An attacker is exploiting open Docker API ports to gain a foothold and install a piece of malware called Kinsing that tries to mine Bitcoin.
Attackers are compromising home routers and changing the DNS settings to redirect victims to a site serving malware.
An attack campaign has targeted financial services using a new type of backdoor since early January, FireEye said.
A recent Emotet malware campaign is homing in on victims in the military and government sectors.
Microsoft looked at Windows Events Log to understand what RDP brute-force attacks looked like in the enterprise, and found that attackers frequently space out the login attempts over several days to avoid detection.