#pentest #infosecurity #hacking #bypass #captive_portal

Замечали в отпуске, что при подключении к гостевому открытому Wi-Fi ваш телефон иногда успевает подгрузить уведомления, но при этом интернета он не получает.
У некоторых прокси запрещающее правило фаерволла редиректящее на captive-портал, активируется только после подключения к сети и получения IP-адреса. И происходит с небольшим запаздыванием. И часто это обычный race condition, а значит есть шанс сыграть на опережение. В случае если мы успеем открыть соединение, то оно уже не будет разорвано, т.к. при перехвате tcp-коннектов фаерволл реагирует только на SYN-пакеты (таблица nat), т.е. на новые подключения.

Меняем ip-адрес и сразу после этого открываем соединение.

```sh
for i in {2..254}; do echo $i
ifconfig wlan0 192.168.1.$i/24
route add -net default gw 192.168.1.1
curl -s -I ipinfo.io | grep HTTP/
done
```

И часто это действительно работает на высоконагруженных беспроводных сетях с большим количеством правил в `iptables`.

#infosecurity #pentest #bloodhound

BloodHound Query Library (https://queries.specterops.io/)

A collection of Cypher queries designed to help BloodHound users to unlock the full potential of the BloodHound platform by creating an open query ecosystem.

Blog: https://specterops.io/blog/2025/06/17/introducing-the-bloodhound-query-library/

🎙️✨ From Code to Culture: Why Technical Tools Alone Won’t Save Cybersecurity
An Infosecurity Europe 2025 Conversation with Rob Black

Sean Martin and Marco Ciappelli are back from London — and here’s another powerful conversation recorded On Location at Infosecurity Europe 2025.

Cybersecurity leader Rob Black challenges the industry’s tech-first mindset by spotlighting the critical role of human behavior, soft skills, and psychological strategy in modern defense.
From deception tactics to geopolitical intent, this conversation reimagines cybersecurity as a human-driven battleground — where creativity may be the ultimate security tool.

🎥 Watch: https://youtu.be/GQOG-3bsjiM?feature=shared
🎧 Listen: https://eventcoveragepodcast.com/episodes/from-code-to-culture-why-technical-tools-alone-wont-save-cybersecurity-an-infosecurity-europe-2025-conversation-with-rob-black-on-location-coverage-with-sean-martin-and-marco-ciappelli-Dx4DG29f

📚 See all the Infosecurity Europe 2025 coverage:
https://www.itspmagazine.com/infosec25
We’ve got plenty more of these insightful episodes coming — stay tuned.

🔜 Next stop: Black Hat USA in Las Vegas.
Want to be part of our coverage?

✔️ Full Sponsorship ($3,000)
https://www.itspmagazine.com/event-coverage-sponsorship-and-briefings

✔️ On Location Briefing (starting at $900)
https://www.itspmagazine.com/event-coverage-briefings

🎙️ Follow us and subscribe — more great stories from Infosecurity Europe 2025 and beyond are on the way.

#infosec #infosecurity #cybersecurity #infosecurityeurope2025 #onlocation #humanfactors #blackhatusa2025 #itspmagazine #tech #technology #society

NEW by me:

Plastic surgeons often store nude photos of patients with their identity information. When would we call that “negligent?”

Defense counsel for Hankins & Sohn claims that the attack they experienced in February 2023 was "unforeseeable." Was it really?

https://databreaches.net/2025/06/14/plastic-surgeons-often-store-nude-photos-of-patients-with-their-identity-information-when-would-we-call-that-negligent/

#HealthSec #databreach #extortion #HIPAA #cybersecurity #infosecurity #phishing

The #cyberattacks timeline for January 2025 is out with 216 events dominated by #cybercrime. #Malware and #Ransomware led the attack techniques, and once again #phishing emails led the initial access vectors.

https://www.hackmageddon.com/2025/06/13/january-2025-cyber-attacks-statistics/

#cybersecurity #infosecurity

🎙️✨ Stay Calm, But Be Ready: What Trust Looks Like in the Middle of a Breach
An Infosecurity Europe 2025 Conversation with Steve Wright

Sean Martin, CISSP and Marco Ciappelli are back from London — and here’s one of the last editorial conversations we recorded On Location at Infosecurity Europe 2025.

But stay tuned — we’ve got one more video and a couple more written coverage articles still coming your way!

What does real crisis management look like beyond the headlines?
Steve Wright brings 30 years of cybersecurity and privacy leadership to the mic, exploring how preparation, containment, communication, and culture shape today’s response to digital disruption.

🎥 Watch: https://youtu.be/jbfxGIlfqNM?feature=shared
🎧 Listen: https://eventcoveragepodcast.com/episodes/stay-calm-but-be-ready-what-trust-looks-like-in-the-middle-of-a-breach-an-infosecurity-europe-2025-conversation-with-steve-wright-on-location-coverage-with-sean-martin-and-marco-ciappelli-VoApj_4M

📚 See all the Infosecurity Europe 2025 coverage:
https://www.itspmagazine.com/infosec25
Plenty more great content still coming — stay tuned for the final written pieces.

🔜 Next stop: Black Hat USA in Las Vegas.
If your company would like to join us for an On Location Brand Story or Editorial Conversation at Black Hat USA — now is the time to book:

👉 Full Sponsorship
https://www.itspmagazine.com/event-coverage-sponsorship-and-briefings

👉 On Location Briefing
https://www.itspmagazine.com/event-coverage-briefings

🎙️ Follow us and subscribe — more stories from Infosecurity Europe 2025 (and beyond) are on the way.

#infosec #infosecurity #cybersecurity #infosecurityeurope2025 #onlocation #humanfactors #blackhatusa2025 #itspmagazine #tech #technology #society

🎙️✨ Beyond the Hoodie: Redefining Who Belongs in Cybersecurity with Community as the Missing Link in Cyber Resilience
An Infosecurity Europe 2025 Conversation with Amanda Finch FCIIS

Sean Martin, CISSP and Marco Ciappelli are back from London — and here’s another important conversation recorded On Location at Infosecurity Europe 2025.

@Amanda Finch, Chief Executive Officer of the Chartered Institute of Information Security, shares how formalizing the cybersecurity profession and strengthening community support can address long-standing gaps in diversity, skills development, and small business protection.

This conversation highlights why community is an essential, and too often missing, pillar of cyber resilience.

🎥 Watch: https://youtu.be/0mR43dMbLi4?feature=shared
🎧 Listen: https://eventcoveragepodcast.com/episodes/beyond-the-hoodie-redefining-who-belongs-in-cybersecurity-with-community-as-the-missing-link-in-cyber-resilience-an-infosecurity-europe-2025-conversation-with-amanda-finch-on-location-coverage-with-sean-martin-and-marco-ciappelli-5JmlGfQ2

📚 See all the Infosecurity Europe 2025 coverage:
https://www.itspmagazine.com/infosec25
We’ve got plenty more of these insightful episodes coming — stay tuned.

🔜 Next stop: Black Hat USA in Las Vegas.
If your company would like to join us for an On Location Brand Story or Editorial Conversation at Black Hat USA — now is the time to book:

👉 Full Sponsorship
https://www.itspmagazine.com/event-coverage-sponsorship-and-briefings

👉 On Location Briefing
https://www.itspmagazine.com/event-coverage-briefings

🎙️ Follow us and subscribe — more great stories from Infosecurity Europe 2025 and beyond are on the way.

#infosec #infosecurity #cybersecurity #infosecurityeurope2025 #onlocation #humanfactors #blackhatusa2025 #itspmagazine #tech #technology #society

An Infosecurity Europe 2025 On Location Brand Story @todb.hugesuccess.org / @runzero.com

From Vulnerability to Visibility: Rethinking Exposure Management

@seanmartin.com

https://youtu.be/MZWi5hYPHGU?feature=shared

https://brand-stories-podcast.simplecast.com/episodes/from-vulnerability-to-visibility-rethinking-exposure-management-a-brand-story-with-tod-beardsley-from-runzero-an-infosecurity-europe-2025-conference-on-location-brand-story-9szA6kBc

#infosec #tech #cybersecurity #infosecurity

🎙️✨ Understanding Cybersecurity Behavior: From Social Engineering to Shadow AI
An Infosecurity Europe 2025 Conversation with Jason Nurse

Sean Martin and Marco Ciappelli are back from London — and here’s another important conversation recorded On Location at Infosecurity Europe 2025.

Dr. Jason Nurse explores the critical role of human behavior in cybersecurity, revealing how psychological patterns and cultural influences impact everything from social engineering to the misuse of AI in the workplace.
This conversation challenges listeners to rethink security not just as a technical issue, but as a deeply human one.

🎥 Watch: https://youtu.be/uu4Z1Q6gn5w?feature=shared
🎧 Listen: https://eventcoveragepodcast.com/episodes/understanding-cybersecurity-behavior-from-social-engineering-to-shadow-ai-an-infosecurity-europe-2025-conversation-with-jason-nurse-on-location-coverage-with-sean-martin-and-marco-ciappelli-GZIDYxJG

📚 See all the Infosecurity Europe 2025 coverage:
https://www.itspmagazine.com/infosec25
We’ve got plenty more of these insightful episodes coming — stay tuned.

🔜 Next stop: Black Hat USA in Las Vegas.
If your company would like to join us for an On Location Brand Story or Editorial Conversation at Black Hat USA — now is the time to book:

👉 Full Sponsorship
https://www.itspmagazine.com/event-coverage-sponsorship-and-briefings

👉 On Location Briefing
https://www.itspmagazine.com/event-coverage-briefings

🎙️ Follow us and subscribe — more great stories from Infosecurity Europe 2025 and beyond are on the way.

#infosec #infosecurity #cybersecurity #infosecurityeurope2025 #onlocation #humanfactors #blackhatusa2025 #itspmagazine #tech #technology #society