Yo dawg, I heard you like droppers so I put a dropper in your dropper
On 2019-11-18 we received a report that some of Polish users have began receiving malspam imitating DHL:
In this short article, we’ll take a look at the xls document that has been used as a (1st stage) dropper distributing another well-known (2nd stage) dropper – brushaloader.
Network traffic directed to dark address space of IPv4 protocol can be a good source of information about current state of the Internet. Despite the fact that no packets should be sent to such addresses, in practice various traffic types can be observed there, for example echoes of Denial of Service (DoS) attacks, automated port scanners or misconfiguration of some client software. 
Often the packets are sent periodically, i.e. in regular intervals. This periodicity can be analyzed by applying the Discrete Fourier Transform (DFT) to the network traffic. Our report shows how such analysis can be performed and also its results. You can read the report here.
