It is no surprise that in last few years we are witnessing a number of attacks that are slowly becoming more sophisticated and stealthier. While there will always be opportunistic attackers that are simply going for the low hanging fruit (and they will always be the majority), we started observing dedicated attackers who want to remain as stealth as possible. At the same time, once such attackers become active, the damage they create can be overwhelming. This presentation will show technical details about several incidents that Bojan and his team worked on. Specifically, we’ll take a look at a very novel attack against the SWIFT connected systems that was identified in a bank, and a devastating attack against a cryptocurrency exchange. What’s interesting about both of these cases is that attackers invested a significant amount of time into understanding their target’s business processes, before they actually launched the attacks.