Linode Blog > The Linode Security Team

We are proud to announce the opening of our ninth datacenter: Tokyo 2. There has been high demand for additional Linode capacity in this region and we’re excited to open up availability. Tokyo 2 offers all of the features and services as our other datacenters, at standard Linode pricing. Connectivity into Tokyo 2 features a […]

Linode has completed initial Internet capacity upgrades in all facilities. All of our data centers are now multi-homed with several tier-1 transit providers and the largest peering exchanges in the world. This marks a milestone in Linode’s history: we now manage our own true service provider network, allowing us to deliver robust and reliable connectivity. […]

A privilege escalation vulnerability being branded as “Dirty Cow” (CVE-2016-5195) was recently discovered and fixed yesterday in the Linux Kernel. It has existed for 11 years, so pretty much every device running Linux is affected (this includes VMs, physical machines, mobile devices, and so on) and, in general, distros from every vendor are affected. Linode […]

In his January blog post, Alex Forster articulated that we have a plan in motion to upgrade the network across all of our data centers. We would like to share with everyone what has been done so far, and what still needs doing. Staffing up Since December 2015, we’ve added two new members to our […]

On January 5, 2016, we issued a password reset for all Linode customers during our investigation into the unauthorized access of three customer accounts. We have been working with federal authorities on these matters and their criminal investigations are ongoing. Today we are sharing our findings and those of the third-party security firm we retained […]

Over the twelve days between December 25th and January 5th, Linode saw more than a hundred denial-of-service attacks against every major part of our infrastructure, some severely disrupting service for hundreds of thousands of Linode customers. I’d like to follow up on my earlier update by providing some more insight into how we were attacked […]

Effective immediately, Linode Manager passwords have been expired. You will be prompted to set a new password on your next login. We regret this inconvenience, however this is a necessary precaution. A security investigation into the unauthorized login of three accounts has led us to the discovery of two Linode.com user credentials on an external […]

A new security advisory, CVE-2015-3456 called VENOM (Virtualized Environment Neglected Operations Manipulation), was released today. Our Security Team has thoroughly reviewed this vulnerability and we wanted to take a moment to reassure Linode customers that this vulnerability does not affect any part of the Linode infrastructure and no action is required on your part. What […]

Yesterday, Google published the discovery of an SSL 3.0 vulnerability named “POODLE.” This vulnerability allows an attacker to decrypt transferred data and successfully read plain text. While many browsers support newer, more secure protocols, an attacker can create connectivity issues, causing the browser to fall-back to the vulnerable SSL 3.0 protocol. Is Linode Infrastructure Vulnerable? […]

On April 7, 2014 a vulnerability (CVE-2014-0160, also known as “Heartbleed”) was released that could allow attackers to view sensitive information in a server’s memory such as secret keys and passwords. Given the severity of this problem, Linode has taken the necessary steps to keep our customers and their information safe from potential attacks. Am […]

Introducing Network Hotplug Now you can add, remove, or swap IPs on the fly, without the need to reboot your Linode.  Previously the network infrastructure rules that govern a Linode’s networking capabilities were only rebuilt on boot.  Now this is done automatically when you make changes, and without the need for a reboot, and will take effect […]