Attackers are compromising home routers and changing the DNS settings to redirect victims to a site serving malware.
An attack campaign has targeted financial services using a new type of backdoor since early January, FireEye said.
A recent Emotet malware campaign is homing in on victims in the military and government sectors.
Microsoft looked at Windows Events Log to understand what RDP brute-force attacks looked like in the enterprise, and found that attackers frequently space out the login attempts over several days to avoid detection.
The new ZeroCleare malware has been used in destructive attacks against energy companies in the Middle East.