Recent Remote Desktop Protocol (RDP) attacks that can take over your computer by "brute force."

There are several malware already known to be using the RDP brute-force attack to target its victims.

In March 2020, a new TrickBot module (rdpScanDll) was observed, that allowed the malware to brute-force Remote Desktop Protocol (RDP) credentials.
In September 2019, Smominru botnet was observed to infect nearly 90,000 machines in a month, by performing brute force attacks on MS-SQL, RDP, and Telnet services, as well as by using EternalBlue vulnerability.
In June 2019, the GoldBrute Botnet was found brute-forcing around 1.5 million RDP Servers across the globe.
In January 2019, the infamous CryptoMix ransomware was enhanced with several new tricks, one of which was the capability to conduct RDP Brute-force attacks.

How to stay safe?
Here are some guidelines to avoid becoming a victim of an RDP brute force attack.

Avoid the default ‘Administrator’ accounts and try to create new custom user accounts. Use strong usernames and passwords. 
Set role-based privileges to all the remote access accounts, and for all users, allocate only the minimum required privileges only.
Set up a simple policy of accounts getting locked out after a certain number of failed attempts within a specified amount of time.
Use RDP Gateways, that offers a point-to-point RDP connection and thus avoiding risks associated with traditional remote user access to all internal network resources.