Today I received an email from Media Temple that there was an "impending change to the passwords for all database users on your (gs) Grid Service.  Unfortunately there has seems to have been a brute-froce hack attempt on Media Temple servers.  Nonetheless, the website hosting company is not only changing the passwords for it's customer's databases automaticcaly, they are also automatically updating the database configurations in most popular CMS applications (such as Joomla, Drupal & Wordpress)

As owner of a few databases (and responsible for many more at matrixx), this is why I recommend media temple.  Now if I could get everyone to update their site to "most major CMS applications" … 

@AnthonyCerreta
…from my g1

———- Forwarded message ———-
From: "(mt) Media Temple"
Date: Mar 12, 2010 7:31 PM
Subject: Notice of Upcoming MySQL Database User Password Change
To: "Anthony Cerreta"

Dear Site Owner,

This is a preliminary notification about an impending change to the passwords for all database users on your (gs) Grid-Service. Due to recent developments regarding System Incident #1167, we have found that this action is a required safety precaution: http://weblog.mediatemple.net/weblog/category/system-incidents/gs-investigating-potential-exploit/

We will send you an additional email notification 24-hours prior to the actual change.

VERY IMPORTANT:

Please do not change your database user passwords back to their former value(s). Returning database passwords back to previous versions may allow malicious parties to gain future access to one or more of your databases. If you do choose to change one or more database passwords back, you will be notified by (mt) Media Temple and your site may be temporarily suspended.

In an attempt to make this a more seamless process, (mt) Engineers have developed custom scripts that automatically find and update the database configuration files used by most major CMS applications (if installed using standard methods). The scripts were designed to auto-update the following:

 - Drupal
 - Joomla
 - Expression Engine
 - Magento
 - Miva
 - phpBB3
 - WordPress
 - vBulletin
 - ZenCart
 - all standard Rails and Django applications

In other words: If you are using one of those applications, not only will we be automatically updating your database user passwords, we will also update your CMS/application configuration to include the new passwords. If you happen to use other database-oriented applications, the following article contains an FAQ regarding this email notification and also discusses how to update your database configuration files and/or reset database passwords: http://kb.mediatemple.net/questions/1807/

While closer investigation is still underway, we believe that certain database passwords were possibly obtained by hackers via trial-and-error methods. Unfortunately, these "brute forcing" techniques may have slipped passed our intrusion detection systems: http://en.wikipedia.org/wiki/Password_cracking

We understand that changing database passwords is not a preferred solution, but we have exhausted all other routes to try to avoid this specific action. Once the password change has been completed, you will be notified via email and our internal system will automatically open a new Support Request for your account within the AccountCenter. If you have any questions, please feel free to contact us at any time, and we thank you for your patience and understanding regarding this matter.

Regards,

(mt) Media Temple, Inc
Hosting Operations

Posted via email from ntho: anthony cerreta

Today I received an email from Media Temple that there was an "impending change to the passwords for all database users on your (gs) Grid Service.  Unfortunately there has seems to have been a brute-froce hack attempt on Media Temple servers.  Nonetheless, the website hosting company is not only changing the passwords for it's customer's databases automaticcaly, they are also automatically updating the database configurations in most popular CMS applications (such as Joomla, Drupal & Wordpress)

As owner of a few databases (and responsible for many more at matrixx), this is why I recommend media temple.  Now if I could get everyone to update their site to "most major CMS applications" … 

@AnthonyCerreta
…from my g1

———- Forwarded message ———-
From: "(mt) Media Temple"
Date: Mar 12, 2010 7:31 PM
Subject: Notice of Upcoming MySQL Database User Password Change
To: "Anthony Cerreta"

Dear Site Owner,

This is a preliminary notification about an impending change to the passwords for all database users on your (gs) Grid-Service. Due to recent developments regarding System Incident #1167, we have found that this action is a required safety precaution: http://weblog.mediatemple.net/weblog/category/system-incidents/gs-investigating-potential-exploit/

We will send you an additional email notification 24-hours prior to the actual change.

VERY IMPORTANT:

Please do not change your database user passwords back to their former value(s). Returning database passwords back to previous versions may allow malicious parties to gain future access to one or more of your databases. If you do choose to change one or more database passwords back, you will be notified by (mt) Media Temple and your site may be temporarily suspended.

In an attempt to make this a more seamless process, (mt) Engineers have developed custom scripts that automatically find and update the database configuration files used by most major CMS applications (if installed using standard methods). The scripts were designed to auto-update the following:

 - Drupal
 - Joomla
 - Expression Engine
 - Magento
 - Miva
 - phpBB3
 - WordPress
 - vBulletin
 - ZenCart
 - all standard Rails and Django applications

In other words: If you are using one of those applications, not only will we be automatically updating your database user passwords, we will also update your CMS/application configuration to include the new passwords. If you happen to use other database-oriented applications, the following article contains an FAQ regarding this email notification and also discusses how to update your database configuration files and/or reset database passwords: http://kb.mediatemple.net/questions/1807/

While closer investigation is still underway, we believe that certain database passwords were possibly obtained by hackers via trial-and-error methods. Unfortunately, these "brute forcing" techniques may have slipped passed our intrusion detection systems: http://en.wikipedia.org/wiki/Password_cracking

We understand that changing database passwords is not a preferred solution, but we have exhausted all other routes to try to avoid this specific action. Once the password change has been completed, you will be notified via email and our internal system will automatically open a new Support Request for your account within the AccountCenter. If you have any questions, please feel free to contact us at any time, and we thank you for your patience and understanding regarding this matter.

Regards,

(mt) Media Temple, Inc
Hosting Operations

Posted via email from ntho: anthony cerreta

What's more terrifying than a call coming from inside the house? The call coming from inside the theater. That's the thought behind Last Call, an interactive horror film in which the main character calls a random audience member for help.

 

Hat tip to @HelsinkiValo for finding this one!

Posted via email from ntho: anthony cerreta

Posted via email from ntho: anthony cerreta

Today I unexpectedly found myself in Santa Monica for lunch and wanted to share the pictures of this wonderland with you.  About a mile north of the Santa Monica pier is this beautiful (garden?) spot with gorgeous views of the Pacific Ocean, the Santa Monica pier, Venice Beach and the Malibu mountains.  Just a little off the beaten path it is very peaceful and a great place for thinking.

I've been coming here for years and just realized I don't know what its name is.  It's on Ocean Ave in between Washington and Idaho in case you do.

@AnthonyCerreta
…from my g1

Posted via email from ntho: anthony cerreta

I took some mobile pictures (with lesser picture quality since it's from the g1) of our Ferbs Cosmetics products in a portable photo studio and lights.  This little tent is a cool idea that's perfect for taking photos of small products or professional ebay/amazon product listing photos.  For under $50 online it's one of the best "kits" I've seen all year (besides our Ferbs Tattoo cover up kits, that is.)

@AnthonyCerreta
…from my g1

Posted via email from ntho: anthony cerreta

Mobile (ie lesser quality from the g1) pictures taken of our Ferbs Cosmetics Tattoo Undercover products in a photo studio and lights.  This little tent is a cool idea and perfect for small product photos or amateur ebay/amazon product listing photos.  For under $50 online it's one of the best "kits" I've seen all year (besides our Ferbs Cosmetics tattoo cover up kits, that is.

@AnthonyCerreta
…from my g1

Posted via email from ntho: anthony cerreta

@AnthonyCerreta
…from my g1

Posted via email from ntho: anthony cerreta

The artists were great and the art they produced was amazing.  From music, to paint, to love – it was all there in abunDANCE.  The coolest part of the night was getting on stage with Bassnectar.  Getting to see N.A.S.A. and their dancing aliens live was pretty cool too.

@AnthonyCerreta
…from my g1

Posted via email from ntho: anthony cerreta

Earlier this week my yahoo! email address was compromised and used by hackers to send a spam email to all of the contacts in my email address book.  Yikes!  Luckily I had understanding friends (for the most part;) 

I quickly changed my account password and sent another email to all of my contacts with the subject line "Important – Do NOT Open my Last Email" and a short apology in the body of the message which explained that my email account had been hacked.  I then contacted yahoo! customer support to ask for additional advice and pasted below was their response.  I am copying it here in hopes that if your account has been hacked it might also help you.

If your email account has been "phished" (a term used to describe a hackers attempt to gain access into your account) and they were successful, it can be a scary situation.  Many people have only one or two main email addresses and most have become pretty dependent upon their email in-box for storing information.

If you have not updated your email account information and security questions I recommend you do so immediately.  It could mean life or death when it comes to retrieving a hacked account with your email support team.  Also, if you ever become worried that your account has been hacked, change your password immediately.  It's better safe than sorry.  Another way to stay prepared is to create a separate email account, one that is never given out, and adjust the settings of your main email account to forward every email message to your new email account.  This way, if your account is phished you will at least have a backup of all of your emails and information.

Good luck!  Hopefully you will never need to use the information below, but chances are you might so it is best to be prepared.

-Anthony

>>>>>>>

Hello,

Thank you for contacting Yahoo! Customer Care.

We appreciate the opportunity to address your report regarding Account
Security. Our goal is to provide you the best service possible,
especially when it comes to safeguarding your account. We have sent you
this auto-generated response as confirmation that our team has received
your report and also to provide you with information dealing with the
most common Account Security questions. Please let us know if the
following information does not resolve your issue and we will be happy
to assist you.

INVALID PASSWORD:

If you are unable to login to your Yahoo! account due to an invalid
password error please visit:

   http://help.yahoo.com/l/us/yahoo/edit/id_password/edit-10.html

CHANGE YOUR PASSWORD:

If the above information did not assist you, please attempt to request a
new password. Remember that our team may not reset your password or
remind you of your current password.

To change your password:

1. Sign in to your Yahoo! account using your current password by signing
in on any of Yahoo!'s personalized services (such as My Yahoo!, Yahoo!
Mail, etc.).

2. At the top of the page, click on either your user name or name that
appears in bold or the "My Account" link.

3. Re-enter your current password to continue.

4. Click on the "Change Password" link in your Account Information page.

5. In the space next to "Current Password," enter your current password
or the new one we issued to you.

6. In the space next to "New Password," enter a new password of your
choice.  Passwords are case-sensitive (meaning that PASSWORD, PaSsWoRd
and password are not equivalent), so be sure to take this into account
when entering your new password. It is recommended your new password not
contain any part of your old one, for security reasons.

7. In the space next to "Confirm New Password," confirm your new
password by typing it again.

8. Click the "Save" button to put your new password into effect.

STILL HAVING TROUBLE?

If you have followed the directions above, and are still unable to
obtain a new password for your account or feel that your account may
have been compromised, please reply to this email with the following
information you supplied during your Yahoo! registration.

Please know that we do have access to original account information and
that we will be unable to provide login or other assistance without
completely verifying your account.

* Yahoo! ID (If you cannot supply this ID, please give your alternate
email address given during your original registration)

* Your name

* Date of birth (mm-dd-yr)

* Your alternate email address

* Secret Question and Answer

* Your city and state

* Zip Code or Postal code you entered during registration

* Your country

PROTECTING THE PRIVACY AND SECURITY OF YOUR ACCOUNT:

   http://security.yahoo.com/

COMPUTER VIRUSES:

   http://security.yahoo.com/malware.html

GENERAL ACCOUNT SECURITY ISSUES:

   http://help.yahoo.com/l/us/yahoo/security/

SPOOF INFORMATION:

If you received an email impersonating Yahoo! and would like to report
it please visit:

   http://help.yahoo.com/l/us/yahoo/mail/yahoomail/abuse.html

If you have already been tricked into giving your password, please
visit:

   http://help.yahoo.com/l/us/yahoo/security/general.html

and supply as much detail as possible.

For more information visit:

   http://security.yahoo.com/password_scams.html

We understand this email contains a wealth of information and hope that
it has been of great assistance to you. If you have found that your
Account Security issue was not addressed within this message or if you
are trying to reach another area of Yahoo! support, please reply to this
email and include a brief description of the problem you are
encountering. We are happy to assist you in any way we can or send your
email to the appropriate support area.

Thank you again for contacting Yahoo! Account Services.

Regards,

Yahoo! Account Services Customer Care
General Pool for Account Security

For assistance with all Yahoo! services, please visit:

   http://help.yahoo.com/

New and Improved Yahoo! Mail – better than ever!

Original Message Follows:
————————

>>REDFRMADV Case ID: XXXXXXX Web Hosting Abuse Phishing

Please help.  It appears that somehow, a spam message was sent to all of
my contacts today.  Below is an example of one of the message that
failed (but if you notice there are not any of these messages in my sent
folder.)

I have already changed my password but nonetheless I am concerned about
my accounts safety and also the safety of my friends who received the
email.  Is there anything further I can do besides changing a password?

Thanks you for your help,
Anthony

Posted via email from ntho: anthony cerreta