Vulnerabilities in Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and more. The advanced persistent threat (APT) group known as The Dukes is conducting widespread scanning and exploitation against vulnerable systems The targets include U.S. and allied national-security and government networks. The five bugs under active attack are known, fixed security holes in platforms from Citrix and Fortinet.
Source: https://threatpost.com/nsa-security-bugs-active-nation-state-cyberattack/165446/

