OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Explore the rise of social engineering threats. Understand how individuals are manipulated to divulge sensitive information, passwords, and financial details.
One of the biggest growing problems in computer security is the growing proliferation of cyberattacks which are far more open
Here you can discover the history and impact of MyDoom, the fastest spreading and most damaging computer virus to date,
Explore the challenge of vulnerabilities exploited before fixes. Learn how to address security gaps and protect against threats in this
This post explores each of the initial compromise methods for the TryHackMe x HackerOne CTF. Diving into the web security
Dive into the alarming rise of Ryuk ransomware since 2018, which has accumulated over $150 million, showcasing its global financial
Explore the methods targeting LinkedIn users through phishing scams and gain insights into the everyday tactics used by cybercriminals to
Delve into the fascinating narrative of how a love letter altered the landscape of computer security perpetually. Uncover this tale
Delve into OnSecurity’s research on Go’s server-side template injection vulnerabilities, revealing potential for file reads and RCE exploits. Read more
Unravel the simplicity of gRPC with Project Crobat. Learn to streamline development with gRPC and empower your projects. Dive into
A compilation of tricks and checks for when a file upload is encountered in an offensive security test.
Apple claims that its Mac computers are well protected by in-built antivirus features, and there is no need to worry
A computer hacker in the US was able to gain access to the water system of Oldsmar in Florida and
The myths surrounding cloud security hesitancy. Gain clarity on common misconceptions and make informed decisions about cloud-based security solutions.
Learn 3 essential steps to enhance your cybersecurity posture, and effectively mitigate emerging zero-day vulnerabilities for comprehensive threat protection.
Explore API pen testing, its benefits, common vulnerabilities, and best practices to strengthen your business’s security posture.
Discover the purpose of PCI DSS: securing card payments. OnSecurity offers PCI segmentation pentesting for businesses, ensuring a secure payment environment.
The risks of typosquatting and its implications for online security. Explore cybercriminal tactics, real-world cases, and protective measures for your brand.
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security, achieving ISO certifications, and prioritising threats
Understanding the importance of cybersecurity for SaaS companies. Explore the awareness of threats and proactive measures to safeguard data and systems.
Discover how we exploited a SSRF vulnerability in a web application to acquire API credentials and access AWS S3 buckets, showcasing cybersecurity risks.
Delve into an overview of 2021’s significant data breaches. Explore the most notable incidents and learn from them for better data security practices.
Experience real-time communication with your penetration test testers during the testing process for enhanced collaboration and continuous timely updates.
Discover OnSecurity’s innovative approach to penetration testing. Our client-collaborative efforts have streamlined booking to just 5 minutes for efficiency.
Look into IT Security through the eyes of a pen-tester. We’ll uncover the inner workings and provide in-depth insights for a comprehensive understanding.
Unveiling the origins of the first PC virus prank. Dive into the history of pioneering cyber mischief and understand the Elk Cloner Virus in OnSecurity’s blog.
Discover essential LLM red teaming techniques to secure AI systems. Learn step-by-step frameworks, attack vectors & best practices.
Improve DevOps infrastructure security with post-pentest insights. Learn how to turn findings into action and protect your CI/CD pipeline effectively.
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used, who has the edge, and what it means for the future.
Telecommunications providers are prime targets for nation-state actors and advanced persistent threats (APTs) due to their central role in national
Discover how generative AI is transforming cybersecurity for attackers and defenders. Learn the real risks, practical defensive applications, and future trends in AI-powered security.
Explore the rise of AI-generated code in vibe coding, its cybersecurity risks, and how to secure fast, intuitive development without sacrificing safety.
The term “penetration testing” or “pentesting” might be familiar, but the different types available—and how each can enhance your business’s
Sometimes referred to as ‘internal infrastructure tests’, or ‘internal network tests’, internal penetration tests are the backbone of any thorough
Ethical hacking and penetration testing are essential cybersecurity practices that uncover security vulnerabilities by simulating attacks on an organisation’s network.
External penetration testing methodology: what is it and how does it work? External penetration testing is a crucial cybersecurity measure
Cybercriminals are no longer targeting just the big players. In fact, small businesses are firmly in their sights too. With
Cyber threats are evolving, and every business – large or small – faces potential risks. A single vulnerability in your network infrastructure can lead to data breaches, financial losses and reputational damage. Network penetration testing is a proactive approach to uncover and address these vulnerabilities.
Mobile devices are firmly embedded as a huge part of daily life, and therefore making sure Android apps and devices
Penetration testing is a crucial investment in your organisation’s cybersecurity, but understanding the associated costs can be challenging. While there’s
External and internal penetration testing both exist as part of a broader cybersecurity strategy, supporting organisations in pinpointing vulnerabilities through
The risks of typosquatting and its implications for online security. Explore cybercriminal tactics, real-world cases, and protective measures for your brand.
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security, achieving ISO certifications, and prioritizing threats.
The best practices with OnSecurity’s cyber security checklist 2023. Identify crucial steps to protect data and systems from unauthorised access and threats.
Penetration testing is a mostly manual process carried out by experienced consultants, using some of the same methods and tools a real hacker would. You decide on the scope of your test with your consultant, set your target, and your tester will get to work attempting to breach it. This blog will explore the importance of pentesting for businesses, and how to begin.
Learn how external vulnerability scanning can support your organisation in achieving operational resilience in this blog.
Delve into an effective external vulnerability scanning strategy and adopt best practices. This guide offers a very comprehensive understanding of the role they play.
New report reveals increasing cyber threats to drilling rigs, potentially leading to severe safety incidents. Understand the emerging vulnerabilities.
Here we delve into the evolution of ransomware with OnSecurity’s article on Triple Extortion ransomware tactics that threaten not just data, but a companies reputation
New research shows the prevalence of email phishing as the top cyber threat, tricking firms into revealing information through reputable sender disguises.
CVE-2021-44228: A new high profile zero-day vulnerability affecting large number of Java applications through a vulnerable version of the widely-used library Apache log4j.
Protecting the data, valuables and account information related to your business has become even more vital as our workplaces have
Apple claims that its Mac computers are well protected by in-built antivirus features, and there is no need to worry about extra security – how true is this?
Delve into OnSecurity’s research on Go’s server-side template injection vulnerabilities, revealing potential for file reads and RCE exploits. Read more now.
This post explores each of the initial compromise methods for the TryHackMe x HackerOne CTF. Diving into the web security flaws and PHP tricks abused to gain access to the host webserver.
Learn 3 essential steps to enhance your cybersecurity posture, and effectively mitigate emerging zero-day vulnerabilities for comprehensive threat protection.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.