Carve Systems, LLC

01/27/2023

Carve Systems, LLC is now part of iVision. To see what’s new, visit the iVision page or ivision.com.

Enterprise-class technology infrastructure, applications, network solutions, support, and managed services - ready when you are to engineer success.

04/09/2020

Binary exploitation of an IoT device with Carve consultant Danny Rousseau

Owning a device with a single jump by Danny Rosseau | Jan 13, 2020 | Exploits, IOT, Labs | 0 comments Back when I first read about this thing called “hacking” I thought I’d be spending all my days overflowing NSA buffers with plagiarized shell code and going by some cool hacker name like “13...

04/08/2020

Do Application Security Unicorns exist?

So you’ve decided to hire an application security engineer? Here’s what you need to know. by Mike Zusman | Apr 3, 2020 | Cloud, Digital Transformation, Featured, News, Strategy | 0 comments Hiring your first appsec engineer is a high-risk endeavor. Many organizations reach the conclusion they ne...

04/08/2020

Application Security Team building strategies

So you’ve decided to hire an application security engineer? Here’s what you need to know. by Mike Zusman | Apr 3, 2020 | Cloud, Digital Transformation, Featured, News, Strategy | 0 comments Hiring your first appsec engineer is a high-risk endeavor. Many organizations reach the conclusion they ne...

04/06/2020

Hiring your first application security engineer can be a challenge. Here are some tips to increase your chances for success.

So you’ve decided to hire an application security engineer? Here’s what you need to know. by Mike Zusman | Apr 3, 2020 | Cloud, Digital Transformation, Featured, News, Strategy | 0 comments Hiring your first appsec engineer is a high-risk endeavor. Many organizations reach the conclusion they ne...

04/04/2020

Zoom has had a tough week. While usage has been setting new records they have had to cope with a slew of security gaffes that have received lots of media attention. Concern over some of these issues is justified. However, Zoom seems to be getting more than its fair share of condemnation from the security researcher community. What is going on?

Don’t get Zoomed! by Brad Dixon | Apr 3, 2020 | Cloud, Digital Transformation, Featured, News | 0 comments Zoom has had a tough week. While usage has been setting new records they have had to cope with a slew of security gaffes that have received lots of media attention. Concern over some of these...

08/15/2019

DC Rainmaker dives deeper into the Zwift 'hack' which Brad Dixon [Principal Consultant at Carve Systems, LLC] presented at last week.

"This past Sunday at Def Con (considered one of the more rambunctious events on the circuit) a presentation was given around Zwift and ‘hacking’ it – titled 'Cheating in eSports: How to Cheat at Virtual Cycling Using USB Hacks.' Now one has to understand that while in the ‘mainstream’ the term ‘hacking’ is usually akin to ‘breaking’, in the computer world, the term ‘hacking’ is often a bit more nebulous. Sometimes used interchangeably with ‘tweaking’ or ‘optimizing’, and sometimes used in the less ideal variant such as ‘credit cards were hacked’. So one has to take any usage of that term with a bit of sanity check to see what’s going on.

In this case, the presentation was given by Brad Dixon (with support from Mike Zusman), security researchers with the consulting firm Carve Systems. This company has historically done pe*******on testing for other organizations (pen testing is trying to see if you can break into a system), but has switched in recent years to a more holistic security consulting approach where they do pen testing and then assist companies in making the fixes. More or less this is run of the mill security company stuff, nothing too crazy.

In this case though, two of the employees there are also avid cyclists and wanted to see where what they could do from a Zwift standpoint security-wise."

No, Zwift Racing Wasn’t Hacked. Yet. Sorta. Let Me Explain // This past weekend a presentation was given at a security conference about hacking Zwift. I dive into what was and wasn't shown, what's already out there, and what the indoor training companies really need to do to address this. Dive in for this wild ride: https://www.dcrainmaker.com/2019/08/no-zwift-racing-wasnt-hacked-yet-sorta-let-me-explain.html

08/14/2019

Athlete & tech blogger Ray Maker caught up with Brad Dixon and Mike Zusman [Carve CEO] regarding Brad's presentation: 'Cheating in Esports: How to Cheat at Virtual Cycling Using USB Hacks.'

"In this case, the presentation was given by Brad Dixon (with support from Mike Zusman), security researchers with the consulting firm Carve Systems. This company has historically done pe*******on testing for other organizations (pen testing is trying to see if you can break into a system), but has switched in recent years to a more holistic security consulting approach where they do pen testing and then assist companies in making the fixes. More or less this is run of the mill security company stuff, nothing too crazy. I had a chance last week before the conference to do a video conference with Brad and Mike and understand their presentation a bit more."

Cheating at Zwift is nothing new, but more and more this year the focus is on how to hack Zwift racing with tools and technology. For the first time we saw a presentation at Def Con about exactly that.

08/09/2019

Congratulations to our intern, Jenna Lawrence! She is one of three scholarship winners selected by Morphisec and is helping pave the way for women in cybersecurity. Way to go, Jenna!

For the second year in a row, Morphisec has awarded three scholarships to top female students pursuing cybersecurity degrees around the world. The latest numbers still place women’s employment in the cybersecurity industry at only 24%, but the dedication and talent of the more than 400 application...

08/02/2019

🎮 Carve is counting down to DEFCON Hacking Conference! Don't miss Brad Dixon share his updates to the USBQ MITM tool and learn how to cheat at virtual cycling. 🚴 [Sunday August 11 | Track 2 - 14:00] Hope to see you there!

06/18/2019

Check out the latest Illinois Technology Association spotlight featuring Carve's resident Chicagoan, Geoff Robinson! 🙌

Geoff Robinson is a long-time Chicagoan and Managing Consultant at Carve Systems. Carve develops and deploys cybersecurity engineering expertise to support major software/IoT initiatives in Fortune 500 organizations. We provide technical leadership, leveraging maturity frameworks to maintain executi...