New reports from the Internet security teams at Symantec (SYMC, Tech30) and Verizon (VZ, Tech30) provide an alarming picture of how difficult it's becoming for computer users to stay safe online.

Last year was a big one for high-profile cybercrime, from the Heartbleed bug to major corporate attacks, and Sony's embarrassing hack.

Symantec's analysis of security threats in 2014 revealed thieves are working faster than companies can defend themselves, and launching more malicious attacks than in previous years.

More than 317 million new pieces of malware -- computer viruses or other malicious software -- were created last year. That means nearly one million new threats were released each day.

But hackers actually relied on incredibly old computer bugs that companies just haven't gotten around to fixing yet, according to Verizon's 2015 Data Breach Investigations Report.

In nearly 90% of cases, hackers relied on computer bugs that have been around since 2002. The third most popular option for hackers is a glitch in the way an IT manager remotely manages corporate PCs -- one that's existed since 1999. Companies could and should be patching this stuff, but they don't.

"While it seems like a no brainer for fix some of these things, organizations care more about making widgets," said Verizon security data scientist Bob Rudis. "They just don't have the manpower or time."