Do not let the guest VM (that may contain malware) from running unattended in the background.Ensure to install timely updates to the VM host itself to prevent any possible VM-escape by the malware.Disable clipboard sharing, or maybe even disable the drag-and-drop functionality between the guest VM and the host.Do not share networks between VM guest and your host.
For instance, if you are mostly RE'ing malware or unwanted, or gray-zone software, then you should probably focus on the following (additionally to what I will outline below): Note that the nature of the software that you will be reverse engineering slightly dictates the different configurations for your setup.
I'm putting it all together in one place so that I can refer to it later from other posts. These are my personal choices for the software and configuration, based on years of experience in software reverse engineering. I admit that there are many ways one can set it all up. In this blog post I will share my personal preferences for setting up a virtual machine (or VM) for my reverse engineering work (or RE).