Being "number 1" isn't always a good thing.  Rapid7 has just published their third annual "National Exposure Index," and unfortunately, the United States has the dubious honor of being the nation most at risk for a cyber attack on its core services.

Another week, another new threat.  This time, in the form of a new strain of malware that researchers are calling InvisiMole.  The new threat was discovered by researchers at ESET, who found it on a number of hacked computers in Russia and the Ukraine.

Cyber-criminals around the world are increasingly focusing their attention on job seekers.  According to the security firm Flashpoint, there has been a notable uptick in ploys involving phony job listings that attempt to get job seekers to give up personal information.

Another week, another high-profile data breach, but this one can be filed under "Missed Opportunity."  The site in question is "TicketFly," which is a web-based event ticket sales website owned by a company called Eventbrite. The TicketFly website was down since May 31st, and the normal homepage had been replaced by an image of Guy Fawkes with the message "Your Security Down I'm Not Sorry.

It seems like a new attack vector emerges on a weekly basis, and this week is no exception.  The latest threat:  Emails containing specialized audio files whose acoustic vibrations can damage your computer's hard drive. This is possibly damaging to the point of causing system failure, data corruption, and making it impossible to successfully reboot your machine.

Cisco's Talos Security Team has identified a new threat, and it's a nasty one impacting more than half a million consumer-grade routers in the US.  According to the Talos Team's report, the new malware is impacting a broad cross-section of routers made by TP-Link, QNAP, Netgear, Mikrotik, and Linksys.

There's a new security threat to be worried about, and security professionals are warning that it could be very bad indeed.  The new malware is known as the "Vega Stealer," and is currently being used in a relatively simplistic phishing campaign designed to harvest financial data that has been saved in both Google Chrome and Firefox browsers.

An identity threat company called 4iQ has recently published a report called "Identities in the Wild:  The Tsunami of Breached Identities Continues."  Unfortunately, the information in the report contains all bad news.  Some of the details are simply confirmations of things we already knew, and some are shocking statistics that will leave you feeling dismayed.

Security researcher Assaf Baharav from Check Point Security has discovered a new twist on an old, fairly well-known attack.  He was able to essentially "weaponize" PDFs to steal Windows credentials stored in NTLM hashes.  Unfortunately, no action other than simply opening the PDF is required for the hacker to gain access to the information.

Recently, a new strain of malware called "SquirtDanger" has been found by researchers at Palo Alto Networks Unit 42, and it's a particularly nasty one for a couple of reasons.  First and foremost, the owner of the malware isn't orchestrating campaigns himself, but rather, selling his product as a commodity on the Dark Web.