OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Discover how to mitigate financial risks from subdomain takeovers. Learn strategies to safeguard against reputational damage and data breaches.
Exploring Cloud Security: Risks, Regulations & Remedies. Learn from incidents & strategies for robust cloud protection in an evolving digital
Explore SSDLC stages: From planning to deployment. Learn how to secure web apps effectively with OnSecurity’s solutions.
What is Penetration Testing? Penetration Testing, otherwise known as “pentesting” or ethical hacking, is the beating heart of all good
For National Coding Week, we reached out to some of our software developers at OnSecurity to hear their perspective on
How would we define Cybercrime? What do you imagine when you think of a cybercriminal? Do you envision an erratic,
Conor O’Neill is not your typical CEO. In 2023 he completed an Ironman marathon. He practises archery in his spare
With the rise of remote and flexible work policies, many employees have adopted cafes, libraries, and other public spaces as
Explore OnSecurity’s services and products for enhancing your organization’s security posture. Understand the importance of SOC 2 compliance requirements.
The risks of typosquatting and its implications for online security. Explore cybercriminal tactics, real-world cases, and protective measures for your
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security, achieving ISO certifications, and prioritizing
Highlighting a critical cybersecurity issue: Unauthorised access is inevitable wherever default credentials are used, underscoring the need for caution.
Discover now how our tester skillfully exploited multiple SQL injection vulnerabilities to extract valuable data from an application’s backend databases.
Learn about the key components of hybrid cloud security and the benefits and challenges of adopting a hybrid cloud environments
Explore the intricacies of this vital framework designed to fortify businesses against diverse cyber threats. Core principles and actionable guidance.
Dive into the alarming rise of Ryuk ransomware since 2018, which has accumulated over $150 million, showcasing its global financial impact and danger.
A compilation of tricks and checks for when a file upload is encountered in an offensive security test.
Unravel the simplicity of gRPC with Project Crobat. Learn to streamline development with gRPC and empower your projects. Dive into our blog for insights!
Delve into the fascinating narrative of how a love letter altered the landscape of computer security perpetually. Uncover this tale of technological evolution.
One of the biggest growing problems in computer security is the growing proliferation of cyberattacks which are far more open and threatening in nature.
The myths surrounding cloud security hesitancy. Gain clarity on common misconceptions and make informed decisions about cloud-based security solutions.
Explore the methods targeting LinkedIn users through phishing scams and gain insights into the everyday tactics used by cybercriminals to exploit you further.
Uncover the latest threat looming over government servers. The newfound vulnerability impacts Microsoft systems, leaving government infrastructures at risk.
Uncovering what went wrong with TravelEx. Investigating ransomware designed to take over the network and block access to file networks.
In this blog we uncover a huge data spill for Wishbone, revealing massive amounts of user data available for malicious actors to share and exploit.
The continued impact of the pandemic has made working from home the new normal, rapidly accelerating digital transformation in companies
We love using Clubhouse to helps us develop our security projects
Launched in 2015, Wishbone is a social networking app that encourages users to have their say in comparisons of everything
What happened in 2014 when Sony became the victim of an attack? Explore how Wiper malware was deployed and crippled the large corporation’s network.
Defend against BlueKeep’s looming threats. Insights on securing systems from potential widespread attacks and common BlueKeep exploits. This blog will help you stay informed of threats.
Learn the key differences between penetration testing vs. vulnerability scanning. Understand when to use each method for optimal cybersecurity protection.
Discover the differences between ethical hacking and penetration testing, how they protect your business from cyber threats, and when to choose each for security assessments.
Explore API pen testing, its benefits, common vulnerabilities, and best practices to strengthen your business’s security posture.
Explore OnSecurity’s services and products for enhancing your organisation’s security posture. Understand the importance of SOC 2 compliance requirements.
Unravel the essentials of ISO 27001 certification in this blog. Explore critical insights and guidelines for a robust security management system.
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security, achieving ISO certifications, and prioritising threats
Discover how we exploited a SSRF vulnerability in a web application to acquire API credentials and access AWS S3 buckets, showcasing cybersecurity risks.
Join our unique and growing pen-testing company and showcase your talent. We’re seeking skilled pen-testers who stand out from the crowd, apply here now!
You can now explore the purpose and process of penetration tests (pen-tests), authorised simulated cyber-attacks that assess the security of computer systems.
What is a penetration test and why should I get one? A penetration test (aka pen-test), is an authorised simulated
Discover effective strategies to streamline and simplify penetration testing. Learn how to alleviate the complexities for a more efficient testing process.
Discover essential LLM red teaming techniques to secure AI systems. Learn step-by-step frameworks, attack vectors & best practices.
Improve DevOps infrastructure security with post-pentest insights. Learn how to turn findings into action and protect your CI/CD pipeline effectively.
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and what it means for the future.
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks, practical defensive applications, and future trends in AI-powered security.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Smishing, a form of cyber-attack that uses SMS messages to deceive victims, is on the rise. By exploiting human trust,
Many retailers face rising cyber threats. Discover key challenges and practical solutions to protect systems, data, and customer trust.
Maximise your pentest impact with OnSecurity’s guide on leveraging reports to enhance your security posture and confidently and quickly share results
Exploring Cloud Security: Risks, Regulations & Remedies. Learn from incidents & strategies for robust cloud protection in an evolving digital landscape.
Discover how to mitigate financial risks from subdomain takeovers. Learn strategies to safeguard against reputational damage and data breaches.
Explore SSDLC stages: From planning to deployment. Learn how to secure web apps effectively with OnSecurity’s solutions.
How would we define Cybercrime? What do you imagine when you think of a cybercriminal? Do you envision an erratic,
Explore the intricacies of this vital framework designed to fortify businesses against diverse cyber threats. Core principles and actionable guidance.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.