DIRECTORY

  • Alerts
  • APTs
  • Blog
  • Books
  • Certifications
  • Cheat Sheets
  • Courses
  • Cyber Briefing
  • CyberDecoded
  • CyberReview
  • CyberStory
  • CyberTips
  • Definitions
  • Domains
  • Entertainment
  • FAQ
  • Frameworks
  • Hardware Tools
  • Incidents
  • Malware
  • News
  • Papers
  • Podcasts
  • Quotes
  • Reports
  • Tools
  • Threats
  • Tutorials
No Result
View All Result
  • Login
  • Register
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
Get Help
  • Cyber Citizens
  • Cyber Professionals
  • Institutions
CyberMaterial
No Result
View All Result
Get Help
CyberMaterial
Home

APT14

Reading Time: 2 mins read
in APT

APT14 – Anchor Panda is an adversary that CrowdStrike has tracked extensively over the last year targeting both civilian and military maritime operations in the green/brown water regions primarily in the area of operations of the South Sea Fleet of the PLA Navy. In addition to maritime operations in this region, Anchor Panda also heavily targeted western companies in the US, Germany, Sweden, the UK, and Australia, and other countries involved in maritime satellite systems, aerospace companies, and defense contractors.

Name: Anchor Panda (CrowdStrike), APT 14 (Mandiant), Aluminum (Microsoft), QAZTeam (?)

Suspected attribution: State-sponsored, PLA Navy

Date of initial activity:  2012

Targets: Government, telecommunications, and construction and engineering. Embassies and diplomatic missions in the region, foreign intelligence services, and foreign governments with space programs were also targeted.

Motivation: Information theft and espionage

Associated malware: Gh0st RAT, Poison Ivy, Torn RAT.

Attack vectors:  APT14 threat actors do not tend to use zero-day exploits but may leverage those exploits once they have been made public. They may leverage a custom SMTP mailer tool to send their spear phishing messages. APT14 phishing messages are often crafted to appear to originate from trusted organizations.

How they work:  CrowdStrike won’t share too many details about this adversary – as they don’t want to make it too easy for them – but they share some signatures specific to Anchor Panda in their blog post.

Tags: Advanced Persistent ThreatChina
ADVERTISEMENT

Related Posts

APT1

APT43 (Kimsuky, Thallium) – North Korea

May 30, 2023
APT1

APT42 (TA453, Mint Sandstorm) – Iran

May 30, 2023
Cyber Investigator Certificate Program

Cyber Investigator Certificate Program

March 22, 2023
Cyber Crime and Cyber Terrorism Investigator’s Handbook

Cyber Crime and Cyber Terrorism Investigator’s Handbook

May 9, 2022

More Articles

Alerts

UK warns of Russian hacktivist threat

April 20, 2023
Alerts

Cisco security advisory (AV22-096)

February 24, 2022
Incidents

LockBit ransomware gang claims Royal Mail cyberattack

February 7, 2023
Game

Windows 10 update issue with Microphone

October 5, 2020
Podcast

U.S. National Privacy and Cybersecurity Podcast

August 9, 2022

User Behavior Analytics (UBA)

December 13, 2021
Alerts

Over 4,000 Sophos Firewall devices vulnerable to RCE attacks

January 18, 2023
Book

Cybersecurity for Beginners

October 18, 2020
Load More

Security through data

Cybersecurity Domains

  • API Security
  • Business Continuity
  • Career Development
  • Compliance
  • Cryptography
  • HSM
  • KPIs / KRIs
  • Penetration Testing
  • Shift Left
  • Vulnerability Scan

Emerging Technologies

  • 5G
  • Artificial Intelligence
  • Blockchain
  • Cryptocurrency
  • Deepfake
  • E-Commerce
  • Healthcare
  • IoT
  • Quantum Computing

Frameworks

  • CIS Controls
  • CCPA
  • GDPR
  • NIST
  • 23 NYCRR 500
  • HIPAA

Repository

  • Books
  • Certifications
  • Definitions
  • Documents
  • Entertainment
  • Quotes
  • Reports

Threats

  • APTs
  • DDoS
  • Insider Threat
  • Malware
  • Phishing
  • Ransomware
  • Social Engineering

© 2023 | CyberMaterial | All rights reserved.

World’s #1 Cybersecurity Repository

  • About
  • Legal and Privacy Policy
  • Site Map
No Result
View All Result
  • Audience
    • Cyber Citizens
    • Cyber Professionals
    • Institutions
  • Highlights
    • Blog
    • CyberDecoded
    • Cyber Review
    • CyberStory
    • CyberTips
  • Cyber Risks
    • Alerts
    • Attackers
    • Domains
    • Incidents
    • Threats
  • Opportunities
    • Events
    • Jobs
  • Repository
    • Books
    • Certifications
    • Cheat Sheets
    • Courses
    • Definitions
    • Frameworks
    • Games
    • Hardware Tools
    • Memes
    • Movies
    • Papers
    • Podcasts
    • Quotes
    • Reports
  • Report Cyber Incident
  • GET HELP

Subscribe to our newsletter

© 2022 Cybermaterial - Security Through Data .

Welcome Back!

Sign In with Google
Sign In with Linked In
OR

Forgotten Password? Sign Up

Create New Account!

Sign Up with Google
Sign Up with Linked In
OR

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.