security


Aug 8, 2019

Update on 2015 Security Incident

We recently received new information regarding our 2015 security incident which is relevant to Linode customers who activated their account before 2016. As detailed in our January 2016 blog post, we reset passwords for all users at that time after investigating unauthorized access to some customer accounts. This new information confirms the scope of database […]

Security
May 15, 2019

Intel’s MDS (ZombieLoad) CPU Vulnerabilities & Linode

This week Intel publicly disclosed a group of processor vulnerabilities known as Microarchitectural Data Sampling (MDS), also referred to as “ZombieLoad”. MDS affects systems that host virtual machines from varying security domains and/or that the system owner does not fully trust, which includes Linode’s infrastructure and Linodes themselves.

Announcements, Linode, Security
Aug 16, 2018

Intel’s L1TF CPU Vulnerabilities & Linode

Earlier this week Intel publicly disclosed a new class of processor vulnerabilities known as L1 Terminal Fault (L1TF). Variants of L1TF affect many single and multi-tenant environments, including some of Linode’s infrastructure and Linodes themselves. Read on for what you can do…

Announcements, Security
May 22, 2018

Spectre Variants 3a and 4 (Spectre-NG) and Linode: What you need to know

Here’s what you need to know for your Linode with regard to Spectre variants 3a and 4.

Announcements, Linode, Security
May 16, 2018

Linode’s New Bug Bounty Program – Now on HackerOne

We are excited to announce the launch of our new private Bug Bounty program on HackerOne!

Announcements, Security
Jan 24, 2018

An Update to Meltdown: Mitigation Deployed

Per our last post, we wanted to provide a brief follow up on the status of the Meltdown mitigation at Linode.

Announcements, Security
Jan 3, 2018

CPU Vulnerabilities: Meltdown & Spectre

A number of serious security vulnerabilities affecting many CPU architectures were disclosed this week (CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754) by Google’s Project Zero team and others. Here’s what we know and our current status.

Announcements, Security