20 Posts

Dave McMillen

Senior Threat Researcher, IBM Managed Security Services

Dave brings over 25 years of network security knowledge to IBM. Dave began his career in IBM over 15 years ago where he was part of a core team of six IBMers that created the IBM Emergency Response Service which eventually grew and evolved into Internet Security Systems.As an industry-recognized security expert and thought leader, Dave's background in security is full featured. Dave thrives on identifying threats and developing methods to solve complex problems. His specialties are intrusion detection/prevention, ethical hacking, forensics and analysis of malware and advanced threats. As a member of the IBM MSS Threat Research Team, Dave takes the intelligence he has gathered and turns out immediate tangible remedies that can be implemented within a customer’s network or on IBM MSS's own proprietary detection engines.Dave became interested in security back in the late 1980's and owned and operated a company that provided penetration and vulnerability testing service, one of the first of its kind. As the internet's footprint began to grow, it became clear to him there was a new problem on the horizon; protecting data. Dave worked with WheelGroup (later acquired by Cisco) where he helped develop NetRanger IDS and NetSonar. Dave also assisted with development of the very first IBM intrusion detection system, BillyGoat. Dave also has developed several other security based methods and systems which were patented for IBM.

Written By Dave McMillen

Observations of ITG07 Cyber Operations

After nine months of tracking the cyber operations of threat group ITG07, IBM X-Force identified new Chafer-associated malware targeting companies within the travel and transportation industry.

Traveling This Holiday Season? Beware of RFID Attacks

Consumers traveling during the holiday season should be aware of RFID attacks that could enable thieves to control their hotel key cards and digital locks.

Steganography: A Safe Haven for Malware

Steganography continues to be an incredibly versatile and effective method for obscuring or hiding information in plain sight.

Network Attacks Containing Cryptocurrency CPU Mining Tools Grow Sixfold

IBM Managed Security Services (MSS) detected a sixfold increase in attacks involving embedded CPU mining tools between January and August 2017.

Apache Struts 2: A Zero-Day Quick Draw

It took fraudsters less than 24 hours after the disclosure of a previously unknown Apache Struts 2 vulnerability to develop a Python script to exploit it.

Mirai IoT Botnet: Mining for Bitcoins?

Just in time for IoT Day, the Mirai botnet is launching attacks with a new trick up its sleeve: a built-in bitcoin mining component.

Andromeda: A Galaxy of Pain, Coming to a Machine Near You

The IBM X-Force team analyzed the Andromeda malware and determined that its operators have shifted their attention to the payment card industry.

Attacks Targeting Industrial Control Systems (ICS) Up 110 Percent

A recent IBM X-Force report found that attacks against industrial control systems (ICS) increased significantly in 2016 over last year's numbers.

Ninety-Five Percent of Webshell Attacks Written in PHP

Webshells are dangerous in the hands of APT groups. According to IBM Managed Security Services (MSS), 95 percent of webshell attacks are written in PHP.

Dissecting a Hacktivist’s DDoS Tool: Saphyra Revealed

Distributed denial-of-service (DDoS) attacks have been all over the news in recent months, with hacktivist groups taking major targets completely offline. According to IBM Managed Security Services data, the vast majority of DDoS attacks come in one...

Co-Written By Dave McMillen

An Increase in PowerShell Attacks: Observations From IBM X-Force IRIS

Since the open source release of the PowerShell framework in 2016, IBM X-Force Incident Response and Intelligence Services (IRIS) has identified an upward trend in malicious PowerShell use.