Author: Matthew Bing

Matthew Bing
Matthew Bing received his master’s in computer science from Grand Valley State University in 2000 where he studied intrusion detection and large-scale logging infrastructures. He then moved to Ann Arbor to work as a security engineer at Anzen Computing (which was later acquired by NFR Security). At NFR, Matt developed and implemented intrusion detection systems as a member of the Rapid Response Team. Matt joined the University of Michigan in 2004 where he led the design, rollout, and implementation of an IT security incident management program across campus. Over the years, Matt led the response to many incidents, including several high profile cases.

A New Twist In SSDP Attacks

Arbor ASERT has uncovered a new class of SSDP abuse where naïve devices will respond to SSDP reflection/amplification attacks with a non-standard port. The resulting flood of UDP packets have ephemeral source and destination ports, making mitigation more difficult – a SSDP diffraction attack. This […]

Read more

The Lizard Brain of LizardStresser

LizardStresser is a botnet originally written by the infamous Lizard Squad DDoS group. The source code was released publicly in early 2015, an act that encouraged aspiring DDoS actors to build their own botnets. Arbor Networks’ ASERT group has been tracking LizardStresser activity and observed […]

Read more

The Best Of Both Worlds – Soraya

By Matt Bing & Dave Loftus Arbor Networks’ ASERT has recently discovered a new malware family that combines several techniques to steal payment card information. Dubbed Soraya, meaning “rich,” this malware uses memory scraping techniques similar to those found in Dexter to target point-of-sale terminals. […]

Read more

Fort Disco Bruteforce Campaign

In recent months, several researchers have highlighted an uptick in bruteforce password guessing attacks targeting blogging and content management systems. Arbor ASERT has been tracking a campaign we are calling Fort Disco that began in late May 2013 and is continuing. We’ve identified six related command-and-control (C&C) […]

Read more