digital world. Learn about the actual costs behind a data breach.
Recently I was tasked to conduct an external infrastructure penetration test against a select few IP addresses of a certain
Uncover the mechanics of ransomware and prevention strategies to safeguard your network against cybercriminal tactics with OnSecurity’s expert insights
Explore Kerberos abuse techniques on Linux with our comprehensive guide. Delve into the available tools and methods for effective Kerberos exploitation.
Join Gus on a deep dive into crafting Jinja2 SSTI payloads from scratch. Explore bypass methods and various exploitation techniques in this insightful post.
Explore the buffer overflow vulnerability in Easy Chat Server 3.1. Gain insights into this security issue and how to successfully these mitigate risks.
A Penetration Testing Pro shows how social engineering works in the real world. Hackers techniques, real-life examples and practical tips on staying safe.
Gain insight and learn responsible cURL usage and secure scripting practices in this essential OnSecurity blog on web requests and data transfers. Read now.
Discover the challenges of managing extensive database audits and our innovative solution using Elasticsearch, a custom Node tool, and PostgreSQL triggers.
What is social engineering? This blog will define what is meant by ‘social engineering’ in cybersecurity, providing a breakdown of the behavioural techniques that cybercriminals use to manipulate their victims into giving up confidential information or allowing hackers access to secure areas.
Learn the definition of spear phishing and the potential threats it poses to businesses in this article, supported by real-life anecdotes of successful spear phishing attacks on organisations.
Discover the process and insights behind making Rapid7’s Project Sonar accessible and searchable. Explore the journey now within cybersecurity now.
Get insights into email phishing from an Ethical Hacking Veteran. Learn common tactics with real-world examples and practical tips for businesses & Individuals
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.