OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Phishing, a cyber-crime that targets victims through email, has become the most common form of
Launched in 2015, Wishbone is a social networking app that encourages users to have their
Uncover the mechanics of ransomware and prevention strategies to safeguard your network against cybercriminal tactics
Explore the financial implications of data breaches, a frequent occurrence in today’s digital world. Learn
What happened in 2014 when Sony became the victim of an attack? Explore how Wiper
Recently I was tasked to conduct an external infrastructure penetration test against a select few
Preventing complacency in testers is crucial to ensuring you have a successful test. Learn about
Get insights into email phishing from an Ethical Hacking Veteran. Learn common tactics with real-world
Explore the future of pentest reports as we unveil the next-generation approach. Discover what’s on
Discover the challenges of managing extensive database audits and our innovative solution using Elasticsearch, a
A Penetration Testing Pro shows how social engineering works in the real world. Hackers techniques,
Join Gus on a deep dive into crafting Jinja2 SSTI payloads from scratch. Explore bypass
Discover how you use Burpsuite Collaborator persistently for enhanced cybersecurity testing. Now it’s possible to
Join Gus, explore advanced techniques for detecting and exploiting SQL Injection vulnerabilities in PostgreSQL-based web
Effortlessly obtain a penetration testing quote online without sales calls. Experience a streamlined, hassle-free process
The EU AI Act sets strict rules for AI providers and users. Learn who it applies to, key risk categories, compliance steps, and what businesses must do to prepare.
OnSecurity secures award highlighting the breakthrough year of growth, innovation and AI-augmented cybersecurity
Discover the top emerging AI security risks in 2026, including AI-driven phishing, autonomous agents, model attacks, shadow AI, and governance gaps.
Build a proactive cybersecurity culture. Learn how CISOs can drive lasting behavioural change, boost awareness, and reduce cyber risks
Turn penetration test results into action. Follow this step-by-step remediation checklist to fix vulnerabilities and boost security.
Learn 9 key cybersecurity metrics boards care about to prove ROI, reduce risk, and align security with business goals.
Explore the top penetration testing challenges CISOs face in 2025 and how AI-powered continuous pentesting is reshaping security assurance.
CEO explains his opinion on how AI is transforming cybersecurity. He explores how hackers exploit AI, how defenders fight back, and who holds the upper hand in today’s AI cybersecurity battle
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and what it means for the future.
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks, practical defensive applications, and future trends in AI-powered security.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Enforceable by January 2025, the EU’s Digital Operational Resilience Act (DORA) introduces a landmark EU regulation framework, designed to help
2024 has been a transformative year for the OnSecurity team, marked by progress and significant milestones. To celebrate the company’s
Learn how OnSecurity evolved from the vision of a few founders to an industry-leading pentest provider, as shared by one of its founding members.
Learn how iOS penetration testing uncovers vulnerabilities in your mobile apps, ensuring robust security and protecting user data on Apple devices.
What are the differences between ISO 27001 and SOC 2, Type 2? How can I choose the right cybersecurity framework for my organisation?
Ensure your Open Banking APIs meet regulatory standards with robust security testing. Learn key methods, risks, and compliance best practices.
Discover the top 10 fintech app security vulnerabilities found in 2025, plus practical fixes to help your team improve security and reduce cyber risk.
Learn the essentials of hashing in cyber security, its importance, and practical applications. Discover how it protects data integrity—read more now!
Ensure secure fintech mergers with penetration testing best practices. Learn how to reduce risk, protect data, and support due diligence during M&A deals.
Discover how often different industries may need to complete penetration testing to keep their businesses secure. Uncover which factors affect pentesting frequency.
Discover the true cost of a retail data breach and why regular penetration testing is a smart, ROI-positive investment, not just a compliance requirement.
Understand the most common high-impact penetration testing findings that OnSecurity’s testers discover and the steps to take to remediate them.
Discover the top 5 CREST-accredited penetration testing service providers in the UK, and find out what sets them apart. Uncover the best penetration testing services for your business.
Penetration tester Leonard Matara shares key insights on pentest pitfalls, security strategy, and the need for continuous testing.
Learn what quishing is, how it works, and why it’s a major threat to businesses. Protect your data with OnSecurity’s penetration testing services.
Discover how AI-powered penetration testing enhances traditional methods, boosts efficiency, and strengthens your security posture, combining human expertise with automation for smarter protection.
Learn how to save time and money on penetration testing with expert tips to balance cost, quality, and security.
Learn how external vulnerability scanning can support your organisation in achieving operational resilience in this blog.
Delve into an effective external vulnerability scanning strategy and adopt best practices. This guide offers a very comprehensive understanding of the role they play.
New report reveals increasing cyber threats to drilling rigs, potentially leading to severe safety incidents. Understand the emerging vulnerabilities.
Here we delve into the evolution of ransomware with OnSecurity’s article on Triple Extortion ransomware tactics that threaten not just data, but a companies reputation
New research shows the prevalence of email phishing as the top cyber threat, tricking firms into revealing information through reputable sender disguises.
CVE-2021-44228: A new high profile zero-day vulnerability affecting large number of Java applications through a vulnerable version of the widely-used library Apache log4j.
Protecting the data, valuables and account information related to your business has become even more vital as our workplaces have
Apple claims that its Mac computers are well protected by in-built antivirus features, and there is no need to worry about extra security – how true is this?
Delve into OnSecurity’s research on Go’s server-side template injection vulnerabilities, revealing potential for file reads and RCE exploits. Read more now.
This post explores each of the initial compromise methods for the TryHackMe x HackerOne CTF. Diving into the web security flaws and PHP tricks abused to gain access to the host webserver.
Learn 3 essential steps to enhance your cybersecurity posture, and effectively mitigate emerging zero-day vulnerabilities for comprehensive threat protection.
Explore the challenge of vulnerabilities exploited before fixes. Learn how to address security gaps and protect against threats in this insightful discussion.
Here you can discover the history and impact of MyDoom, the fastest spreading and most damaging computer virus to date, on OnSecurity’s informative blog post
Explore the rise of social engineering threats. Understand how individuals are manipulated to divulge sensitive information, passwords, and financial details.
Recruitment companies are a prime target for hackers. We go over the main aspects that recruitment companies should be careful of with their CyberSecurity
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.
