OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Google’s very impressive record: Zero successful phishing attacks on a massive workforce of 140,000+ employees. Discover their security success story.
New research shows the prevalence of email phishing as the top cyber threat, tricking firms into revealing information through reputable
Explore the risks businesses face with internet-stored data and the prevalent distrust in online security, highlighting the need for robust
“Online US retail giant Amazon has used its cloud operations to do a deal with the GCHQ, MI5, and MI6,
Catch Of The Week Did you know that Google has never been the victim of a successful phishing attack? Not bad for
Online US retail giant Amazon has used its cloud operations to do a deal with the GCHQ, MI5, and MI6, The
Welcome to our Pentest Files blog series. Each blog post will present an interesting or dangerous finding one of our
Explore the rise of social engineering threats. Understand how individuals are manipulated to divulge sensitive information, passwords, and financial details.
One of the biggest growing problems in computer security is the growing proliferation of cyberattacks which are far more open
Here you can discover the history and impact of MyDoom, the fastest spreading and most damaging computer virus to date,
Explore the challenge of vulnerabilities exploited before fixes. Learn how to address security gaps and protect against threats in this
This post explores each of the initial compromise methods for the TryHackMe x HackerOne CTF. Diving into the web security
Dive into the alarming rise of Ryuk ransomware since 2018, which has accumulated over $150 million, showcasing its global financial
Explore the methods targeting LinkedIn users through phishing scams and gain insights into the everyday tactics used by cybercriminals to
Delve into the fascinating narrative of how a love letter altered the landscape of computer security perpetually. Uncover this tale
Sony is a gigantic multipartite corporation that has been prone to multiple different types of hacks, find out why and how they improve their security posture
Explore the risks businesses face with internet-stored data and the prevalent distrust in online security, highlighting the need for robust protection.
Dive into the alarming rise of Ryuk ransomware since 2018, which has accumulated over $150 million, showcasing its global financial impact and danger.
A compilation of tricks and checks for when a file upload is encountered in an offensive security test.
Unravel the simplicity of gRPC with Project Crobat. Learn to streamline development with gRPC and empower your projects. Dive into our blog for insights!
Delve into the fascinating narrative of how a love letter altered the landscape of computer security perpetually. Uncover this tale of technological evolution.
One of the biggest growing problems in computer security is the growing proliferation of cyberattacks which are far more open and threatening in nature.
The myths surrounding cloud security hesitancy. Gain clarity on common misconceptions and make informed decisions about cloud-based security solutions.
Explore the methods targeting LinkedIn users through phishing scams and gain insights into the everyday tactics used by cybercriminals to exploit you further.
A computer hacker in the US was able to gain access to the water system of Oldsmar in Florida and successfully increased the amount of sodium hydroxide.
Uncover the latest threat looming over government servers. The newfound vulnerability impacts Microsoft systems, leaving government infrastructures at risk.
Uncovering what went wrong with TravelEx. Investigating ransomware designed to take over the network and block access to file networks.
In this blog we uncover a huge data spill for Wishbone, revealing massive amounts of user data available for malicious actors to share and exploit.
The continued impact of the pandemic has made working from home the new normal, rapidly accelerating digital transformation in companies
We love using Clubhouse to helps us develop our security projects
Learn about LLM prompt injection attacks and exclusive tips and tricks on prompt injection defence in our latest expert blog.
LLM jailbreak guide: examples, attack types, and a practical testing checklist to identify vulnerabilities and boost model safety
Discover what AI red teaming is, why it’s essential for AI security, and how to start testing your systems for vulnerabilities before attackers do.
Discover how AI is transforming cybersecurity. Explore how hackers exploit AI, how defenders fight back, and who holds the upper hand in today’s AI cybersecurity battle
Discover essential LLM red teaming techniques to secure AI systems. Learn step-by-step frameworks, attack vectors & best practices.
Improve DevOps infrastructure security with post-pentest insights. Learn how to turn findings into action and protect your CI/CD pipeline effectively.
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and what it means for the future.
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks, practical defensive applications, and future trends in AI-powered security.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Firewall penetration testing is a method of locating, scoping, and penetrating a specific firewall to test an organisation’s network infrastructure.
The term “penetration testing” or “pentesting” might be familiar, but the different types available—and how each can enhance your business’s
Sometimes referred to as ‘internal infrastructure tests’, or ‘internal network tests’, internal penetration tests are the backbone of any thorough
External penetration testing methodology: what is it and how does it work? External penetration testing is a crucial cybersecurity measure
Cybercriminals are no longer targeting just the big players. In fact, small businesses are firmly in their sights too. With
Turn penetration test results into action. Follow this step-by-step remediation checklist to fix vulnerabilities and boost security.
Learn 9 key cybersecurity metrics boards care about to prove ROI, reduce risk, and align security with business goals.
Explore the top penetration testing challenges CISOs face in 2025 and how AI-powered continuous pentesting is reshaping security assurance.
Learn about LLM prompt injection attacks and exclusive tips and tricks on prompt injection defence in our latest expert blog.
LLM jailbreak guide: examples, attack types, and a practical testing checklist to identify vulnerabilities and boost model safety
Discover what AI red teaming is, why it’s essential for AI security, and how to start testing your systems for vulnerabilities before attackers do.
Discover how AI is transforming cybersecurity. Explore how hackers exploit AI, how defenders fight back, and who holds the upper hand in today’s AI cybersecurity battle
Discover essential LLM red teaming techniques to secure AI systems. Learn step-by-step frameworks, attack vectors & best practices.
Improve DevOps infrastructure security with post-pentest insights. Learn how to turn findings into action and protect your CI/CD pipeline effectively.
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and what it means for the future.
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks, practical defensive applications, and future trends in AI-powered security.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
Smishing, a form of cyber-attack that uses SMS messages to deceive victims, is on the rise. By exploiting human trust,
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.