For the year 2014, MyCERT has continued to receive, observe and analyze reported incidents within Malaysian constituency. The 2 case studies were involving APT and mobile threats however had impacted two major CNII (Critical National Infrastructure Institution). Spear-phishing was detected as the attack vector against a high-profile target on the campaign for APT attack. Spear-phishing via e-mail with attachment had been disseminated to the target organization as bait to install malware and this attack has also pulled the trigger on tackling such incident in government agencies entirely. On the other hand, the revolution of mobile technology has likely begun to threat or becoming as a favorite target of cyber criminals, mostly to organizations whose have allowed their customers to do transactions via mobile/apps. The infected smartphones can be hijacked remotely and potentially used for fraudulent purposes and its becoming focused on making profit more effectively. The infected device had also been used for spreading the malware to other smartphones by sending a link or attachment via popular text communication such as SMS. The presentation will describe how these attacks were detected and its implications.