| 2024-02-21 | Jan Kopriva | Phishing pages hosted on archive.org |
| 2023-11-17 | Jan Kopriva | Phishing page with trivial anti-analysis features |
| 2023-09-26 | Jan Kopriva | A new spin on the ZeroFont phishing technique |
| 2023-08-31 | Jan Kopriva | The low, low cost of (committing) cybercrime |
| 2023-05-15 | Jan Kopriva | Ongoing Facebook phishing campaign without a sender and (almost) without links |
| 2023-05-01 | Jan Kopriva | "Passive" analysis of a phishing attachment |
| 2023-03-15 | Jan Kopriva | IPFS phishing and the need for correctly set HTTP security headers |
| 2023-02-19 | Didier Stevens | "Unsupported 16-bit Application" or HTML? |
| 2023-02-16 | Jan Kopriva | HTML phishing attachment with browser-in-the-browser technique |
| 2022-12-02 | Brad Duncan | obama224 distribution Qakbot tries .vhd (virtual hard disk) images |
| 2022-10-16 | Didier Stevens | Video: Analysis of a Malicious HTML File (QBot) |
| 2022-10-13 | Didier Stevens | Analysis of a Malicious HTML File (QBot) |
| 2022-07-13 | Xavier Mertens | Using Referers to Detect Phishing Attacks |
| 2022-02-11 | Xavier Mertens | CinaRAT Delivered Through HTML ID Attributes |
| 2021-10-03 | Didier Stevens | Video: CVE-2021-40444 Maldocs: Extracting URLs |
| 2021-09-19 | Didier Stevens | Video: Simple Analysis Of A CVE-2021-40444 .docx Document |
| 2020-06-15 | Rick Wanner | HTML based Phishing Run |
| 2018-09-13 | Xavier Mertens | Malware Delivered Through MHT Files |
| 2014-01-13 | Johannes Ullrich | Special Webcast today: HTML5, Risky Business or Hidden Security Toolchest? https://www.sans.org/webcasts/html5-risky-business-hidden-security-tool-chest-mobile-web-app-authentication-97650 |
| 2011-12-22 | Johannes Ullrich | Firefox 9 Security Fixes |
