by Meador Inge | Aug 3, 2020 | News, Techniques, Tools, Web
Do we have a problem? The World Wide Web have been struggling with how to create portable, efficient and safe programs (pick two) for decades. The current best of breed attempt is called WebAssembly and is affectionately referred to as “WASM”. The project...
by Meador Inge | Feb 18, 2020 | Cloud, Featured, News, Techniques, Tools, Web
Introduction At Carve we perform at a lot of web application security assessments. Once we (1) find a vulnerability, we (2) confirm that it’s reproducible, write a proof of concept (PoC) exploit for the vulnerability to determine the impact, and then (3) focus...
by Meador Inge | Aug 7, 2019 | Labs, News, Techniques, Web
In recent years it has become popular to use Content Delivery Networks (CDN) provided by cloud hosting providers. Amazon’s CloudFront is an example of a popular CDN. These CDNs can take advantage of HTTP Caching to reduce latency for a global pool of end users....
by Meador Inge | Jan 5, 2018 | News
Introduction Meltdown and Spectre. Oh My! There have been a lot of new terms floating around the internet these last few days: Meltdown, Spectre, etc… What does it all mean? In this post, I will explain the high-level pieces, what systems are affected by this,...