Carve Systems, LLC

Do Application Security Unicorns exist?

Application Security Team building strategies

Zoom has had a tough week. While usage has been setting new records they have had to cope with a slew of security gaffes that have received lots of media attention. Concern over some of these issues is justified. However, Zoom seems to be getting more than its fair share of condemnation from the security researcher community. What is going on?

DC Rainmaker dives deeper into the Zwift 'hack' which Brad Dixon [Principal Consultant at Carve Systems, LLC] presented at #DefCon last week. "This past Sunday at Def Con (considered one of the more rambunctious events on the circuit) a presentation was given around Zwift and ‘hacking’ it titled 'Cheating in eSports: How to Cheat at Virtual Cycling Using USB Hacks.' Now one has to understand that while in the ‘mainstream’ the term ‘hacking’ is usually akin to ‘breaking’, i...n the computer world, the term ‘hacking’ is often a bit more nebulous. Sometimes used interchangeably with ‘tweaking’ or ‘optimizing’, and sometimes used in the less ideal variant such as ‘credit cards were hacked’. So one has to take any usage of that term with a bit of sanity check to see what’s going on. In this case, the presentation was given by Brad Dixon (with support from Mike Zusman), security researchers with the consulting firm Carve Systems. This company has historically done penetration testing for other organizations (pen testing is trying to see if you can break into a system), but has switched in recent years to a more holistic security consulting approach where they do pen testing and then assist companies in making the fixes. More or less this is run of the mill security company stuff, nothing too crazy. In this case though, two of the employees there are also avid cyclists and wanted to see where what they could do from a Zwift standpoint security-wise." #esports #defcon27 #hacks #zwift #cybersecurity

Athlete & tech blogger Ray Maker caught up with Brad Dixon and Mike Zusman [Carve CEO] regarding Brad's #DEFCON presentation: 'Cheating in Esports: How to Cheat at Virtual Cycling Using USB Hacks.' "In this case, the presentation was given by Brad Dixon (with support from Mike Zusman), security researchers with the consulting firm Carve Systems. This company has historically done penetration testing for other organizations (pen testing is trying to see if you can break into a... system), but has switched in recent years to a more holistic security consulting approach where they do pen testing and then assist companies in making the fixes. More or less this is run of the mill security company stuff, nothing too crazy. I had a chance last week before the conference to do a video conference with Brad and Mike and understand their presentation a bit more." #cybersecurity #hacking #infosec https://dcra.in/ZwiftHacks

Congratulations to our intern, Jenna Lawrence! She is one of three scholarship winners selected by Morphisec and is helping pave the way for women in cybersecurity. Way to go, Jenna! #cybersecurity #womenintech #infosec https://securityboulevard.com//meet-the-2019-morphisec-wo/

Carve is counting down to DEFCON Hacking Conference! Don't miss Brad Dixon share his updates to the USBQ MITM tool and learn how to cheat at virtual cycling. [Sunday August 11 | Track 2 - 14:00] Hope to see you there! #defcon #cybersecurity #cycling