OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
A computer hacker in the US was able to gain access to the water system of Oldsmar in Florida and
The myths surrounding cloud security hesitancy. Gain clarity on common misconceptions and make informed decisions about cloud-based security solutions.
Learn 3 essential steps to enhance your cybersecurity posture, and effectively mitigate emerging zero-day vulnerabilities for comprehensive threat protection.
Because so much of life is carried out online these days, it’s essential that you take all the necessary steps
Protecting the data, valuables and account information related to your business has become even more vital as our workplaces have
Uncover the latest threat looming over government servers. The newfound vulnerability impacts Microsoft systems, leaving government infrastructures at risk.
Do you suspect a phishing attempt? Explore this guide for actionable steps on what to do next. Get assistance in
Vulnerability scans look for known vulnerabilities in your systems, while Penetration tests intend to exploit weaknesses in the architecture. How
We love using Clubhouse to helps us develop our security projects
Learn proactive cyber threat prevention through threat modeling. Discover how to anticipate and mitigate security incidents before they occur with
Dive deeper into Spear Phishing, a sophisticated cyber attack targeting specific individuals to gain unauthorized access to confidential data and
The continued impact of the pandemic has made working from home the new normal, rapidly accelerating digital transformation in companies
Craig has delved into his research on CVE-2019-11510, uncovering over 736 vulnerable hosts and sharing insights on this critical cybersecurity
Recruitment companies are a prime target for hackers. We go over the main aspects that recruitment companies should be careful
In this blog we uncover a huge data spill for Wishbone, revealing massive amounts of user data available for malicious
CEO explains his opinion on how AI is transforming cybersecurity. He explores how hackers exploit AI, how defenders fight back, and who holds the upper hand in today’s AI cybersecurity battle
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and what it means for the future.
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks, practical defensive applications, and future trends in AI-powered security.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Enforceable by January 2025, the EU’s Digital Operational Resilience Act (DORA) introduces a landmark EU regulation framework, designed to help
2024 has been a transformative year for the OnSecurity team, marked by progress and significant milestones. To celebrate the company’s
Many retailers face rising cyber threats. Discover key challenges and practical solutions to protect systems, data, and customer trust.
In the blink of an eye, artificial intelligence and emerging technology are shattering the old rules of cybersecurity, rendering traditional
ISO 27001 and SOC 2, Type 2 are two of the most prominent regulatory frameworks in the cybersecurity industry. While
Discover what the Digital Operational Resilience Act (DORA) means for cybersecurity in the financial sector. Learn the compliance requirements, and how to prepare with penetration testing.
Conor O’Neill is not your typical CEO. In 2023 he completed an Ironman marathon. He practises archery in his spare
For National Coding Week, we reached out to some of our software developers at OnSecurity to hear their perspective on
With the rise of remote and flexible work policies, many employees have adopted cafes, libraries, and other public spaces as
The term “penetration testing” or “pentesting” might be familiar, but the different types available—and how each can enhance your business’s
Sometimes referred to as ‘internal infrastructure tests’, or ‘internal network tests’, internal penetration tests are the backbone of any thorough
Ethical hacking and penetration testing are essential cybersecurity practices that uncover security vulnerabilities by simulating attacks on an organisation’s network.
External penetration testing methodology: what is it and how does it work? External penetration testing is a crucial cybersecurity measure
Maximise your pentest impact with OnSecurity’s guide on leveraging reports to enhance your security posture and confidently and quickly share results
What is Penetration Testing? Penetration Testing, otherwise known as “pentesting” or ethical hacking, is the beating heart of all good
Cloud-native security systems are transforming the way businesses protect their digital assets. Built for the cloud, these systems offer dynamic and scalable solutions to defend against evolving threats. In this blog, we’ll explore what cloud-native security systems are and why they’re essential for modern businesses.
Highlighting a critical cybersecurity issue: Unauthorised access is inevitable wherever default credentials are used, underscoring the need for caution.
Explore OnSecurity’s services and products for enhancing your organization’s security posture. Understand the importance of SOC 2 compliance requirements.
Discover now how our tester skillfully exploited multiple SQL injection vulnerabilities to extract valuable data from an application’s backend databases.
Discover the purpose of PCI DSS: securing card payments. OnSecurity offers PCI segmentation pentesting for businesses, ensuring a secure payment environment.
Explore our technique of using Server Side Request Forgery (SSRF) to successfully retrieve EC2 credentials, demonstrating advanced cybersecurity tactics.
Unveiling the risks of exposing cloud acces keys – particularly in reference to AWS (amazon web services) keys. This article shares a real example from a recent pen test conducted by our expert testers.
Here Tristan demonstrates how to reset any user’s password by altering the password reset functionality, revealing a crucial cybersecurity vulnerability responsible for password reset bugs and consequential exploits.
Discover how one of our pentesters found that client-side security controls hadn’t been enabled in our customer’s target application, allowing them to access features reserved for paying customers, as well as how we fixed it.
Protect your startup from threat with 7 key security tips. Expert insights to fortify your business against cyber threats and protect your startup’s IT
Explore these practical cybersecurity steps with OnSecurity’s guide. Make digital safety simple with seven effective measures to protect against hackers
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.