It’s been another fantastic year on The State of Security blog. With over 350 blogs published from all walks of the security community, we like to think of the blog as more of an industry resource that caters to not only experienced security professionals but also to those who are new to the community.

To finish the year off, I wanted to look back on some of my personal favorites. I’ve tried to include a mixture of different styles, topics and authors. If you haven’t already, have a read of the 10 State of Security blog posts below and sign up to our daily feed here.

AWS Builder Community Hub

Looking at BlueKeep Mitigating Risk in Unsupported Operating SystemsMitigating Risk and High-Risk Vulnerabilities in Unsupported Operating Systems: BlueKeep Edition | By Gary DiFazio

BlueKeep (CVE- 2019-0708) was big news in 2019. The vulnerability was described as “wormable” by Microsoft, and users were warned that BlueKeep might be exploited in a similar fashion to how the WannaCry ransomware used the Eternal Blue vulnerability to spread widely in 2017. As with WannaCry, many organizations were vulnerable to this exploit, especially those who use operating systems like Windows XP. In this blog, ICS security expert, Gary DiFazio looks at the impact this vulnerability has on the ICS environment and provides some tips to help users stay secure.

Read the full blog here.

6 Common Phishing Attacks and How to Protect Against Them

6 Common Phishing Attacks and How to Protect Against Them | By David Bisson




It’s almost 2020, and phishing attacks still don’t show any sign of slowing down. In this blog, David Bisson looks at six of the most common methods of phishing attacks and then provides useful tips for readers on how they can protect themselves. Also, this blog is complemented by some great graphics to share with your colleagues, family and friends.

Read the full blog on the (Read more...)