OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Ensure secure fintech mergers with penetration testing best practices. Learn how to reduce risk, protect
Discover how often different industries may need to complete penetration testing to keep their businesses
Discover the true cost of a retail data breach and why regular penetration testing is
Understand the most common high-impact penetration testing findings that OnSecurity’s testers discover and the steps
Many retailers face rising cyber threats. Discover key challenges and practical solutions to protect systems,
Protect your small business with our 7 essential cybersecurity tips. Learn about employee training, system
Find out why you need to protect your business against zero-click malware. Discover the best
Discover how AI is transforming enterprise cybersecurity with smarter threat detection, proactive defence, and pentest
Learn what MFA fatigue is, why it poses a security risk, and discover practical steps
Learn how to build effective cybersecurity policies for your small business. Practical steps to protect
Understanding the importance of cybersecurity for SaaS companies. Explore the awareness of threats and proactive
Duncan Butchart, VP of Sales at OnSecurity, shares insights into his 25-year career journey, the
Discover how enterprise businesses can tackle remote working cybersecurity risks with pentesting, clear policies, and
Discover 5 effective ways to protect your business from deepfake scams, including employee training, testing
Discover the top 5 CREST-accredited penetration testing service providers in the UK, and find out
Dive into the alarming rise of Ryuk ransomware since 2018, which has accumulated over $150 million, showcasing its global financial impact and danger.
A compilation of tricks and checks for when a file upload is encountered in an offensive security test.
Unravel the simplicity of gRPC with Project Crobat. Learn to streamline development with gRPC and empower your projects. Dive into our blog for insights!
Delve into the fascinating narrative of how a love letter altered the landscape of computer security perpetually. Uncover this tale of technological evolution.
One of the biggest growing problems in computer security is the growing proliferation of cyberattacks which are far more open and threatening in nature.
The myths surrounding cloud security hesitancy. Gain clarity on common misconceptions and make informed decisions about cloud-based security solutions.
Explore the methods targeting LinkedIn users through phishing scams and gain insights into the everyday tactics used by cybercriminals to exploit you further.
A computer hacker in the US was able to gain access to the water system of Oldsmar in Florida and successfully increased the amount of sodium hydroxide.
Uncover the latest threat looming over government servers. The newfound vulnerability impacts Microsoft systems, leaving government infrastructures at risk.
The continued impact of the pandemic has made working from home the new normal, rapidly accelerating digital transformation in companies
We love using Clubhouse to helps us develop our security projects
Launched in 2015, Wishbone is a social networking app that encourages users to have their say in comparisons of everything
Uncovering what went wrong with TravelEx. Investigating ransomware designed to take over the network and block access to file networks.
In this blog we uncover a huge data spill for Wishbone, revealing massive amounts of user data available for malicious actors to share and exploit.
What happened in 2014 when Sony became the victim of an attack? Explore how Wiper malware was deployed and crippled the large corporation’s network.
Penetration testing is a crucial investment in your organisation’s cybersecurity, but understanding the associated costs can be challenging. While there’s
External and internal penetration testing both exist as part of a broader cybersecurity strategy, supporting organisations in pinpointing vulnerabilities through
Firewall penetration testing is a method of locating, scoping, and penetrating a specific firewall to test an organisation’s network infrastructure.
The term “penetration testing” or “pentesting” might be familiar, but the different types available—and how each can enhance your business’s
Sometimes referred to as ‘internal infrastructure tests’, or ‘internal network tests’, internal penetration tests are the backbone of any thorough
External penetration testing methodology: what is it and how does it work? External penetration testing is a crucial cybersecurity measure
Cybercriminals are no longer targeting just the big players. In fact, small businesses are firmly in their sights too. With
Cyber threats are evolving, and every business – large or small – faces potential risks. A single vulnerability in your network infrastructure can lead to data breaches, financial losses and reputational damage. Network penetration testing is a proactive approach to uncover and address these vulnerabilities.
Mobile devices are firmly embedded as a huge part of daily life, and therefore making sure Android apps and devices
Maximise your pentest impact with OnSecurity’s guide on leveraging reports to enhance your security posture and confidently and quickly share results
What is Penetration Testing? Penetration Testing, otherwise known as “pentesting” or ethical hacking, is the beating heart of all good
Discover now how our tester skillfully exploited multiple SQL injection vulnerabilities to extract valuable data from an application’s backend databases.
Cloud-native security systems are transforming the way businesses protect their digital assets. Built for the cloud, these systems offer dynamic and scalable solutions to defend against evolving threats. In this blog, we’ll explore what cloud-native security systems are and why they’re essential for modern businesses.
Highlighting a critical cybersecurity issue: Unauthorised access is inevitable wherever default credentials are used, underscoring the need for caution.
Explore OnSecurity’s services and products for enhancing your organization’s security posture. Understand the importance of SOC 2 compliance requirements.
Phishing, a cyber-crime that targets victims through email, has become the most common form of online attack. Hackers will attempt
Safeguard your inbox against cyber threats. Explore our expert insights on spotting and avoiding phishing attempts to enhance your online security strategy.
Explore the financial implications of data breaches, a frequent occurrence in today’s digital world. Learn about the actual costs behind a data breach.
Recently I was tasked to conduct an external infrastructure penetration test against a select few IP addresses of a certain
Uncover the mechanics of ransomware and prevention strategies to safeguard your network against cybercriminal tactics with OnSecurity’s expert insights
Discover how you use Burpsuite Collaborator persistently for enhanced cybersecurity testing. Now it’s possible to leverage this tool more effectively.
Explore Kerberos abuse techniques on Linux with our comprehensive guide. Delve into the available tools and methods for effective Kerberos exploitation.
Join Gus on a deep dive into crafting Jinja2 SSTI payloads from scratch. Explore bypass methods and various exploitation techniques in this insightful post.
Explore the buffer overflow vulnerability in Easy Chat Server 3.1. Gain insights into this security issue and how to successfully these mitigate risks.
A Penetration Testing Pro shows how social engineering works in the real world. Hackers techniques, real-life examples and practical tips on staying safe.
Gain insight and learn responsible cURL usage and secure scripting practices in this essential OnSecurity blog on web requests and data transfers. Read now.
Discover the challenges of managing extensive database audits and our innovative solution using Elasticsearch, a custom Node tool, and PostgreSQL triggers.
What is social engineering? This blog will define what is meant by ‘social engineering’ in cybersecurity, providing a breakdown of the behavioural techniques that cybercriminals use to manipulate their victims into giving up confidential information or allowing hackers access to secure areas.
Learn the definition of spear phishing and the potential threats it poses to businesses in this article, supported by real-life anecdotes of successful spear phishing attacks on organisations.
Discover the process and insights behind making Rapid7’s Project Sonar accessible and searchable. Explore the journey now within cybersecurity now.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.