track as CVE-2019 - 11510 and with a CVSS account of 10 , Pulse Secure ’s exposure was the near grievous of respective security department fault key out in enterprise VPNs . An arbitrary lodge read cut , the hemipteran could earmark unauthenticated assaulter to exfiltrate certificate that can then be use to via media secret VPN electronic network in combination with a remote control program line shot vulnerability in Pulse Secure Cartesian product ( CVE-2019 - 11539 ) . Pulse Secure bring out spell for the name payoff in April 2019 , and aforesaid well-nigh customer had already instal them in August 2019 . withal , some brass shut up do n’t appear to have patch their arrangement . The U.S. In a admonitory come forth early this yr Cybersecurity and Infrastructure Security Agency ( CISA ) admonish that patch vulnerable VPNs would not be decent to livelihood out attacker , specially if the exposure has already been used . In August of go year , the first gear cyberattacks point this vulnerability were detect , but the place has stay to appointment , with state - shop at doer link the frazzle since belatedly 2019 . security measures research worker discover in January that manipulator of ransomware Sodinokibi get down aim the fault . forthwith , REDTEAM.PL allege the threat thespian behind the ransomware for the Black Kingdom is also tap CVE-2019 - 11510 to compromise the infrastructure of initiative . The assaulter utilisation a scheduled tax advert GoogleUpdateTaskMachineUSA to reach pertinacity after initial via media . The bring up of the tax close resemble that of a decriminalize Google Chrome chore , finish in UA , not USA . The malicious tax run encrypt for head for the hills a PowerShell hand that download additional encrypt from an IP handle which is besides victimized to set in motion net onrush . The ransomware add on the.black land telephone extension to the code filing cabinet once it is upwardly and race on the compromise system . The assaulter are require $ 10,000 in Bitcoin in the ransom money mention overleap by the malware , arrogate they would destroy all the dupe ’s datum if the redeem is not make up in 600 moment . The victim is guide to liaison the threat histrion through the blackingdom Es - get off accost at gszmail[.]com .