| 2022-04-20 | Brad Duncan | "aa" distribution Qakbot (Qbot) infection with DarkVNC traffic |
| 2021-12-02 | Brad Duncan | TA551 (Shathak) pushes IcedID (Bokbot) |
| 2021-09-01 | Brad Duncan | STRRAT: a Java-based RAT that doesn't care if you have Java |
| 2021-03-03 | Brad Duncan | Qakbot infection with Cobalt Strike |
| 2021-02-03 | Brad Duncan | Excel spreadsheets push SystemBC malware |
| 2021-01-26 | Brad Duncan | TA551 (Shathak) Word docs push Qakbot (Qbot) |
| 2021-01-20 | Brad Duncan | Qakbot activity resumes after holiday break |
| 2021-01-13 | Brad Duncan | Hancitor activity resumes after a hoilday break |
| 2020-12-09 | Brad Duncan | Recent Qakbot (Qbot) activity |
| 2020-10-26 | Didier Stevens | Excel 4 Macros: "Abnormal Sheet Visibility" |
| 2020-10-14 | Brad Duncan | More TA551 (Shathak) Word docs push IcedID (Bokbot) |
| 2020-08-07 | Brad Duncan | TA551 (Shathak) Word docs push IcedID (Bokbot) |
| 2020-07-15 | Brad Duncan | Word docs with macros for IcedID (Bokbot) |
| 2020-07-10 | Brad Duncan | Excel spreasheet macro kicks off Formbook infection |
| 2020-06-10 | Brad Duncan | Job application-themed malspam pushes ZLoader |
| 2020-06-01 | Didier Stevens | XLMMacroDeobfuscator: An Update |
| 2020-05-20 | Brad Duncan | Microsoft Word document with malicious macro pushes IcedID (Bokbot) |
| 2020-04-05 | Guy Bruneau | Maldoc XLS Invoice with Excel 4 Macros |
| 2020-03-29 | Didier Stevens | Obfuscated Excel 4 Macros |
| 2020-03-09 | Didier Stevens | Malicious Spreadsheet With Data Connection and Excel 4 Macros |
| 2020-02-24 | Didier Stevens | Maldoc: Excel 4 Macros and VBA, Devil and Angel? |
| 2020-02-23 | Didier Stevens | Maldoc: Excel 4 Macros in OOXML Format |
| 2019-06-18 | Brad Duncan | Malspam with password-protected Word docs pushing Dridex |
| 2019-03-17 | Didier Stevens | Video: Maldoc Analysis: Excel 4.0 Macro |
| 2019-03-16 | Didier Stevens | Maldoc: Excel 4.0 Macros |
