The U.S. government has published details of three new malware tools it says are in use by North Korean state-sponsored attackers.
An attacker is exploiting open Docker API ports to gain a foothold and install a piece of malware called Kinsing that tries to mine Bitcoin.
Attackers are compromising home routers and changing the DNS settings to redirect victims to a site serving malware.
An attack campaign has targeted financial services using a new type of backdoor since early January, FireEye said.
A recent Emotet malware campaign is homing in on victims in the military and government sectors.