Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Ryan Seguin

Security Response Manager

Ryan Seguin's picture

Ryan joined Tenable in 2013 as a customer support engineer assisting customers with technical troubleshooting and product education. After that, he helped create dashboard and report templates for SecurityCenter that users can download through the Tenable.sc feed. Now Ryan is a member of the Security Response team, informing customers of the latest security threats, and providing in-depth analytics for today’s most critical vulnerabilities.

Interests outside of work: Ryan is a retro video game console/arcade hardware enthusiast and modder, and he is also studying Japanese and hopes to one day be fluent.

Blog Post

CVE-2020-1472: 'Zerologon' Vulnerability in Netlogon Could Allow Attackers to Hijack Windows Domain Controller

Monday, September 14, 2020

Security researchers reveal how the cryptographic authentication scheme in Netlogon can be exploited to take control of a Windows domain controller (DC). Update: September 21, 2020: The ‘Identifying Affected Systems’...

Blog Post

CVE-2020-10713: “BootHole” GRUB2 Bootloader Arbitrary Code Execution Vulnerability

Wednesday, July 29, 2020

Recently disclosed vulnerability in GRUB2 bootloader dubbed “BootHole” could allow an attacker to gain silent malicious persistence by attacking the GRUB2 config file, grub.cfg. Background On July 29, researchers at...

Blog Post

CVE-2020-8193, CVE-2020-8195, and CVE-2020-8196: Active Exploitation of Citrix Vulnerabilities

Wednesday, July 15, 2020

Following active exploitation against F5 BIG-IP devices, exploit attempts targeting newly disclosed vulnerabilities in Citrix products have begun, which include potential extraction of VPN sessions on vulnerable targets. Background On...

Blog Post

CVE-2020-11896, CVE-2020-11897, CVE-2020-11901: Ripple20 Zero-Day Vulnerabilities in Treck TCP/IP Libraries Disclosed

Tuesday, June 16, 2020

Researchers discovered 19 new zero-day vulnerabilities in a TCP/IP software library developed by Treck. Dubbed Ripple20, the batch includes CVE-2020-11901, which has the potential to allow control of an internet-connected...

Blog Post

CVE-2020-12720: vBulletin Urges Users to Patch Undisclosed Security Vulnerability

Friday, May 8, 2020

vBulletin released patches for an undisclosed security vulnerability, encouraging users to apply the patch as soon as possible. Update 05/12/20: Updated the Analysis and Proof of concept section to reflect...

Blog Post

Adobe Type Manager Library Font Parsing Remote Code Execution Vulnerabilities Exploited in the Wild (ADV200006)

Monday, March 23, 2020

Microsoft releases an out-of-band advisory for remote code execution vulnerabilities being actively exploited in the wild. Update April 14, 2020: Microsoft has updated its advisory with reference to CVE-2020-1020 ,...

Blog Post

ThemeGrill Demo Importer Vulnerability Actively Exploited in the Wild

Tuesday, February 18, 2020

Severe vulnerability in ThemeGrill Demo Importer WordPress plugin is being actively exploited in the wild. Users should upgrade to version 1.6.3 ASAP. Background The ThemeGrill Demo Importer WordPress plugin allows...

Blog Post

CVE-2019-19781: Unauthenticated Remote Code Execution Vulnerability in Citrix ADCs and Gateways

Monday, December 23, 2019

Citrix urges customers to apply mitigation steps for CVE-2019-19781, a remote code execution vulnerability exploitable through specially crafted HTTP requests to vulnerable devices. Background Citrix has released an advisory for...

Blog Post

Oracle Critical Patch Update for October Contains 180 Fixes

Wednesday, October 16, 2019

Oracle addresses 180 CVEs across 219 security patches in October’s Critical Patch Update, including a critical vulnerability in Oracle NoSQL Database. On October 15, Oracle released its Critical Patch Update...

Blog Post

Critical Zero-Day Pre-authentication Remote Code Execution Exploit Published for 5.x Versions of vBulletin

Tuesday, September 24, 2019

New critical zero-day pre-auth RCE exploit code published on Full Disclosure mailing list for 5.x versions of vBulletin (CVE-2019-16759). UPDATE 09/25/2019 : The background and solution sections below have been...

Pages

Try for Free Buy Now

Try Tenable.io

FREE FOR 30 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now
Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year. Full details here.

Buy Now
Renew an existing license | Find a reseller
Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 30 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 30 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.

Try for Free Contact Sales

Try Tenable Lumin

FREE FOR 30 DAYS

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Request a demo of Tenable.ot

Get the Operational Technology Security You Need.
Reduce the Risk You Don’t.