Feed aggregator

1110

Looking For Group - Thu, 08/03/2017 - 04:01

The post 1110 appeared first on Looking For Group.

Categories: Web Comics

#RPGaDay 2017 Day 2 - RPG I'd Like to See Published

19th Level - Thu, 08/03/2017 - 03:21

As a fan of Patrick O'Brian's Aubrey-Maturin novels, I'd love to see an RPG published that captures this series. There's a few Age of Fighting Sail RPGs out there, but I haven't yet found the "perfect" one. I'd want something that captures the feel of life at land and at sea, the social aspects of the era, and provides for exciting ship combats. It would need to manage the advancement of characters while also having a way to keep a group together. It would need to handle the passage of years, though for gaming purposes I'd be fine with it also making the year 1813 last as long as it needed to, much as Patrick O'Brian did. And it would need to appeal to people who aren't perhaps a tad obsessed with the genre.

I keep thinking that Pendragon could be reskinned for this purpose. A game that expects a campaign of many game years. Perhaps living long enough to see your son take your place might be a bit much, even with a long 1813, but one could see a midshipman protege advancing through the ranks... Someone make this game for me please.

"To wives and sweethearts - may they never meet!"


Categories: Tabletop Gaming Blogs

Reminder - Tavern Chat - Tonight at 9 PM Eastern - The Stars are Alighned

Tenkar's Tavern - Wed, 08/02/2017 - 23:26

Tonight is a Wednesday Night and your bartender will be hosting the weekly Tavern Chat at 9 PM Eastern. If I run late, please feel free to let yourselves in.

Possible topics include - growing old ;) , the The Tenkar's Tavern Crate (I've heard reports its been spotted in the wild), #ConManKen's latest failure's and more.

Use the Tavern Chat / Chatwing Widget on the right side of this page.

See you then...
Categories: Tabletop Gaming Blogs

Black Hat USA 2017 Recap

Malwarebytes - Wed, 08/02/2017 - 21:54

What do you get when you put hackers, gambling, and dogs together? Black Hat USA 2017  …and a random zoo conference happening next door. Last week, we wrapped up another successful trip to Las Vegas for Black Hat. For those of you who couldn’t make it or had too much Vegas fun and need a reminder of what happened, here’s a little recap for you.

Background

Every year Black Hat, the world’s leading information security event series in the world, hosts a six-day conference in Las Vegas. The conference and technical training sessions focus on the latest research, development, and trends in the cybersecurity space. This year Black Hat hit a major milestone by celebrating its 20th year in hosting these events.

Hot topics

In the last couple of years, we’ve noticed a lot of conversation about AI machine learning  – specifically this year focused on AI Machine Learning Neutral Networks in the security industry. The general belief is that AI alone will help defeat all malware and move us into the new age. That’s not going to happen – in our opinion. All these AI talks seem to forget one important thing. How exploitable and manipulative a machine learning database and algorithm can be. They are extremely prone to be poisoned and easy to bypass when you know what you’re doing.

There were a million talks this year and last about AI machine learning and how you can use it to detect malware and defeat exploits and so on and so forth, however it will never be practical in the way the talks are pushing. AI will do amazing things in the background of security companies and in unison with other security functions though.

Booth action

The Malwarebytes booth was as hot as the hippest DJ playing at the “it” club in Vegas. ZERO the robot was a crowd favorite per usual. Our product marketing team (Dana & Helge) broke down the current threat landscape, went into detail about Jaff ransomware, and talked about our latest business products – Endpoint Protection and Incident Response.

Click to view slideshow.

 

Conclusion

Black Hat always seems to bring around a talented group of professionals. We’re happy we can participate in this event each year and spend some time meeting everyone. It seems like AI will continue to be a hot topic, it will be interesting to see what updates are to come in the next year.

Thank you to all those that stopped by the Malwarebytes booth. See you next year!

The post Black Hat USA 2017 Recap appeared first on Malwarebytes Labs.

Categories: Techie Feeds

TITAN COMICS: Eleventh Doctor #3.7 – A Very Satisfying Conclusion

Blogtor Who - Wed, 08/02/2017 - 20:19

Part two of ‘The Memory Feast’, provides us with many answers to many questions which take the reader through a very different reading experience. As this issue starts, picking up directly from the previous issue events take a dramatic turn. We are introduced to an ancient being which has been hiding for many millennia. The ship that […]

The post TITAN COMICS: Eleventh Doctor #3.7 – A Very Satisfying Conclusion appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Kickstarter - Stars Without Number: Revised Edition (Free Beta PDF Available - Link Included with Permission)

Tenkar's Tavern - Wed, 08/02/2017 - 20:11

Stars Without Number: Revised Edition. You KNOW you want to back this Kickstarter.
Seriously. +Kevin Crawford knows how to run a Kickstarter Project.

Want to look at the rules before pledging? Here's the link the the SWN: Revised Edition Beta Rules

Want to read the stretch goals? Guess what? They've all been hit already.
- At $20,000 I will release all commissioned art for the game as royalty-free, zero-cost art available for other gamers and publishers to use for their own personal and commercial products. I've made arrangements with the artists for this game, including Tan Ho Sim, Christof Grobelski, Joyce Maureira, and Aaron Lee, to buy full rights for all the pieces I commission, and so I will be able to let others freely use these assets for their own purposes.  - At $30,000 I will rework both the free and deluxe versions of the core book as additional EPUB and MOBI file formats. This will involve considerable extra effort in redoing the text for these decidedly non-spread-oriented formats, but if the campaign gets this far, clearly you want these formats provided.  - At $40,000 I will forge the culmination of madness and bibliomanic obsession- the mighty UNIVERSAL OMNIBUS, a vast hardback tome containing every single Stars Without Number first edition product, both free and for-pay. This massive, black-and-white interior tome will consist of the Stars Without Number first edition core book, Skyward Steel, Suns of Gold, Darkness Visible, Starvation Cheap, Polychrome, Dead Names, Relics of the Lost, Engines of Babylon, Sixteen Stars, Hard Light, all of the Mandate Archive free supplements, and both editions of The Sandbox, the whole summing over a thousand pages. Everything that ever has or will be written for first-edition Stars Without Number will be contained within this book. Every backer at $20 or more will be given a code that will permit them to order this voluminous codex from DriveThruRPG for $100, if they so wish. This code will not have an expiration date, so they may defer the purchase until later if they wish to reflect on it. Backers at the munificent Galactic Overmind level of $175 will get one of these superdense grimoires shipped to them at no further shipping cost, provided the address is in Canada, the United States, the UK, or the European Union. No other persons will be permitted to acquire the UNIVERSAL OMNIBUS. Only those loyal and fearless backers who join me in my plunge into madness by contributing to this campaign will be allowed to buy the book from DriveThruRPG. It will not be made available for general public purchase.  - At $50,000, I will be extremely grateful to you all and have the wisdom to refrain from offering further stretch goals. I am but one man. I've completed every Kickstarter I've ever launched on-time or early, chiefly because I've known when to stop promising and when to start working.The amount pledged as I write this is just under $65k.

It launched yesterday.

You know you want it :)
Categories: Tabletop Gaming Blogs

PREVIEW: Jodie Whittaker Faces Doctor Drama in ‘Trust Me’

Blogtor Who - Wed, 08/02/2017 - 18:04

She’ll soon be piloting the TARDIS, but Jodie Whittaker becomes a doctor of a very different kind in new BBC drama Trust Me. As we preview the first episode of the series, is everything truly as it seems…? Not all is well in the world of Cath Hardacre, a skilled and hardworking nurse whose life […]

The post PREVIEW: Jodie Whittaker Faces Doctor Drama in ‘Trust Me’ appeared first on Blogtor Who.

Categories: Doctor Who Feeds

REVIEW: Christopher Nolan’s ‘Dunkirk’ blows the viewer away

Blogtor Who - Wed, 08/02/2017 - 17:00

It is not often that we review movies on BlogtorWho but Christopher Nolan’s powerful telling of the Dunkirk tale demands attention. The movie is simply extraordinary. The evacuation of mainland Europe in 1940 was an incredible achievement. In the world of cinema ‘Dunkirk’ is an equally spectacular triumph. Written and Directed by Christopher Nolan, the […]

The post REVIEW: Christopher Nolan’s ‘Dunkirk’ blows the viewer away appeared first on Blogtor Who.

Categories: Doctor Who Feeds

OSR Commentary - Using Saga TSR's Age of Heroes Mini games For Operatic Campaign Design

Swords & Stitchery - Wed, 08/02/2017 - 15:25
Could one of TSR classic era's mini games be used for old school campaign construction? Yes it could! Sound the horns, grab your father's sword & armor, and come with me now down the dark halls of history to Nineteen Eighty!  For tonight we play Saga one of TSR's Mini games! Much of what follows has been referenced from Board Game Geek's entry on Saga. So Steve a friend of mine blew into townNeedleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Enemy at the gates: Reviewing the Magnitude exploit kit redirection chain

Malwarebytes - Wed, 08/02/2017 - 15:00

Over the last few months, we have been keeping an eye on the Magnitude exploit kit which is mainly used to deliver the Cerber ransomware to specific countries in Asia. Our telemetry shows that South Korea is most impacted via ongoing malvertising campaigns.

When a visitor goes to a website that monetizes its traffic via adverts he may be exposed to malicious advertising. Tailored ads shown in the browser are initiated on-the-fly via a process known as Real-time Bidding (RTB). Unfortunately, crooks will take advantage of this process by deceiving and abusing ad agencies, trying to win the online auction to serve their malicious content.

Figure 1: Typical redirection flow via Magnigate to Magnitude EK

In addition to traffic filtering performed by various ad networks, users are inspected at a ‘gate’ that decides whether or not they should be allowed to proceed to Magnitude EK. This gate, which has been nicknamed ‘Magnigate’ by Proofpoint [1], performs additional checks on the visitor’s IP address and user-agent to determine their geolocation, Internet Service Provider, Operating System and browser information.

Double purpose

Magnigate serves two goals: to be a decoy site for non-intended targets or to be a redirection mechanism to Magnitude EK (or a social engineering scheme [1]) for the visitors that meet its requirements. In other words, seeing the content of the bogus site means the redirection to Magnitude EK has failed. During our tests, we also noticed that the gate can send a 404 or 502 HTTP status code.

Figure 2: Magnigate leads to e-cig decoy site (avoidance) or Magnitude EK (real target)

Beginnings: 2013-2014

Using publicly available packet captures as well as our own honeypots, we go back in time and explore the history and evolution of this gate. Note: this post does not intend to be completely exhaustive and the reader should know that there are other redirection chains than the ones solely presented here.

Early packet captures are hard to find publicly but PCAPs from mid-2013 and 2014 show various techniques used to redirect users to Magnitude EK.

302 redirect

This one shows a 302 redirect from a possibly compromised site in August 2013 although malvertising was also an infection source at the time (MalwareDontNeedCoffee [2]). The PCAP comes from Malware-Traffic-Analysis.net.

Figure 3: A site performing a redirection to Magnitude EK in the summer of 2013

iframes

In January 2014, we can see iframe insertions on compromised sites to redirect to a second stage server that performs the 302 redirect to the EK. The PCAP comes from Malware-Traffic-Analysis.net.

Figure 4: iframe injections resulting in 302 redirect to Magnitude EK

top.location.href

Yet another redirection technique is seen in this March 2014 capture. (Side note: the website pictured below remains hacked, even 3 years later). The PCAP comes from Malware-Traffic-Analysis.net.

Figure 5: A compromised site leading to Magnitude EK in the winter of 2014

JS injection to iframe

In this September 2014 snapshot, we see a compromised website with a malicious JS injected into it. The PCAP comes from Malware-Traffic-Analysis.net.

Figure 6: This external JavaScript calls a Magnitude EK landing page

Steganography

In October 2014, we see an interesting redirection technique involving steganography which was not obvious at first. The malicious redirect URL is stored in an image file hosted on the hacked site (data.png). It’s a poor name choice for a file designed to conceal… data, considering the effort that was put into the JavaScript function that decodes it.

The PCAP comes from Malware-Traffic-Analysis.net.

Figure 7: An interesting and covert way to redirect traffic from a hacked site via steganography

A more ‘predictable’ gate: late 2014-2015

In November 2014, there is an interesting change with the redirecting infrastructure. A compromised site is injected with a hex encoded script that performs the first redirection to a .eu domain. It is the next domain called filesnews.ws, which performs the final call to the Magnitude EK landing page. It’s noteworthy that the ‘.ws’ domain and the Magnitude EK landing are in the same IP space and both running Apache 2.2.15 and PHP 5.3.3. In the following month, we also witnessed the gate sharing the same server software specs (although in different IP spaces).

The PCAP comes from ThreatGlass.

Figure 8: Overlapping infrastructure specs between gate and EK in this Fall 2014 capture

The use of decoy sites in Magnitude EK campaigns may have started in late 2014 or early 2015. Below is an example of such a site (paypalinvest.info) where traffic originated from malvertising. The fake sites are designed to confuse analysts and have used various themes over time such as finance, gaming, e-cigs, etc.

Figure 9: The use of decoy sites has been a popular trend

Fingerprinting: 2016

A new twist to the gate happened around March 14, 2016. So far, the redirections we had observed had been via one single web request but over the course of a few days, we witnessed the emergence of an added step which also contained ‘fingerprinting’ code. (Side note: According to MalwareDontNeedCoffee the fingerprinting code was already in Magnitude’s main landing page before).

Figure 10: Fingerprinting the user via the browser is shown here in the gate to Magnitude EK

A little over a month later and the fingerprinting gate is gone, replaced by a simple 302 redirect.

Figure 11: A ‘simple’ redirection flow

Sometime later, the first part of the gate changes slightly and reveals the detection of the Kaspersky virtual keyboard:

Figure 12: Detecting (and avoiding) users that have Kaspersky software installed

It was only a matter of time before things changed again. The Kaspersky check gets switched to the second part of the gate.

Figure 13: A switch around for the Kaspersky keyboard detection

Obfuscation: Fall 2016

In the Fall of 2016, an important change happened with Magnitude EK as it was no longer rented as a toolkit, but instead became the sole use of one actor who decided to focus on targeting Asia, and in particular, South Korea, delivering the Cerber ransomware [1].

During the months that followed, the gate which by now was publicly known as ‘Magnigate’, went through some code obfuscation on top of the server side checks to filter traffic by user-agent and geolocation [1]. This meant that capturing Magnitude EK in the wild became more difficult without a proper set-up.

Figure 14: Various encodings in use by Magnigate over the course of a few months

More encoding: July 2017

The latest version of Magnigate has yet different encoding. Here’s a quick look at it.

Figure 15: Magnigate seen in July 2017

Figure 16: Step 1 in the Magnigate redirection flow

Figure 17: Step 2 in the Magnigate redirection flow

Step 0 in the gate?

We spotted an instance where there was a redirect loop within the gate itself before finally carrying on with the usual path. This ‘extra’ check did not happen all the time though, suggesting it is either something still in development or being selectively tested.

The server infrastructure is also quite puzzling, with for example Microsoft IIS instead of the standard Apache we normally see, and residing on an IP address (210.117.120.42) located in South Korea.

Figure 18: An interesting detour before the normal Magnigate flow

A closer look at the code used in this pre-step 1 stage reveals various types of fingerprinting, for example checking the local IP address and detecting the video driver installed.

Figure 19: Getting the current user’s local IP address via the RTCPeerConnection trick

Figure 20: Canvas fingerprinting used to identify the user’s video driver

Whatever the exact purpose of this pre-gate is, it is performing some in-depth checks on the current visitor and passing those as parameters within the URL. Only time will tell if this becomes integrated as a de facto check, or whether this was some kind of temporary trap for honeypots.

Gates and exploit kits

A gate is not required in order to perform a successful drive-by infection so long as there is an existing redirection mechanism in place (via compromised sites or malvertising). However, gates provide an efficient way to do final traffic filtering before wasting resources on non-intended targets. It’s also a very effective means of preventing honeypots and security researchers from poking their nose into your business or perhaps tracking and logging their activity. Some exploit kits like Astrum EK do some heavy filtering throughout the infection chain to be as stealthy as possible, resulting in little information known about their malvertising campaigns or the exploit code they use.

It’s quite likely that Magnigate will continue to evolve but the question is whether these will be slight cosmetic changes (different obfuscation techniques) or more substantial (new detection or evasion techniques).

Malwarebytes users are protected against Magnitude EK thanks to our signature-less anti-exploit module.

References

[1] Cerber, not the only payload: https://www.proofpoint.com/us/threat-insight/post/magnitude-actor-social-engineering-scheme-windows-10

[2] http://malware.dontneedcoffee.com/2013/10/Magnitude.html

Acknowledgements

I would like to thank David Ledbetter and Manuel Caballero for their help in this research.

Indicators of compromise

Magnigate Regex

\/(([0-9]{5,8}|0)(\$|%[0-9][A-Z]|&)){13,14}$

Magnigate domains (step 1)

paypalinvest[.]info bestmoneyinvest[.]net roundgames[.]biz aroundgamez[.]org arcencielfoundation[.]org planetofsgames[.]com lebhaile[.]com sextizer[.]net pyfxmoney[.]com blowyourmindvape[.]com letsvapes[.]com letsdovape[.]com letsovape[.]com

Magnigate fully qualified domains (step 2)

cdi3e82hac4p.boxaims[.]com f344709fpep0ue412r.dieowed[.]com 4lfcfq6a7g94.rarekid[.]com 0adci9j7d7l46e.asmight[.]com d88o9cd59.endsits[.]com c00x28g6c54fax0br.ordrink[.]com 28cdw96cl1do5.givesup[.]com 2a2l2xfcffcb66v.hesoff[.]com 38ffa328261.isleave[.]com 6d82p5d2v0e4ft105s.owesdo[.]com 175c2a53f64lbr64w.milered[.]com e4cua85j8w06crek833x.helpfix[.]stream 70i4o34b724q.bestbusy[.]site 7a48s4eu85kaeu4p3.doebulk[.]com 906q2u4567021q.usfixes[.]com 93c452ci0.deskif[.]com

IP addresses

217.172.189.199 31.3.242.108 78.46.29.251 148.251.205.122 185.130.226.117 185.82.216.199 185.104.11.201 89.163.129.151 91.134.161.63 188.138.102.127 95.215.63.225 95.215.62.214 188.138.68.153 188.138.68.163 94.228.223.242 94.228.223.245 188.165.85.28 51.255.154.6 149.202.232.201 46.105.95.113 151.80.179.144 46.105.95.114 37.59.140.124 145.239.190.17 210.117.120.42

The post Enemy at the gates: Reviewing the Magnitude exploit kit redirection chain appeared first on Malwarebytes Labs.

Categories: Techie Feeds

‘Who, Me’ – An Interview With Australia’s Robert Lloyd

Blogtor Who - Wed, 08/02/2017 - 14:59

Australian Robert Lloyd is bringing his one man show to Edinburgh this month. Lloyd appeared at the Edinburgh Fringe Festival, the largest arts festival in the world, in 2013. He returns to the Scottish capital following sell-out appearances across Australia, New Zealand, and America. He spoke exclusively to Blogtor Who about his upcoming show ‘Who, […]

The post ‘Who, Me’ – An Interview With Australia’s Robert Lloyd appeared first on Blogtor Who.

Categories: Doctor Who Feeds

House of Flowers

Ten Foot Pole - Wed, 08/02/2017 - 11:19


By Christopher Audette
Five Cataclysms
Five Cataclysms
“Mid-level”

In a warm place sits a mansion made entirely of many-hued flowers, their vines forming the unnatural architecture of mankind. The house grew around two entities, the Heart of Eternity, and the Heart of Chaos. The Heart of Chaos mutated all life around it, changing it beyond recognition, and the Heart of Eternity gave the new life the order necessary to survive. The Hearts arrived long before mankind existed, and they have been locked in a perpetual struggle ever since. A proxy war is fought between the two, using flowers mutated into ambulatory forms as pawns. The battles are fought entirely inside the house, because while immensely powerful, the influence of the Hearts cannot extend outside. The structure around which the house grew, the Chapel of the Void, is the reason the Hearts cannot leave. Only dreams they create are dreamt beyond the house. Locals in the area know well enough to avoid the house, as all who have entered were either killed or scarred horrendously, but they all receive the dreams. Those who sleep in the area often dream of entering the house, fighting through the rooms, kidnapping one of the Hearts, and sacrificing it on the altar inside the Chapel of the Void. They dream this will bring them great wealth and power. The dreams lie.

This is a 78 page adventure in a weird flower structure with 64 rooms in it. It has about ten pages of introduction, then 22 pages of room descriptions, and then the rest being supplemental information and tables. It ABSOLUTELY has that weird non-standard vibe going on, a hallmark of some of the great OD&D adventures. It’s got a lot of interesting ideas, and a great concept, magic items, creatures, and the rest. GREAT content. It’s also got a vision in presentation and a descriptive style that, while it should work in theory, makes my brain hurt trying to decipher the text. I can let some formatting sins pass in exchange for good content, but, man, this one is hard to justify.

Oh, so a vaguely house-like structure made up of flowers. Inside are two enemies: In one wing is the Heart of Chaos and in another the Heart of Eternity (with rules for shoving one into someone’s chest, Vecna-stylet! Yes!) Their plant-creature minions contest with each other in a third section. They send dreams to people outside the house to get them inside and to kill the other heart. And in the immortal words of a cartoon person “Dude, this is pretty fucked up right here.”

Vines with flower bulbs hanging from the ceiling. Crystals glowing with sunlight with rotting bodies under the soil tended by flower-people. Non-hostile flower people. A deep chasm with 5000 skeletons in it, some wearing obvious treasure, with flower-people keeping you from fucking with it. A room FULL of multi-colored webs crawling with tiny spiders. Six creatures encased in multi-colored amber. Room after room this goes on. Enter a room, be tempted, or face a situation … most all with a kind of theming going on. It’s similar, in that way, to Blue Medusa and other dungeons with strong room visions … perhaps combined with a bit of the fab Dreams of the Lurid Sac. These bizarre and … unearthly? encounters. They force the players to engage or ignore, to tempt fate or use them to their advantage. I don’t think Funhouse is appropriate term for these. ‘OD&D’ seems closer. I don’t know what to call it, but it’s pretty exciting to see.

Likewise, the magic items. There’s a big table of a hundred at the back and the adventure is worth having just for that table alone. A snow globe that when you shake it causes a blizzard to spring up within 50’. A crown of thorns that allows the players to grant 1st level cleric spells. A vial of boiling blood .., that is actually a creature. A monocle that lets you see in to a strange dreamland. An oar that, affixed to a ship/boat, surrounds it with mist and allow you passage to one of the lands of the dead. EFFECTS. It concentrates on EFFECTS. There’s some mechanics attached, usually, but never more than about a sentence or less. But the effects. I’ve overjoyed to see magic items that are mysterious and wondrous!

It is also an OH. MY. GOD. nightmare to dig through the rooms. It’s got a decent idea for formatting. Each notable thing in the room is bolded as the first sentence of a paragraph, with the paragraph adding detail. Thus room 1 has two paragraphs, the first starting with the bolded “Vines with flower bulbs hanging from the ceiling” and the second starting with the bolded “Even soil” The meat of the paragraphs follow the bolded sentence, the details to reveal upon further explanation. Thus the DM can quickly give an overview of the room, using the bolded portions that scan quickly, and then follow up as the party inquires. Why uneven soil? There are drag marks? What type? They look like body marks, and go through the east doorway. I like this format. I DO think it helps you scan quickly. My more-than-a-quibble comes with the specific implementation in this adventure. The bolded portions are a little weak, being facts and lacking strong imagery in them. I’m looking for “bulbous flower bulbs” or “oozing flower bulbs” or something like that. Further, the “mundane” text is not really organized well, which becomes a pain in the ass when the room is non-trivial. Room seven is the Vibrating Lotus Pond. Murky pond water covering the floor. Lotus flower of many colors floating on the pond. Multicolored glittering beneath the pond. The middle paragraph is long. LOOOOONG. There’s beetles in them, and, while not a lot going on, I’d argue, there is a lot of text. It’s good, but I don’t think it’s organized effectively. IDK, bullet points, or some other technique? As with the Fungi Chemist I think the strict devotion to the vision hampers the presentation. I’m in favor of a strong vision, but as we move it out of the realm of the platonic and it hits the road we need to mangle it if it conflicts with higher values … like ‘understanding.’ IN an attempt to be MORE understandable it is less. Pulling out the “beetle combat” for example, to another paragraph, and/or pulling out the treasure (present in the last two paragraphs) to a separate one would have allowed the upper paragraphs to focus on the environment while the combat/treasure focused on the actions.

I would also take exception to the random monsters. Flower people, and maybe angels and demons, could show up. There are tables for each that you can use to randomly determine them. Nice in theory. I would have also liked to have seen a table of pregen ones. Just one sheet full of stats for each of them, perhaps in addition to the random rules. Then I have the option of doing more but I’m not forced to slow down play by rolling. Yes, I could do it myself ahead of time. Or … the fuckign designer could have done it for me to help me out. There’s a few other things, like having to roll saving throws every 20 minutes in two wings of the dungeon. I’ve not sure how I feel about that. I like the “time pressure” aspect but dislike the tedium of the mechanic. Meh. But, on the plus side, it does something Death Frost Doom did, using spells in “appropriate ways.” Protection from Evil, or something similar, will prevent the save from having to be made. How about Bless? Sure, I’d say, if the player makes a good argument. This use of the “utility” nature of spells is something I favor.

I note it also has another Death Frost Doom callback … both skeletons, angels and/or demons could be let loose upon the world, if folks fuck the place up. There’s some cosmic shit going on inside with things in balance for a LONG time. Fucking with it will mean consequences.

If you are a fan of OD&D weirdness, Lamentations, Lurid Sac, or want some new magic items then this thing is for you. I think it’s non-trivial to run at the table, mostly because of the organization of the detail in the paragraphs. It that were addressed, or the bolded portions were much more evocative, then I may be able to look past my misgivings. Fantastic content, but hard to make my A-Team list.

This is PWYW on DriveThru. The preview is broken.
http://www.drivethrurpg.com/product/212613/House-of-Flowers

Categories: Tabletop Gaming Blogs

Wednesday Comics: T.H.U.N.D.E.R. Agents

Sorcerer's Skull - Wed, 08/02/2017 - 11:00
Taking a break from Storm for a week, I want to consider the T.H.U.N.D.E.R. Agents, a 60s superhero comic conceived primarily by the great Wally Wood. The series only ran 20 issues in its initial run, but its characters and concepts were appealing enough they there have been several (brief) revivals over the decades.

T.H.U.N.D.E.R. Agents combines two popular things in the mid-1960s: spy-fi and Marvel-style superheroics. T.H.U.N.D.E.R. stands for The Higher United Nations Defense Enforcement Reserves (I don't know what that means, either). It's essential SHIELD or UNCLE with more superhero agents. All of them are the product of technology: Dynamo with his thunderbelt, NoMan, the elderly scientist who can transfer his intellect into robotic bodies, and Menthor, a secret traitor with a helmet that gives him mental powers and a more heroic personality.

There enemies are a mostly forgettable cadre of aliens and freedom-threatening organizations: the Warlord, the Subterraneans, S.P.I.D.E.R. They serve their purpose for generating superhero action, particularly rendered in Wally Wood's style.

DC Comics did hardcover archives of the T.H.U.N.D.E.R. Agents material when they had the license. These aren't too hard to find, but do require a bit of looking. IDW now owns the license and has put out paperback collections called T.H.U.N.D.E.R. Agents Classics.


Great Hall Burning Viking Kickstarter Ending - Stretch Goals unlocked!

Two Hour Wargames - Sun, 07/30/2017 - 19:19
Kickstarter Vikings

Only a few hours left and a great deal. Minis, terrain and more all in one box. 


Categories: Tabletop Gaming Blogs

Bye Bye Two Hour Wargames...well, not exactly.

Two Hour Wargames - Sun, 07/30/2017 - 16:06


Two Hour Wargames will also be known as THW Game Design. and here's why. We currently have and are making lots of games that are not "traditional wargames".  But being called a Wargames company makes it hard for these games to be found by potential gamers.

So in the near future you'll be seeing the THW Game Design logo, but don't worry. It's still us...  
Categories: Tabletop Gaming Blogs

Quarters - The Game of Quarter Horse Racing

Two Hour Wargames - Thu, 07/27/2017 - 22:25
Why a game on Quarter Horse Racing?
In no particular order:

  • It's a great family game playable with kids and newbies of both genders.
  • It's exciting and quick to play with a nice blend of luck and strategy.
  • It can be used to supplement your other RPG Lite games like Larger than Life or similar where your characters go to the races. You can even use the rules for 5150 substituting alien creatures for horses!
  • Great for a change of pace that can be picked up when you have 30 to 45 minutes to burn.
Here's a quick example of how the game works. Click the pics for easy reading.





Here's the track expanded to cover the whole race track for use with Larger Than Life, Mission St. Mary, 5150 or any of our other RPG Lite games.Quarters - Coming soon.


Categories: Tabletop Gaming Blogs

Fortunes Won and Lost AAR Part 6 - Morning Patrol Redux

Two Hour Wargames - Tue, 07/25/2017 - 23:51
Part 4

After the disastrous Morning Patrol, Sir Winston - just Winston back then - joined the Italian and French mercenaries on another Patrol Mission. Unknown to them, the Hill Tribesmen were heading south on a Raid. 













But that was the past. Watch for Part 7, coming soon!
Categories: Tabletop Gaming Blogs

Coming soon - Weird War Zed

Two Hour Wargames - Tue, 07/25/2017 - 20:30
Project Hölle auf ErdenIt’s late in the war and things are not going well for Germany. Hitler has seen the reports, the increasing casualties, the displeasure at home, and always the gains being made by the Allies.
In desperation he has turned to Herr Doktor. Once a ludicrous idea has now become, in Der Fuehrer’s mind, his last hope to turn the tide and achieve victory.
What is Project Hölle auf Erden? Simply put, it is the reanimation of the dead and more. Not the undead that would randomly wreak havoc on the world, but a controlled force led by the minions of Der Fuehrer. However; exactly how much control is debatable and yet to be seen.

And we’re not even talking about the Werewolves…
Categories: Tabletop Gaming Blogs

Pages

Subscribe to Furiously Eclectic People aggregator