| 2021-01-14 | Bojan Zdrnja | Dynamically analyzing a heavily obfuscated Excel 4 macro malicious file |
| 2020-12-12 | Didier Stevens | Office 95 Excel 4 Macros |
| 2020-12-09 | Brad Duncan | Recent Qakbot (Qbot) activity |
| 2020-10-26 | Didier Stevens | Excel 4 Macros: "Abnormal Sheet Visibility" |
| 2020-08-26 | Xavier Mertens | Malicious Excel Sheet with a NULL VT Score |
| 2020-06-12 | Xavier Mertens | Malicious Excel Delivering Fileless Payload |
| 2020-06-01 | Didier Stevens | XLMMacroDeobfuscator: An Update |
| 2020-04-24 | Xavier Mertens | Malicious Excel With a Strong Obfuscation and Sandbox Evasion |
| 2020-04-05 | Guy Bruneau | Maldoc XLS Invoice with Excel 4 Macros |
| 2020-03-29 | Didier Stevens | Obfuscated Excel 4 Macros |
| 2020-03-09 | Didier Stevens | Malicious Spreadsheet With Data Connection and Excel 4 Macros |
| 2020-03-06 | Xavier Mertens | A Safe Excel Sheet Not So Safe |
| 2020-02-24 | Didier Stevens | Maldoc: Excel 4 Macros and VBA, Devil and Angel? |
| 2020-02-23 | Didier Stevens | Maldoc: Excel 4 Macros in OOXML Format |
| 2019-11-08 | Xavier Mertens | Microsoft Apps Diverted from Their Main Use |
| 2019-03-25 | Didier Stevens | "VelvetSweatshop" Maldocs: Shellcode Analysis |
| 2019-03-23 | Didier Stevens | "VelvetSweatshop" Maldocs |
| 2019-03-17 | Didier Stevens | Video: Maldoc Analysis: Excel 4.0 Macro |
| 2019-03-16 | Didier Stevens | Maldoc: Excel 4.0 Macros |
| 2018-10-10 | Xavier Mertens | New Campaign Using Old Equation Editor Vulnerability |
| 2018-09-28 | Xavier Mertens | More Excel DDE Code Injection |
| 2018-05-22 | Xavier Mertens | Malware Distributed via .slk Files |
| 2018-02-02 | Xavier Mertens | Simple but Effective Malicious XLS Sheet |
| 2018-01-14 | Didier Stevens | Peeking into Excel files |
| 2017-04-19 | Xavier Mertens | Hunting for Malicious Excel Sheets |
| 2015-05-15 | Didier Stevens | Another Maldoc? I'm Afraid So... |
| 2010-03-09 | John Bambenek | March 2010 - Microsoft Patch Tuesday Diary |
| 2009-07-13 | Adrien de Beaupre | Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution |
