It’s been a fantastic year on The State of Security blog. We’ve seen a real plethora of high-quality articles and here are my 10 favorites!

A selection of this week’s more interesting vulnerability disclosures and cyber security news. As we plummet to the end of 2018 in this odd Twilight-zone period between Xmas and New Year. If you’re not out there fending off the hackers then you could be stuck at home feeling in need of geeky fun as family and TV can only go so far. How about this to wind up the family?

Rohan Viegas of VMRay explains some of the key factors IT security teams should consider when evaluating a malware analysis sandbox and whether it’s a good fit for their existing SIEM environment. He then outlines how VMRay Analyzer complements and enhances the capabilities of AlienVault’s flagship platform, USM Anywhere.

Doxxing means publishing private information about someone online to harass or intimidate them. It has ruined reputations and caused untold distress to hundreds of people. On occasion, doxxing has resulted in injury or even death. Being doxxed can have serious consequences for your safety and privacy. How can you prevent it?

If you use a free VPN, then you have to wonder how your provider earns money to cover their own costs. The answer often involves advertising, but it can also be through far more sinister means. Running a VPN service costs a significant amount of money. There are setup costs, infrastructure costs, labor and other running costs. The companies behind these services generally want to make a profit as well.

Threat hunting is the practice of iteratively and proactively hunting for threats or Advanced Persistent Threats (APT) that are launched by adversaries. Unlike traditional security systems such as antivirus program, firewalls, or SIEM, who use a reactive approach to threats, threat hunting utilizes a proactive approach to pursuing threats even before they compromise organization’s network or IT infrastructure.

We all know the perks of allowing employees to work remotely. From lower overhead (less snacks and drinks to provide) to increased productivity and job satisfaction, working from home is becoming more and more common in today’s business landscape. Unfortunately, with this system comes many data security risks to consider. With so many devices being used for work and various network connections to monitor, how can you allow your employees to work remotely and still maintain data security?

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Looks like the year is ending with some IoT hell. Nice…. First off we have international news of drones keeping planes on the ground at a major airport causing total chaos with no idea how to deal with it.

Healthcare is under fire and there’s no sign of the burn slowing. Look, it’s no secret that hackers have been targeting hospitals and other healthcare providers for several years — and probably no surprise that healthcare is one of the top target industries for cybercrime in 2018. In the US alone, in fact, more than 270 data breaches affecting nearly 12 million individuals were submitted to the U.S. HHS Office for Civil Rights breach portal (as of November 30, 2018).

It’s been a great year for Detectify and there’s a lot that’s happened for us as we continue to grow our teams and business. Join us for a proverbial toast to the year as we share a recap of our highlights.