security

We recently received new information regarding our 2015 security incident which is relevant to Linode customers who activated their account before 2016. As detailed in our January 2016 blog post, we reset passwords for all users at that time after investigating unauthorized access to some customer accounts. This new information confirms the scope of database […]

This week Intel publicly disclosed a group of processor vulnerabilities known as Microarchitectural Data Sampling (MDS), also referred to as “ZombieLoad”. MDS affects systems that host virtual machines from varying security domains and/or that the system owner does not fully trust, which includes Linode’s infrastructure and Linodes themselves.

Earlier this week Intel publicly disclosed a new class of processor vulnerabilities known as L1 Terminal Fault (L1TF). Variants of L1TF affect many single and multi-tenant environments, including some of Linode’s infrastructure and Linodes themselves. Read on for what you can do…

Here’s what you need to know for your Linode with regard to Spectre variants 3a and 4.

We are excited to announce the launch of our new private Bug Bounty program on HackerOne!

Per our last post, we wanted to provide a brief follow up on the status of the Meltdown mitigation at Linode.

A number of serious security vulnerabilities affecting many CPU architectures were disclosed this week (CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754) by Google’s Project Zero team and others. Here’s what we know and our current status.