Slashdot Mirror

← Back to Domains

Domain: linode.com

Stories and comments across the archive that link to linode.com.

Stories · 4

  1. Linode Resets Passwords After Credentials Leak (linode.com)

    It · Cloud · · posted by Soulskill · from the another-day-another-breach dept. · 55 comments
    New submitter qmrq sends news that Linode, a major provider of virtual private servers, has been compromised again. In a blog post, they said, "A security investigation into the unauthorized login of three accounts has led us to the discovery of two Linode.com user credentials on an external machine. This implies user credentials could have been read from our database, either offline or on, at some point. The user table contains usernames, email addresses, securely hashed passwords and encrypted two-factor seeds." The Linode team said it found evidence of unauthorized access to three customer accounts. They don't yet know who is behind the attacks.

    An employee for PagerDuty said they were compromised through Linode Manager all the way back in July. "In our situation the attacker knew one of our user's passwords and MFA secret. This allowed them to provide valid authentication credentials for an account in the Linode Manager. It's worth noting that all of our active user accounts had two-factor authentication enabled. ... We also have evidence from access logs provided by Linode that the attackers tried to authenticate as an ex-employee, whose username ONLY existed in the Linode database."

  2. Linode Under DDoS Since Christmas (linode.com)

    Tech · Internet · · posted by Soulskill · from the angry-people-creating-other-angry-people dept. · 149 comments
    hol writes: Linode has been getting hit with DDoS attacks since Christmas Day, and it looks like their pain is set to continue. The attackers are rotating DDoS traffic through various regions of Linode's service. They say, "All of these attacks have occurred multiple times. Over the course of the last week, we have seen over 30 attacks of significant duration and impact. As we have found ways to mitigate these attacks, the vectors used inevitably change. As of this afternoon, we have mostly hardened ourselves against the above attack vectors, but we expect more to come. ... Once these attacks stop, we plan to share a complete technical explanation about what has been happening." See their status page for updates.

  3. Linode Hacked, Credit Cards and Passwords Leaked

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 112 comments
    An anonymous reader writes "On Friday Linode announced a precautionary password reset due to an attack despite claiming that they were not compromised. The attacker has claimed otherwise, claiming to have obtained card numbers and password hashes. Password hashes, source code fragments and directory listings have been released as proof. Linode has yet to comment on or deny these claims."

  4. Virtual Server Hosting?

    · posted by ryuzaki0 · from the be-your-own-root dept. · 71 comments
    Eric Anderson asks: "I am shopping around for virtual hosting providers using something like UserModeLinux to allow me to have at least a virtual box to admin for myself. The current two companies that I am looking at are TekTonic and Linode. The price is right for these two companies, but I would like to know of any other suggested companies to look at, and opinions from people that have used these services. I am mostly buying this 'just for fun', but would also be interested in opinions on using these services in a business environment as well."