| 2024-07-13 | Didier Stevens | 16-bit Hash Collisions in .xls Spreadsheets |
| 2023-08-23 | Xavier Mertens | More Exotic Excel Files Dropping AgentTesla |
| 2022-07-10 | Guy Bruneau | Excel 4 Emotet Maldoc Analysis using CyberChef |
| 2022-07-07 | Brad Duncan | Emotet infection with Cobalt Strike |
| 2022-04-20 | Brad Duncan | "aa" distribution Qakbot (Qbot) infection with DarkVNC traffic |
| 2022-04-06 | Brad Duncan | Windows MetaStealer Malware |
| 2022-03-25 | Xavier Mertens | XLSB Files: Because Binary is Stealthier Than XML |
| 2022-01-22 | Xavier Mertens | Mixed VBA & Excel4 Macro In a Targeted Excel Sheet |
| 2022-01-05 | Xavier Mertens | Code Reuse In the Malware Landscape |
| 2021-11-19 | Xavier Mertens | Downloader Disguised as Excel Add-In (XLL) |
| 2021-09-25 | Didier Stevens | Strings Analysis: VBA & Excel4 Maldoc |
| 2021-09-25 | Didier Stevens | Video: Strings Analysis: VBA & Excel4 Maldoc |
| 2021-09-23 | Xavier Mertens | Excel Recipe: Some VBA Code with a Touch of Excel4 Macro |
| 2021-09-01 | Brad Duncan | STRRAT: a Java-based RAT that doesn't care if you have Java |
| 2021-03-03 | Brad Duncan | Qakbot infection with Cobalt Strike |
| 2021-02-28 | Didier Stevens | Maldocs: Protection Passwords |
| 2021-02-22 | Didier Stevens | Unprotecting Malicious Documents For Inspection |
| 2021-02-17 | Brad Duncan | Malspam pushing Trickbot gtag rob13 |
| 2021-02-03 | Brad Duncan | Excel spreadsheets push SystemBC malware |
| 2021-01-20 | Brad Duncan | Qakbot activity resumes after holiday break |
| 2021-01-14 | Bojan Zdrnja | Dynamically analyzing a heavily obfuscated Excel 4 macro malicious file |
| 2020-12-12 | Didier Stevens | Office 95 Excel 4 Macros |
| 2020-12-09 | Brad Duncan | Recent Qakbot (Qbot) activity |
| 2020-10-26 | Didier Stevens | Excel 4 Macros: "Abnormal Sheet Visibility" |
| 2020-08-26 | Xavier Mertens | Malicious Excel Sheet with a NULL VT Score |
| 2020-06-12 | Xavier Mertens | Malicious Excel Delivering Fileless Payload |
| 2020-06-01 | Didier Stevens | XLMMacroDeobfuscator: An Update |
| 2020-04-24 | Xavier Mertens | Malicious Excel With a Strong Obfuscation and Sandbox Evasion |
| 2020-04-05 | Guy Bruneau | Maldoc XLS Invoice with Excel 4 Macros |
| 2020-03-29 | Didier Stevens | Obfuscated Excel 4 Macros |
| 2020-03-09 | Didier Stevens | Malicious Spreadsheet With Data Connection and Excel 4 Macros |
| 2020-03-06 | Xavier Mertens | A Safe Excel Sheet Not So Safe |
| 2020-02-24 | Didier Stevens | Maldoc: Excel 4 Macros and VBA, Devil and Angel? |
| 2020-02-23 | Didier Stevens | Maldoc: Excel 4 Macros in OOXML Format |
| 2019-11-08 | Xavier Mertens | Microsoft Apps Diverted from Their Main Use |
| 2019-03-25 | Didier Stevens | "VelvetSweatshop" Maldocs: Shellcode Analysis |
| 2019-03-23 | Didier Stevens | "VelvetSweatshop" Maldocs |
| 2019-03-17 | Didier Stevens | Video: Maldoc Analysis: Excel 4.0 Macro |
| 2019-03-16 | Didier Stevens | Maldoc: Excel 4.0 Macros |
| 2018-10-10 | Xavier Mertens | New Campaign Using Old Equation Editor Vulnerability |
| 2018-09-28 | Xavier Mertens | More Excel DDE Code Injection |
| 2018-05-22 | Xavier Mertens | Malware Distributed via .slk Files |
| 2018-02-02 | Xavier Mertens | Simple but Effective Malicious XLS Sheet |
| 2017-04-19 | Xavier Mertens | Hunting for Malicious Excel Sheets |
| 2015-05-15 | Didier Stevens | Another Maldoc? I'm Afraid So... |
| 2010-03-09 | John Bambenek | March 2010 - Microsoft Patch Tuesday Diary |
| 2009-07-13 | Adrien de Beaupre | Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution |
