The new ZeroCleare malware has been used in destructive attacks against energy companies in the Middle East.
The DHS and FBI say North Korean-backed attackers are using a powerful new piece of malware known as Hoplight to infiltrate target machines.
Investigations by the NSA and Uk's NCSC found that the Russian Turla attack group was using compromised C2 infrastructure and tools belonging to an Iranian APT group in several operations.
The FIN7 group has begun deploying new tools, including a module that specifically targets a remote administration tool for payment card systems.
An attack group known as Phosphorus that is linked to the Iranian government has targeted email accounts of U.S. government officials and people associated with a presidential campaign.