istr-22-2017-en.pdf (2 MB)

Symantec's 2017 Internet Security Threat Report excerpt provides broad 2016 threat-trend context rather than usable Appleworm-specific evidence. It highlights targeted attacks, financial cybercrime, ransomware, exploit kits, IoT botnets, mobile threats, cloud risks, spear-phishing, macros, PowerShell, and other living-off-the-land tactics observed across Symantec telemetry. The available text does not include a DPRK, North Korea, Lazarus, Appleworm, Kimsuky, Andariel, APT37, or APT38 section with concrete actor activity, victimology, tooling, infrastructure, or indicators. For Lazarus Day, the supported takeaway is limited to general background on the 2016 targeted-attack landscape and common attacker tradecraft, not a confirmed DPRK-linked finding.