Feed aggregator

Recipe for success: tech support scammers zero in via paid search

Malwarebytes - Tue, 06/25/2019 - 15:00

Tech support scammers are known for engaging in a game of whack-a-mole with defenders. Case in point, last month there were reports that crooks had invaded Microsoft Azure Cloud Services to host fake warning pages, also known as browser lockers. In this blog, we take a look at one of the top campaigns that is responsible for driving traffic to those Azure-hosted scareware pages.

We discovered that the scammers have been buying ads displayed on major Internet portals to target an older demographic. Indeed, they were using paid search results to drive traffic towards decoy blogs that would redirect victims to a browlock page.

This scheme has actually been going on for months and has intensified recently, all the while keeping the same modus operandi. Although not overly sophisticated, the threat actors behind it have been able to abuse major ad platforms and hosting providers for several months.

Leveraging paid search results

Tech support scams are typically distributed via malvertising campaigns. Cheap adult traffic is usually first on the list for many groups of scammers. Not only is it cost effective, but it also plays into the psychology of users believing they got infected after visiting a dodgy website.

Other times, we see scammers actively targeting brands by trying to impersonate them. The idea is to reel in victims looking for support with a particular product or service. However, in this particular campaign, the crooks are targeting folks looking up food recipes.

There are two types of results from a search engine results page (SERP):

  • Organic search results that match the user’s search query based on relevance. The top listed sites are usually those that have the best Search Engine Optimization (SEO).
  • Paid search results, which are basically ads relevant to the user’s query. They require a certain budget where not all keywords are equal in cost.

Because paid search results are typically displayed at the top (often blending in with organic search results), they tend to generate more clicks.

We searched for various recipes on several different web portals (CenturyLink, Att.net, Yahoo! search and xfinity) and were able to easily find the ads bought by the scammers.

We do not have exact metrics on how many people clicked on those ads but we can infer that this campaign drew a significant amount of traffic based on two indicators: the first being our own telemetry and the second from a URL shortener used by one of the websites:

While those ads look typical and actually match our keyword search quite well, they actually redirect to websites created with malicious intent.

Decoy websites

To support their scheme, the scammers have created a number of food-related blogs. The content appears to be genuine, and there are even some comments on many of the articles.

However, upon closer inspection, we can see that those sites have basically taken content from various web developer sites offering paid or free HTML templates. “<!– Mirrored from…” is an artifact left by the HTTrack website copier tool. Incidentally, this kind of mirroring is something we often witness when it comes to browser locker pages that have been copied from other sites.

During our testing, visiting those sites directly did not create any malicious redirection, and they seemed to be absolutely benign. With only circumstantial evidence and without the so-called smoking gun, a case could not be made just yet.

Full infection chain

After some trial and error that included swapping various User-Agent strings and avoiding using commercial VPNs, we eventually were able to replay a full infection chain, from the original advert to the browser locker page.

The blog’s URL is actually called three consecutive times, and the last one performs a POST request with the eventual conditional redirect to the browlock. In the screenshot below, you can see the difference between proper cloaking (no malicious behavior) and the redirect to a browlock page:

Browlock page

The fake warning page is fairly standard. It checks for the type of browser and operating system in order to display the appropriate template to Windows and Mac OS victims.

The scammers often register entire ranges of hostnames on Azure by iterating through numbers attached to random strings. While many of those pages are taken down quickly, new ones are constantly popping back up in order to keep the campaign running. Here are some URI patterns we observed:

10-server[.]azurewebsites[.]net/call-now1/
2securityxew-561error[.]azurewebsites[.]net/Call-Now1/
10serverloadingfailed-hgdfc777error[.]azurewebsites[.]net/chx/
11iohhwefuown[.]azurewebsites[.]net/Call-Support1/
11serversecurityjunkfile-65error[.]azurewebsites[.]net/Call-Mac-Support/
2serverdatacrash-de-12error[.]azurewebsites[.]net/macx/
2systemservertemporaryblockghjj-510error[.]azurewebsites[.]net/mac-support/

We believe the crooks may also be rotating the decoy site that performs the redirect in addition to the existing user filtering in order to evade detection from security scanners.

Finding the perpetrators

We do not condone interacting with scammers directly, but part of this investigation was about finding who was behind this campaign in order to take action and spare more victims.

To continue on with deception, the rogue technicians lied to us about the state of our computer and made up imaginary threats. The goal was to sell expensive support packages that actually add little value.

The company selling those services is A2Z Cleaner Pro (AKA Coretel Communications) and was previously identified by one victim in August 2018 in a blog comment on the FTC’s website.

Their webste is hosted at 198.57.219.8, where we found two other interesting artifacts. The first one is a company named CoreTel that is also used by the scammers as a kind of business entity. It appears to be a rip off from another domain that pre-existed by several years and also hosted on the same IP adddress:

And then, there are two new recipe sites that were both registered in June and, as with previous ones, they also use content copied from other places:

Mitigation and take down

Malwarebytes’ browser extension was already blocking the various browlock pages heuristically.

We immediately reported the fraudulent ads to Google and Microsoft (Bing), as well as the decoy blogs to GoDaddy. The majority of their domains have been taken down already and their ad campaigns banned.

This tech support scam campaign cleverly targeted an older segment of the population by using paid search results for food recipes via online portals used by many Internet Service Providers.

There is no doubt scammers will continue to abuse ad platforms and hosting providers to carry out their business. However, industry cooperation for takedowns can set them back and save thousands of victims from being defrauded.

Indicators of compromise

Decoy blogs

alhotcake[.]com
bestrecipesus[.]com
cheforrecipes[.]com
chilly-recipesfood[.]com
cookwellrecipes[.]com
dezirerecipes[.]com
dinnerplusrecipes[.]com

dinnerrecipiesforu.com
handmaderecipies[.]com
homecookedrecipe[.]com
hotandsweetrecipe[.]com
just-freshrecipes[.]com
lunch-recipesstore[.]com
mexirecipes[.]com
neelamrecipes[.]com
nidhikitchenrecipes[.]com
organicrecipesandfood[.]com
recipes4store[.]com
recipestores[.]com
royalwarerecipes[.]com
smokyrecipe[.]com
specialsweetrecipes[.]com
starcooking[.]club

starrecipies[.]com
sweethomemadefoods[.]com
tatesty-recipes[.]com
today4recipes[.]com
tophighrecipes[.]com
toptipsknowledge[.]com
totalspicyrecipes[.]com
vegfood-recipes[.]com
yammy-recipes[.]com

handmaderecipies[.]com
homecookedrecipe[.]com
hotandsweetrecipe[.]com
just-freshrecipes[.]com
lunch-recipesstore[.]com
mexirecipes[.]com
neelamrecipes[.]com
nidhikitchenrecipes[.]com
organicrecipesandfood[.]com
recipes4store[.]com
recipestores[.]com
royalwarerecipes[.]com
smokyrecipe[.]com
specialsweetrecipes[.]com
starcooking[.]club

starrecipies[.]com
sweethomemadefoods[.]com
tatesty-recipes[.]com
today4recipes[.]com
tophighrecipes[.]com
toptipsknowledge[.]com
totalspicyrecipes[.]com
vegfood-recipes[.]com
yammy-recipes[.]com

healthycookingidea[.]com
recipesstudios[.]com

a2zpcprotection[.]com
a2zcleanerpro[.]com

Regex to match browlock URIs on Azure

^http(s|):\/\/(?!www)^.{2}[a-z]{2,7}\/([cC]all-([nN]ow|Support)1|chx|macx|(Call-)?[mM]ac-[sS]upport)

The post Recipe for success: tech support scammers zero in via paid search appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Skills, Abilities, Attributes, and Classes in classic D&D

Bat in the Attic - Tue, 06/25/2019 - 14:48
JB over on B/X Blackrazor has posted some strong opinions on ability checks and skills. It stems from the following
 But for the game I play (and, sure, I understand not everyone plays as I do), I feel that a character's class IS the bulk of the character's training...that's where the emphasis should be and ability scores a minor consideration as far as representing a character's "skill."That is an approach the could work but what going on here?

It about that players can do more than fight, cast spells, turn undead, etc as their characters. They can sneak past a guard, open a locked chest, or weave a basket.

What important is not which is approach is right. It about what works with one's campaign. Because of my circumstances I opted to come up with an ability system.



Abilities
Going back to OD&D 3 LBBs we have three character classes, Cleric, Fighting-Man, and Magic User along with mechanics to handle combat, spell casting, and a few other things like turning undead. But suppose a character wants to sneak past a guard, open a locked chest, or weave a basket for that matter?

 The 3LBBs imply that the player describe what they are doing and the referee makes a ruling based on the circumstances and what been established about the character. This interpretation is supported by this anecdotes from back in the day. However the various anecdotes and few pieces of documentation (like Judges Guild Ready Ref sheets, Strategic Review) display widely varying methods of adjudicating this things. Some use attributes, some use an arbitrary chance, other account for class and level. Some use %, 3d6, or 1d20 roll low or high.

However there are some common elements among those accounts of using 3 LBBs. The most important is that outside of combat, and spell casting, any character can attempt any action. All three classes can try to stealth past the guard, try to open the locked chest, or try to weave a basket. But it up to the referee to decide on the mechanics of adjudication.

One way is to based it primarily on class and level with some modifiers based on attributes as JB does in his campaigns. His post states the reasons why.

I opted it to handle it a different way. My view is that any character can attempt any action outside of class specifics. That some classes are better than other classes at certain abilities. That attributes are important to determine how good a character is at certain abilities. That like combat, and spell casting not every class or individual character is equally adept in these abilities.

The result is the ability system as outlined in my Majestic Fantasy Basic Rules.

Related to this is my decision to ditch the thief class in favor of a series of Rogue classes. What distinguish the Rogue from the Cleric, Fighter, and Magic User, is that they are better at various abilities than other classes. For example the Burglar class in the basic rules is better at climbing, eavesdrop, legerdemain, perception, and stealth.

Because I had no issues with players trashing my setting as they tried to become kings or magnates I to deal with a player attempting a lot of different things. The climb to power required the players to do more than just fight or cast spells. Adventures and exploration were important in my campaign but often they were just the means to the player's end goal of rising to the top.

Wrapping it up
That why I decided to do things differently from JB. Again what important here isn't that you handle this in a particular way but that you think it through, that the result fits what you want out of the campaign, and that it is fun to play.
Categories: Tabletop Gaming Blogs

Mentzer Expert Dungeons & Dragons Box Set & Low Level Grand Duchy of Karameikos Campaign Action

Swords & Stitchery - Tue, 06/25/2019 - 13:15
When it comes to grabbing onto the gusto of Mentzer Expert Dungeons & Dragons edition there's no better edition to add onto Basic Dungeons & Dragons. 'The D&D Expert Rules Set (1983), by Frank Mentzer, is the second iteration of the boxed Expert Rules for Basic D&D and the second volume in Mentzer's BECMI rules series. It was published in August 1983.' With Expert the players & their PC's Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Making the List of 10 Greatest D&D Adventures After 1985

DM David - Tue, 06/25/2019 - 12:44

In 2004, Dungeon magazine published a list of the 30 greatest Dungeons & Dragons adventures. I saw few reasons to quibble with the choices, but the list favored early adventures. More than a third of the magazine’s picks came from 1985 and earlier—from just 7 years of the then 30-year history of D&D.

Extraordinary adventures come from throughout the history of D&D, but overall adventure authors have learned from the past and improved the quality of published adventures.

Why did early adventures dominate the list? Part of their stature comes from their influence. Those early modules implied a setting that serves as a foundation for every D&D adventure and campaign. But much of the high ratings come from the years of attention these adventures gained. During D&D’s early years, TSR published few adventures, and then kept those few modules on sale for a decade or more. Just about everyone who played D&D played those early classics. See Why Did So Many Classic Adventures Come From 7 Years of D&D’s 45-Year History?.

The years after 1985 produced more great adventures than those in the 2004 list, and the last 15 years yielded even more classics. I decided to look past the early classics and find the best adventures published during the decades when modules fought for attention among a flood of releases.

I found great adventures from D&D history, but I limited my list to 10. Ranking adventures led me to ponder what makes an adventure great.

Recipes and ingredients

Modules serve as both the ingredients for fun adventures and recipes for dungeon masters to mix and serve at the gaming table.

Great adventures tend to combine evocative ingredients with recipes that DMs can follow to foster fun and exciting tales. The ingredients include the memorable characters and fantastic locations, the fearsome monsters and magical treasures that make the adventure. The recipe includes the hooks, clues, events, goals, and obstacles that enable a DM to draw players through the adventure.

To DMs accustomed to re-purposing and remixing the ingredients of adventures, recipes hardly matter, but most DMs running published adventures want help for running the scenario at the table, even if we sometimes change the recipe.

The fifth-edition adventures boast consistently outstanding ingredients. They pick the best from decades of D&D lore and then add new inspiration. For example, Tomb of Annihilation builds on the dinosaurs and lost world of Isle of Dread, the overgrown jungle ruins of Dwellers of the Forbidden City, and the deathtrap dungeon in Tomb of Horrors. Curse of Strahd builds on Ravenloft, the adventure that might be D&D’s best ever. Based on ingredients alone, all the hardcovers rank with D&D’s greatest adventures. But the recipes tend to falter. In Are the Authors of the Dungeon & Dragons Hardcover Adventures Blind to the Plight of DMs?, I described these shortcomings.

As a recipe, Curse of Strahd doesn’t succeed completely. The DM needs to nudge players toward level-appropriate areas, but the Tarokka card reading hints at the means to Strahd’s defeat and provides clues that guide the adventure.

Rating Tomb of Annihilation presents more challenges. I found the ingredients irresistible, but the adventure challenges DMs. The death curse creates urgency when the players may want to try dinosaur racing in Port Nyanzaru. As written, the hex crawl will exhaust players with random encounters. The Tomb of Nine Gods features expert design, but six levels of unrelenting deathtraps may weary players. Still, I loved the Tomb’s mix of inspiration and the dungeon so much that I originally slotted the adventure at a higher rating, but its flaws led me to drop the adventure to 8th just before posting. Reader reaction to the Tomb’s rating left me comfortable with my new ranking.

Meanwhile, many readers voiced support for Storm King’s Thunder, a chimera that’s part gazetteer, part assortment of lairs, and part plotted adventure. The reputation of Storm King’s Thunder has grown, but not enough to merit a spot on the list.

How much do players value a variety of settings and activity?

Six adventures from Dungeon magazine’s 2004 list fell short of ranking on my list.

If my list included 20 entries, most of these adventures would rank, but none reached my top 10. With only 10 slots, and newer adventures to fit, many had to go just because they weren’t quite as good.

Reviews and play accounts of faulted some of these adventures for their intense focus on one mode of play: the dungeon crawl.

Reviewers praised Return to the Temple of Elemental Evil for delivering a great dungeon, and then warned that the amount of crawling could prove exhausting.

When I ran Sunless Citadel and Forge of Fury back-to-back, the Citadel stood out for its interaction with a memorable cast and for its story line. The Forge felt like more of a grind.

I compared Ruins of Undermountain to Waterdeep: Dungeon of the Mad Mage. The new hardcover easily rates as the best mega-dungeon I’ve played or run. It delivers a better version of Undermountain than Ruins of Undermountain. Each level brings a strong theme that adds variety. The factions and sympathetic residents open the dungeon to interaction. And yet, I grew to crave changes of setting and my players thirsted for a larger plot than the classic bid for treasure. Neither adventure made the list.

I love dungeon crawling like Groucho loves a good cigar, but too much of a good thing sometimes tires me. I suspect many—perhaps most—current D&D players share my take. Critics of Tomb of Annihilation often call the six, uninterrupted levels of the Tomb of Nine Gods wearying. Even longtime D&D and Pathfinder designer James Jacobs seems to share my trepidation. In an interview promoting Red Hand of Doom, he contrasts his adventure with City of the Spider Queen and Return to the Temple of Elemental Evil. “Working on Dungeon (and in particular, the Shackled City and Age of Worms Adventure Paths) taught me a lot about designing huge adventures. One of the most important lessons I’ve learned there: don’t succumb to the lure of the enormous dungeon. They may be fun to design, but dungeons with 100 rooms are a bear to adventure through.”

None of this disqualifies pure dungeons from my list. Many still managed to place, but I favored adventures that play to all three pillars and tour a variety of environments.

Attention and recency bias

Lost Mine of Phandelver may rank as the most disputed entry on my list. Fans cite how well the adventure introduces various tropes and styles of play to new players and DMs. Critics cite a lack of anything new or wondrous. Both fans and critics make fair claims.

Lost Mine’s reputation benefits from two advantages that make the adventure complicated to rate. As the starter set adventure for a new edition, Lost Mine gained the attention of every D&D fan. And because Lost Mine introduced the most recent edition, it may benefit from recency bias, our tendency to overestimate newer things in our memory.

When I placed Lost Mine at number 3, I rated the adventure based on how well it suits its purpose of introducing new players to D&D. As a launch into D&D, the scenario may succeed better than any prior intro. Because many old fans of D&D love the adventure too, it vaults near the top of the list.

What happened between 1986 and 1996?

My list includes Night’s Dark Terror from 1986 and then no other releases until The Gates of Firestorm Peak in 1996. Were the years between 1986 and 1996 really starved of quality adventures?

I considered several adventures from these years for my list. During that period, TSR split development between D&D and Advanced Dungeons & Dragons, and between numerous campaign settings. Perhaps a flood of releases aimed for shrinking segments of a divided D&D market meant that no adventures gained enough attention to grow in reputation. But perhaps a focus on campaign settings instead of adventures led TSR to produce solid but unexceptional modules. Teos “Alphastream” Abadia writes, “Entire lines, such as Dragonlance or Spelljammer, are often solid but not exceptional, even for their time. (I do personally like Spelljammer’s Under the Dark Fist).”

Short, high-level, and setting-specific adventures published near the end of an edition

Because my ratings drew on recommendations, reputation, and reviews, the list may overlook great adventures that failed to gain attention for reasons unrelated to quality.

Short adventures seem to lack the weight needed to make an impression. Most of the adventures on my list span 100 or more pages. Releases that include extras like poster maps, counters, and cards also seem to make a bigger impact.

No high-level adventures made my list. Most D&D play focuses on lower levels, especially in past editions when play above level 9 or so exposed flaws in the game. This means low-level adventures tend to win the most sales and attention. What high-level adventures escaped attention?

In my list, Dead Gods is the only setting-specific adventure branded for a particular setting or campaign. The proliferation of campaign settings in the late 80s and 90s takes some blame for diluting the sales of D&D products below profitability. For instance, DMs running games set in Mystara ignored adventures set in Greyhawk, the Forgotten Realms, Ravenloft, Spelljammer, Dark Sun, and so on.

Adventures shipped near the end of an edition tend to languish on shelves, unnoticed by fans looking ahead to the new edition. When Milwaukee hosted Gen Con, I made annual visits to one of the city’s used bookstores. For years, I spotted the same stack of remaindered copies of The Apocalypse Stone, the final second-edition adventure.

My list of greatest adventures proved fun to create and unveil, so I feel inspired to create other lists that find overlooked classics.

  • The greatest short adventures published after 1985
  • The greatest high-level adventures from any era
  • The greatest adventures branded for a campaign setting
  • The greatest Dungeon magazine adventures

Don’t look for these lists anytime soon. I mulled my after-1985 list for years, off and on.

Help me out. What are your favorite short adventures? What are your favorite high-level adventures? What are your favorite adventures branded with a campaign setting?

Related: The 10 Greatest D&D Adventures Published After 1985

Next: Honorable mentions: The adventures that merited consideration for the top 10

Categories: Tabletop Gaming Blogs

Wednesday Comics: Storm: Vandaahl the Destroyer (part 2, review)

Sorcerer's Skull - Tue, 06/25/2019 - 11:00
My exploration of the long-running euro-comic Storm, continues with his adventures in the world of Pandarve. Earlier installments can be found here.


Storm: Vandaahl the Destroyer (1987) (part 2)
(Dutch: Vandaahl de Verderver)
Art by Don Lawrence; script by Martin Lodewijk

When last we left our heroes, so kids on the water planet had just released a conqueror from another universe from what was supposed to be his eternal prison. One of his first acts is to zap Ember.

Back in his home universe, scientists inform the Lord Judge than sentenced him, that Vandaahl the Destroyer might well be alive, having slipped through a wormhole instead of being killed in a black hole. They decide the only decent thing to do is retrieve him, rather than let him lay waste to other words.

Vandaahl has already started by laying waste to the tree settlement, though he allowed the people, including Storm  and friends, some time to escape first.


With Vandaahl on the loose, Storm decides they must warn the people of Pandarve. To help him get off world, the Water-Planet people summon dolphin-like creatures that tell them of a waterspout leading off planet.


The vessel the people of the Water-Planet give them isn't made for long space voyages, though. Luckily, they run across a large trading vessel before their supplies run. They're able to get a ride.



TO BE CONTINUED

On A Hellish Scape

Hack & Slash - Tue, 06/25/2019 - 06:44
This is an image of the city "Rustock" in the Perdition game I'm running online, in public, broadcasted on the internet. I'm playing with these amazing wonderful people. The charisma sometimes is too much! Come join us and the rest of the audience tonight, Tuesday, June 25th, at 5 PM CST, (-6 GMT) and watch me run Dungeons and Dragons! (note the lava flow and the jets of fire!)

Today's mega-sale?
Perdition in .pdf for 3.99! (Normally 9.99$)
Perdition in print (softcover) at a 40% discount. Normally 19.99, now only 11.99!!!
Perdition in print (hardcover) at a 40% discount. Normally 39.99, now only 23.99!!!

With art by noted artists Matthew Adams, Russ Nicholson, and many others, and writing by me and Arnold K. of Goblin Punch!

Rules for the Infernal Conclave, Summoning and Binding Demons and Devils, and signing infernal contracts that work and make for fun at the table! See my organic design principles at work. Reward yourself with a beautiful book.

Guys, it's great. A real labor of love. Check out the coolest thing you'll buy this year, and pick it up before it too goes off sale! And come watch us play!



The sale is still on till Friday!Everything on the DriveThroughRPG storefront is 10% off all weekLots of print products on Lulu are 25% off all week and everything in the Etsy Store is 10% off!

Some images from the book!

Hack & Slash FollowGoogle +NewsletterSupportDonate to end Cancer (5 Star Rating)


Categories: Tabletop Gaming Blogs

Back to Basics & Beyond - Dungeons & Dragons Set 1: The Basic Rules the Mentzer Edition & Tom Moldvay's B4 The Lost City

Swords & Stitchery - Tue, 06/25/2019 - 01:53
"This box contains all you need to start having FUN: Programmed adventures for easy learning and HOURS of FUN The PLAYER'S GUIDE for beginning characters - with simple and expert combat rules, magic spells, and role playing tips" So reads the back of one of the most iconic editions of Dungeons & Dragons Set 1: The Basic Rules  the Mentzer Edition.  Yes I totally keep stealing these Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

7 Games to Kickstart “Conan: Savage Legends” on July 16

Gamer Goggles - Mon, 06/24/2019 - 22:00

7 Games to Kickstart “Conan: Savage Legends” on July 16

 

 

June 21st, 2019 – S7 Games is thrilled to announce the launch date of Conan: Savage Legends Kickstarter campaignbased on the world-renowned pulp fantasy stories by Robert E. Howard. This fast-paced arena style combat miniatures game will allow 2-4 players to take on the role of either Conan or one of the Legends of Hyborea, as they command their forces, search for ancient relics, and clash in glorious battle.

 

S7 Games will launch a Kickstarter for Conan: Savage Legends on July 16th, 2019 which will conclude on August 8th, 2019. The Kickstarter version will include exclusives and Limited-Edition items.

 

A retail version of Conan: Savage Legends is planned for release following Kickstarter fulfillment, distributed by various top tier hobby distributors as well as through Diamond Books to the broad market.
About Conan: Savage Legends:

Conan: Savage Legends takes place in Conan’s Hyborean Age after the ancient necromancer, Xaltotun, shatters the walls of time and space, stranding heroes and villains alike together in Hyborea. You take on the role of a mighty Legend, gather your warband, and go forth to battle other Legends torn from space and time. Take command of your forces, gather magical artifacts, acquire power, and remind your foes why you deserve the title of “Legend.”

 

The base game will include everything that up to four people will need to play, including high quality miniatures, double sided game board, double sided terrain tiles, rulebook, dice, and hundreds of tactics and Item cards. With these tools, players will be able to experience the fast-paced and engaging gameplay of Conan: Savage Legends again and again.

About S7 Games

S7 Games
S7 Games is a tabletop game company devoted to producing and publishing high quality games based on hit pop culture brands and original properties. Formed in 2016, S7 Games is an independent wholly-owned subsidiary of Seven Seas Entertainment. S7 Games is distributed to the broad market by Diamond Book Distributors and has dedicated partnerships with top tier hobby distributors. For more information, visit www.s7tabletopgames.com

Categories: Tabletop Gaming Blogs

Gen Con Expands Gen Con TV Streaming Video Program with New Shows

Gamer Goggles - Mon, 06/24/2019 - 21:55
Gen Con Expands Gen Con TV Streaming Video Program with New Shows

FOR IMMEDIATE RELEASE

SEATTLE (June 21, 2019) — Gen Con, the largest and longest-running tabletop gaming convention in North America, expands its Gen Con TV streaming video program with new shows. Gen Con TV, a year-round streaming video program launched in January 2019, features tabletop gaming news, live gaming, interviews, and more. Shows are streamed live on Twitch, where fans can watch and chat in real time, often interacting with the shows’ hosts; episodes are then posted for on-demand viewing on YouTube.

“Livestreaming has become a huge driver of the growth of tabletop gaming culture, connecting fans across the world and attracting new audiences by making the hobby more accessible to newcomers,” said Kristen Jensen, Gen Con’s Marketing Manager. “We’re excited to connect with Gen Con fans year-round, both in Indianapolis and around the world, through our Gen Con TV streaming video channels, and can’t wait to share our plans for future content as the program grows.”

After launching in January 2019 with weekly tabletop gaming news show TableTakes and live gaming program Game Night, Gen Con TV has expanded its schedule with new programming including Fireside with Peter Adkison, an interview show focused on the history of tabletop gaming.

TableTakes, Presented by Gen Con, is a tabletop gaming news and culture talk show, streamed live each Friday from Gen Con’s studio in Seattle. The show is hosted by game designer Emma Larkins (Heartcatchers, …and then we died), actor and director Christian Doyle (Zombie Orpheus Entertainment), Gen Con Senior Event & Program Manager Derek Guder, and geek-culture streaming personality Banzai.

Game Night with The Brothers Murph is a weekly live-gaming show with brothers Mike and Nick Murphy, who play a variety of board and card games live on air while interacting with their audience in Twitch chat.

Fireside with Peter Adkison is a live interview show focused on gaming history, investigating games and movements influential to tabletop gaming’s development. This season, Adkison, the founder of Wizards of the Coast and current Gen Con owner, traces the inception and early years of Magic: The Gathering, featuring interviews with key contributors to the creation, growth, and success of the popular trading-card game.

Gen Con launched convention-long streaming of events on Twitch at the Gen Con 2018 convention in Indianapolis, netting more than 300,000 unique viewers of its programming with more than three million minutes of watched footage during the four-day event. Convention streaming will return at this year’s convention, across three Twitch channels featuring Main Stage events, live gaming with popular tabletop streamers, and game previews and interviews from publishers and designers.

Gen Con returns to Indianapolis August 1-4, 2019.

About Gen Con

Gen Con is the largest and longest-running annual event devoted to tabletop gaming culture in North America. The convention, which began in 1968 in Lake Geneva, WI, attracts 70,000 attendees and 520 exhibiting companies each year. During the convention, attendees choose from 17,000 ticketed events representing a wide array of board games, card games, roleplaying games, seminars, entertainment events, and more. Gen Con takes place each August in the Indiana Convention Center, Lucas Oil Stadium, and surrounding downtown hotel spaces in Indianapolis, IN.

Categories: Tabletop Gaming Blogs

OSPREY GAMES LAUNCHES ROLEPLAYING GAME SERIES

Gamer Goggles - Mon, 06/24/2019 - 21:30

OSPREY GAMES LAUNCHES ROLEPLAYING GAME SERIES

 

Osprey Games is delighted to announce the November 2019 launch of Osprey Roleplaying, a new series of beautifully illustrated, hardback RPG rulebooks that transport players to incredible worlds and extraordinary adventures. The series debuts with two titles: Romance of the Perilous Land: A Roleplaying Game of British Folklore, created by award-winning designer Scott Malthouse, and Graham Rose’s Paleomythic: A Roleplaying Game of Stone and Sorcery.

 

In Romance of the Perilous Land, players take on the role of brave knights, fierce warriors, and other heroes as they fight evil, right wrongs, and create their own legends in Arthurian Britain.

Paleomythic sees players attempt to navigate their way through the harsh prehistoric land of Ancient Mu – a world where hostile tribes, otherworldly spirits, ferocious beasts, and other monstrous creatures threaten their survival at every turn.

 

Speaking about the new series, Philip Smith, Head of Osprey Games, said “I’m thrilled that we are finally able to announce the first titles in our new line of RPGs. We’ve been working with some great designers and artists on games from a range of genres, and there’s more to come – watch this space!”

 

Romance of the Perilous Land: A Roleplaying Game of British Folklore

Designer: Scott Malthouse

Illustrators: John McCambridge, David Needham & Alan Lathwell

ISBN: 9781472834775

Format: Hardback

Price: £20 / US $30 / CAN $40

Created by award-winning designer Scott Malthouse, Romance of the Perilous Land is a roleplaying game of magic and adventure set in the world of British folklore, from the stories of King Arthur to the wonderful regional tales told throughout this green and pleasant land. It is a world of romantic chivalry, but also of great danger, with ambitious kings, evil knights, and thieving brigands terrorising the land, while greedy giants, malevolent sorcerers, and water-dwelling knuckers lurk in the shadows. As valiant knights, mighty barbarians, subtle cunning folk, and more, the players are heroes, roaming the land to fight evil, right wrongs, and create their own legends.

About the Author

Scott Malthouse is a roleplaying game designer and folklore enthusiast who was born and bred in Yorkshire, where he currently lives. His work includes the award-winning Quill (Best Free Game 2016, Indie RPG Awards), In Darkest Warrens, and Unbelievably Simple Roleplaying.

Paleomythic: A Roleplaying Game of Stone and Sorcery

 

Designer: Graham Rose

Illustrators: John McCambridge & Mars Oosterveld

ISBN: 9781472834812
Format:
Hardback

Price: £20 / US $30 / CAN $40

 

 

Paleomythic: A Roleplaying Game of Stone and Sorcery, written by Graham Rose, sees players face all manner of challenges as they try to survive in the prehistoric land of Ancient Mu. Taking on the roles of hunters, healers, warriors, soothsayers, and more, they will navigate a world of hostile tribes, otherworldly spirits, prehistoric beasts, and monstrous creatures lurking in the dark places of the world. Players have a huge scope in sculpting the game experience that best suits them, whether it’s a gritty survival story without a trace of the mystical or a tale of grand adventure and exploration in a mythic setting.

 

About the Author

When Graham Rose discovered roleplaying games, he was hooked. He designed his first home-brew RPG in the 1980s and has continued tinkering with games ever since. It was whilst roleplaying that Graham decided to acquire as many of the abilities listed on his character sheet as possible. This quest has led to a wide range of interests, from archaeology to competition fencing, a career in the fields of intelligence and law enforcement, and has also resulted in him crashing a snowmobile in the Arctic Circle, enduring serious illness in Kathmandu, coming face to face with a silverback gorilla in Rwanda, and walking Hadrian’s Wall during a storm. Graham lives in the UK with his wife, Nicola, and currently works as a cold case homicide investigator.

 

About Osprey Games

Osprey Games is the dedicated games division of Osprey Publishing (part of Bloomsbury Publishing plc) and publishes a wide range of wargames, card games, and board games. Launched in 2014, the company has produced an array of critically acclaimed titles, including Frostgrave: Fantasy Wargames in the Frozen CityBolt ActionOdin’s RavensWildlands and The Lost Expedition.

 

Categories: Tabletop Gaming Blogs

IDENTIFY THE MONSTERS THAT PLAGUE YOU WITH D&D’S NEW MODULE, “GARDENS OF FOG”

Gamer Goggles - Mon, 06/24/2019 - 21:20

IDENTIFY THE MONSTERS THAT PLAGUE YOU WITH D&D’S NEW MODULE, “GARDENS OF FOG”

Take This and Wizards of the Coast Give Voice to Mental Illness with Play
and #MyMonsters Campaign

 

June 18, 2019 – (Seattle, Washington) Despite all the monsters, ghouls, and dragons players often face in Wizard of the Coast’s popular Dungeons & Dragons (D&D), the toughest adversary often come from within players themselves – Anxiety and Depression.  Starting today on the Dungeon Masters Guild, D&D players can take on Anxiety and Depression in the “Gardens of Fog” adventure module, giving a compassionate voice to challenges that plague so many, all while benefiting Take This, a non-profit that provides mental health best practices and resources that cater to the unique needs of those in the video game and tabletop game communities. Sales of this module will support Take This’ mission of eradicating mental health stigma.

This new charity D&D adventure module was created in collaboration between Dr. Raffael Boccamazzo, Clinical Director for Take This; Bill Benham, associate producer for Wizards of the Coast; and Hannah Rose, best-selling author of such Dungeon Master Guild material as the College of the Opera and Cartographer subclasses. In “Gardens of Fog,” a dear friend lies stricken, a prisoner in their own mind. The locals are baffled, unable to provide aid, and without your intervention, your companion is surely lost. Steel yourself, enter the realm of the mind, and face the struggles within. This D&D module contains a complete adventure, monster encounters, information on how to take on anxiety and depression in the real world, and a new character subclass inspired by Take This’ mascot: the psychomancer! It’s dangerous to go alone, so grab your party and face these challenges together! Win or lose, Wizards of the Coast and Take This strive to aid gamers, and game makers alike, who face their own monsters.

To kick off the new module, several live play groups will feature “Gardens of Fog” on their online streams.  Tales from the Mists started it off this past weekend with their live stream,  featuring psychologist Dr. Megan Connell. Other live play groups will be featuring the module in the next two weeks, including:

  • Hyper RPG on June 18th, 9pm – 12am PDT.  Joining HyperRPG’s Malika Lim Eubank, will be an amazing group of tabletop enthusiasts including, Yoshi Sudarso, Peter Sudarso, Cristina Vee, Emma Fyffe, Emily Rose Jacobson, Cameron Rice and Michelle “Chubby Bunny” Bradley.
  • Rival of the Waterdeep on June 22nd, 12pm-3pm PDT.  Joining moderator Surena Marie will be Carlos Luna, Cicero Holmes, Tanya DePass, Shareef Jackson, and Brandon Stennis
  • Clinical Roll on June 24th 5pm – 6pm PDT.  Clinical Roll will feature mental health professionals in the games community. They include Megan Connell, PsyD, ABPP; Adam Davis, MEd; Adam Johns, MA, LMFT; Jack Berkenstock, MHS; Rachel Kowert, PhD; and Raffael Boccamazzo, PsyD.

Real mental health professionals will join the broadcasts to help bring fact to the fiction and discuss mental health themes from the games and in the adventure module.

“Thousands of players have told us how D&D helped them to explore and overcome the real-life challenges they face,” says Dr. Raffael Boccamazzo, clinical director of Take This and co-author of the adventure module. “We’ve named our problems. Now, we help our friends find hope.”

Make sure you catch all the action the final two weeks of June on all the live streams listed above and download the “Gardens of Fog” adventure on the Wizards of the Coast Dungeon Masters Guild.

Beyond the D&D module, Take This wants to continue to help players put a voice to and identify mental and emotional monsters through its #MyMonster social media campaign, where anyone worldwide can contribute to the fight for good mental health. Thousands of gamers have jumped on Twitter to talk about the issues they face each day, describing them as monsters. From depression that lumbers around like a giant ogre blocking someone from moving past to an insecurity that speaks with a thousand mouths, people share their monsters and their struggles online. Take This sees that taking the first step is often about giving a name and a face to your monster so that you can beat them. For more mental health resources, please visit Take This’ website.  

D&D “Gardens of Fog” Module can be found here for $6.99.  

About Take This Inc.

Take This is a mental health non-profit that provides resources, guidelines, training, and support that is tailored for the unique needs of the game development community and embraces the diverse cultures and issues of the game community.  Take This helps those who suffer by letting them know that they are not alone and providing information on treatment options and how to find help. Take This’ key programs are its AFK Room Program at conventions, its mental health consulting program for game developers, and its ambassador program for streamers.  For more information, visit http://www.takethis.org

Categories: Tabletop Gaming Blogs

Getting to Know - the Lords of the Crypt

3d6 Traps & Thieves - Mon, 06/24/2019 - 17:50

The Abronti: For generations, a family of wealth and influence, with an ancestry tainted by bloodborne illness and dramatic madness. Through the years, the more troublesome members would find themselves spirited off to distant monasteries, undertaking extended expeditions, or admitted to quiet sanitariums. Eventually, the family name was overtaken by tragedy and illness – passing entirely with the demise of the unmarried and childless Cauvage Abronti. With no legal heirs, the bulk of the remaining family fortune passed into trust with an organization known as the Vault Foundation. In time, out of respect for its greatest benefactor, the organization became the Abronti Trust. The exact details of the setup and administration of this venture are very complicated.
Dark Inquest: With the Abronti family extinct, and no one to protest the instigation of questionable legal proceedings, the opportunists and scavengers came out from beneath various rocks to lay their dubious claims. For the better part of two years, the legal representatives of the departed Abronti family held the line against every covetous siege. Then, the departed family elders, led by Cauvage Abronti, stepped forward into the light to reclaim their own. To their credit, the Abronti elders had arranged for a letter of introduction to be delivered to the office of their solicitor before making their reappearance. At the time, the letter was thought to have been a joke in poor taste.
Vault Cabal: The Abrontis were dead to begin with. Yet, in death, their wealth and influence had only grown. Through the loyal diligence and faithful competence of servants, representatives, caretakers, employees, and officials, the Abronti family had quietly carried on. Debts were paid, properties maintained, investments managed, and secrets kept. So many secrets. One of which, apparently, being that of immortality – of a sort. For the Abrontis were most certainly dead. Of this there was no doubt. And the dead could not lay claim to the property and title of the living. Well, not until passage of the Open Crypt Act of 332. Pretty impressive what money, influence, and careful estate planning can accomplish.
The Crypt: Much of this backstory and setting detail came about while pondering the nature and purpose of the Crypt Thing. While I understand a lot of the complaints about the Fiend Folio, it was an exciting surprise on the shelf of my local B. Dalton bookseller. Nothing against the life-altering work of Gary Gygax, but I was ready for something different after the Monster Manual. Let’s face it – more than half the entries in that book weren’t exactly unknown to a kid versed in fantasy and mythology. More often than not, the fiends within this folio were new to me. Even then, I was getting a feel for the artists of the day. Opening the Fiend Folio those first few times, I was welcomed by a few familiar favorites. Of course, there were tons of illustrations jarring to my untrained eye. In short, I didn’t like a lot of them. Many failed to capture or inspire my imagination. One that succeeded more than admirably was found on page 21, under the entry of Crypt Thing. Not the simple mug shot next to the stat block – the glorious portrait at the center of the second column.

The Thing: I know I’ve said it before, but that Russ Nicholson illustration of the Crypt Thing and…lone adventurer that made his saving throw? Bodyguard? Master? Admirer? Cultist? I didn’t know – but it got me thinking. Could the Crypt Thing be part of something greater? Something besides a creepy dungeon inconvenience? I mean, they weren’t undead – and they were implied to take some sort of perverse pleasure in messing with hapless adventurers. Yet, it had a Neutral alignment. No chaotic whim. No inherent malice. Though skeletal, there was no indication of unlife. No mention of the usual immunities given to animated dead things (well, it could only be hit be magical weapons – but that’s true of a lot of critters). No claim to construct status. Was I supposed to assume this creature was somehow alive?
The Spark: I’ve seen a lot of unfavorable Fiend Folio reviews. And, yes – I get it. Now, I’m not going to say that all those naysayers have limited imaginations…but –
Personally, I don’t really use many of the Fiend Folio entries with their Fiend Factory settings. For me, they are sources of inspiration more than immutable stat blocks and static flavor text to be cut-and-pasted right into my setting. But then, I’m the guy that finds all the countless Demon and Devil entries in both Monster Manuals to be kind of tedious and a bit of a waste of space – especially in the MM2. I wasn’t disturbed by Demons and Devils in my RPG in the 80s – I was bored by them. But, that’s another blog entry entirely.
The Crypt Thing. Not undead. Well, even back then we pretty much ignored that bit. We just figured it couldn’t be turned as long as it sat in its chair as a guardian. That was it’s only purpose, after all. Roger Musson’s written description implied a few options and left some intriguing wiggle room. 100% chance to be encountered In Lair (“at least, none have been encountered elsewhere”). Oh, Roger – you delightful tease. The Crypt Thing may speak – and it will lie! Those companions of yours that vanished – they were destroyed. You wanna be next? You feeling lucky? Not all Crypt Things even teleport their victims – we have “aberrant” versions that paralyze and invisibilize them instead. Variant monsters mentioned right in the description of the original monster entry. That was my jam!
Variance: Did I call the Crypt Thing a guardian before? Oops. That was presumptuous of me. The Fiend Folio entry never mentions that. It has a lair – we presumed it had to be guarding something. Honestly, I’ve used the Thing as nothing more than a nuisance encounter at the end of a dead-end passage. But, I do have a tendency to modify and adapt monsters for my own setting. Now, the original entry never specifies that the Thing is not undead – it just never mentions that it is. I mean – it’s a robed skeleton. Okay – “A pale, solitary skeletal being…” Come on. Pale? Sure – bones tend to be kind of pale. Skeletal? Like – skeletally thin? Nope. Doesn’t even have eyes in its empty sockets, according to both illustrations.Second Coming: 2E AD&D gave us the updated Crypt Thing in the Monstrous Manual – instituting some of our assumptions and alterations in the process. Oh, and a much less interesting illustration. If this had been my introduction to the monster, I doubt I’d be writing all this nonsense today. Still, this later entry clarified the undead status of the Crypt Thing. It gave us a bit of an origin and purpose: raised or created by spell to protect the bodies of those laid to rest. We also get verification that it cannot be turned in its own lair. The range of clothing choices increases from only brown robes to a more fashionable black. Oh – and the eye sockets gleam with nifty red pinpoints of light. Doesn’t really do much for me. 2E AD&D didn’t inspire me much more than 1E, to be honest. I usually preferred my own embellishments and adaptations.
Clothes Maketh the Thing: Brown robes. Black robes. I’d been considering the robes long before the Monstrous Manual came into my grasp. My campaign had introduced a villain shrouded in a voluminous cloak of woven spiderweb. The cloak was a powerful artifact that gave the villain much of his necromantic power. Well – that’s what the players believed. Truthfully, the villain wore what looked like a spider earring – and this was the actual villain. An alien spider that wove a cloak and controlled the mind of its victim to further its own goals while no one suspected the innocuous piece of jewelry hidden within the hood of the cloak. Also, I really liked the monster known as the Cloaker. These potential details generated the idea of making the Crypt Thing’s robes the actual monster, instead of the skeleton.
Cryptic Things: The Crypt Thing is among the least of an undead society resulting from the explorations and machinations of the Abronti elders. Robed in unassuming brown, these creatures form a base caste of servitor undead. Common belief places the members of the inner circle of the original cabal in the roles of Crypt Dooms, the most powerful of these creatures and the keepers of the bindings over all the rest. The society of the crypt is centered on arcane bindings and control of the shadowy unlife of its members. Robed in gray, the Crypt Warder oversees and maintains the Crypt Things. The black-robed Crypt Doom holds the source and sharing of the animating power behind the Crypt Things and the rest. The Abronti elders themselves wear robes of deepest violet and are known as Crypt Lords.
Things to Do: With an established hierarchy of status and power, the Abronti organization could focus on their important goals. At the top of the list was immortality, followed closely by gaining power enough to maintain that immortality indefinitely.
There is much more to explore - including the secret journey of the Abronti elders from death to undeath, the true nature of the Crypt Thing (and the others), and specific stats/details of each creature type. These revelations (and more) will be compiled and shared.
Categories: Tabletop Gaming Blogs

Hoplite & War Machine - 'The D&D Master Rules Set' (1985), by Frank Mentzer & 'The Milenian Empire' By Anthony Herring

Swords & Stitchery - Mon, 06/24/2019 - 16:43
"At last, the cycle is complete. Players and Dungeon Masters alike may experience the wonder of reaching for the ultimate levels of mortal might with the D&D Master Set. In the Basic Set you learned to crawl through dungeons and defeat the minions of evil. In the Expert Set you set out on wanderings through the wilderness. In the Companion Set you climbed to the pinnacle of success andNeedleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

A week in security (June 17 – 23)

Malwarebytes - Mon, 06/24/2019 - 16:29

Last week on the Malwarebytes Labs blog, we took a look at the growing pains of smart cities, took a deep dive into AI, jammed along to Radiohead, and looked at the lessons learned from Chernobyl in relation to critical infrastructure. We also explored a new Steam phish attack, and pulled apart a Mac cryptominer.

Other cybersecurity news
  • Florida City falls to ransomware: Riviera Beach City Council agrees to pay $600,000 to regain use of hijacked computers. (Source: Forbes)
  • Smart TV virus warning goes AWOL: A peculiar promotional message warning about the  dangers posed to smart TVs goes missing. But why? (Source: The Register)
  • Used Nest cams allow continued cam access: This has been fixed, but read on for a look at what happens in the realm of IoT when old devices connect in ways you’d rather they didn’t. (Source: Wirecutter)
  • Fake profiles on LinkedIn go spying: An interesting tale of scammers making use of AI-generated profile pictures to make their bogus accounts look a little more believable. (source: Naked Security)
  • Bella Thorne takes fight to extortionists: The actress decided to share stolen photographs of herself to teach a hacker a lesson. (source: Hollywood Reporter)
  • This phish is a fan of encryption: A new scam claims an encrypted message is waiting, but you need to log in to view it. (Source: Bleeping Computer)
  • Mobile app concerns: High risk vulnerabilities abound in both iOS and Android apps. (Source: Help Net Security)
  • Twitter takes on state sponsored accounts: The social media platform took down around 5,000 accounts being used to push propaganda. (Source: Infosecurity Magazine)
  • Malware comes gunning for Google 2FA: A new attack tries its best to bypass additional security restrictions. (Source: We Live Security)
  • A security hole in one: Mobile malware attempts to swipe numerous pieces of personal information. (Source: SC Magazine)

Stay safe, everyone!

The post A week in security (June 17 – 23) appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Babé Crochet Hat Templates Giveaway

Moogly - Mon, 06/24/2019 - 15:00

Babé Crochet Hat Templates are perfect for every crocheter that makes hats – or wants to start! They make it so easy to get just the right size, from preemies to adults. And to celebrate their rebranding and relaunching this year, I’m giving away 3 full sets in the Babé Crochet Hat Templates Giveaway on...

Read More

The post Babé Crochet Hat Templates Giveaway appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

14
Categories: Crochet Life

Mobile stalkerware: a long history of detection

Malwarebytes - Mon, 06/24/2019 - 15:00

Recently, we have received an alarming question from many Malwarebytes users, asking, “Do you detect stalkerware?” The answer is an overwhelming, “Absolutely, and for good reason!” Moreover, we have been doing so for a long time, and are expanding our efforts in the months to come.

Going back more than five years, Malwarebytes researchers have detected applications and software that monitor other people’s online behavior and physical whereabouts. Our firm belief then is what we hold to be true now: People who are being watched have a right to know. And, taking that a step further, people should be able to consciously choose which applications and software are on their machines.

It’s your device, your choice. But when it comes to stalkerware, we know it’s not as simple as that—especially for victims of domestic abuse. So that’s why we launched a concerted effort to build a more comprehensive list of stalkerware and block it via Malwarebytes for Android, as well as Malwarebytes for Mac and Windows. (Malwarebytes for iOS no longer has scanning capabilities because of Apple constraints.)

Over the last month, we analyzed more than 2,500 samples of programs that had been flagged in research algorithms as potential monitoring/tracking apps, spyware, or stalkerware. Our database of known stalkerware has now increased to include 100 applications that no one else detects, including seven that are, as of presstime, still on Google Play.

In addition, we’ve partnered with local shelters, nonprofit groups, and law enforcement, as well as other security professionals, to share intel and build awareness. Our aim is to protect domestic abuse victims on and off their devices. Stay tuned for more blogs with advice on what to do if you find stalkerware on your phone, and how parents and other individuals can determine if a monitoring app is safe to use.

What is stalkerware?

The term stalkerware can be applied to any application that can be used to stalk/spy on someone else. Stalkerware is often marketed as a legitimate mobile tracking program to keep tabs on loved ones, especially children. Some of these programs are used above board by families keeping a close eye on their kids’ devices or users looking to find lost phones/laptops. However, these programs are often misused—to the detriment of their victims—who can now be found wherever they are going, even if they are trying to get away from abusive partners or other dangerous individuals.

What can stalkerware do?

To get to what stalkerware can do, let’s first look at the longtime mobile threat category monitor, which is a subset of potentially unwanted programs (PUPs). Because some of these stalkerware applications can be used legitimately, they are currently flagged as programs users might not potentially want on their phones. However, once presented with what stalkerware can do (or once gaining knowledge of a program that’s been installed on their device without consent), many users will likely want to delete these apps.

To see how scary a monitoring app can be, for example, I invite you to read Mobile Menace Monday: beware of monitoring apps. To highlight, here is a list of information a monitoring app/stalkerware can gather— all of which can be sent to a remote user.

  • GPS location
  • Pictures taken with front/rear camera (unbeknownst to user)
  • SMS messages
  • Call history
  • Browser history
  • Recorded audio via device mic
  • Email accounts stored on device
  • Phone numbers in contact list
  • IP address of device
A monitoring app can pinpoint a device’s exact location.

Even scarier, some of these apps are easily available on Google Play. More on that later.

A step further

Outside of Google Play, there lives a malevolent class of malware known as spyware. It has all the features of monitoring apps along with even more information-gathering capabilities. This information is readily available to stalkers with real-time data on every step of their victims. In addition, spyware can be uploaded and remain undetected, stealthily hiding its presence deep within mobile or desktop devices. 

However, stalkerware can achieve much the same results as spyware, and it’s more readily available on the market. These applications represent real-life threats to domestic abuse victims, who can readily be tracked down (along with their children), even when hidden in shelters.

In expanding our efforts to block stalkerware, we are working side-by-side with shelters, non-profit organizations, other AV vendors, and law enforcement agencies to collect as many samples of stalkerware as we can, and train victims on what to do if they suspect they are being tracked. This is a matter of personal security for victims, and we take their safety seriously.

Hard stance on monitoring apps

There is a small set of monitoring apps actively available on Google Play.  These apps advertise themselves as helping hands for finding lost or stolen mobile devices, or for keeping track of younger children in the family. 

Admittedly, there is an argument that these apps can indeed be helpful in both of those cases. Nevertheless, the potential to have the same appalling outcome as spyware exists. For this reason, we aggressively detect monitoring apps, even if they are in Google Play.

If users have knowingly and willingly downloaded monitoring apps to their own devices, they needn’t delete them when we detect them. Directions on how to keep a program that you know and trust that we’ve flagged are here for Windows users. For Android users:

  1. Run a scan.
  2. On the results screen, below each checkbox is drop-down arrow. Click on the arrow.
  3. From the list of options, select “Ignore Always.” Future scans will no longer detect the app as suspicious.
Call to action

Historically, apps that fall under the stalkerware umbrella have been extremely difficult to track down. That’s why we are calling on our patrons to help! Please reach out if you or someone you know suspects an app can be used to stalk its victims—and especially let us know if Malwarebytes for Android does not currently detect that app. You can do so via our Malwarebytes Support Forum or by submitting a ticket with Malwarebytes support.

In addition, look out for our next article on stalkerware that aims to provide victims with guidance on how to tell if their device has stalkerware installed, and what to do if that’s the case.

Dedicated to protecting you

It is a haunting reality that technology can be used for abusive purposes, especially those with horrifying physical outcomes. With most malware, some far-off threat actor is making a profit off of strangers by selling their data, zapping their CPU, or scamming them into handing over a few hundred dollars. Although dirty, no one is physically harmed.

With stalkerware, there is a real-life threat with dire consequences.

There is no more important task for a cybersecurity company than to protect its users from harm—and stalkerware opens the door to the worst form of it. This is a pursuit that all of us on at Malwarebytes take on with upmost gravitas. We hope you will join us in the fight.

Stay safe out there!

The post Mobile stalkerware: a long history of detection appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Vobleavira Haven Complex

Ten Foot Pole - Mon, 06/24/2019 - 11:13
By Vance Atkins Leicester's Rambles B/X "Low Level mooks"

… So we have a cleric and thief who found themselves allied in adventures, found their own subterranean outpost, and created a space that reflects their two characters’ personalities. …

This 21 page single-column adventure features a dungeon with 24 rooms and FOUR room with creature encounters! Yet Another Generic Adventure, with a focus on irrelevant background information.

Background information drives me nuts. Specifically, background information that does not contribute to the adventure. ESPECIALLY in an adventure that desperately needs more to it. Designers seem to confuse more words, or background detail, for gameable content. “More is better”, Pay Per Word, failed novelist syndrome … for whatever reason the inclusion of a bunch of garbage that in no way contributes to an adventure gets under my skin. It’s trivia. And it gets in the way of actually useful information, making it all the more difficult to scan room text and therefore run the adventure.

You wanna throw off a phrase here or there in an adventure that otherwise focuses on gameable detail? That’s fine. An occasional sly remark to the DM? Sure. A section on legend lore in a higher level adventure? Ok.

When the adventure is desperate for specificity, gameable content, detail that adds to an evocative nature, or interactivity, and then you include motivations for someone 300 hundred years dead and is Sir Not-Appearing-In-This-Adventure … this is when the frustratoion builds up inside of me.

  1. Guardroom – Formerly a guard post and small barrack … the room has been stripped of most useful items.
  2. Barracks – A barracks room, the room has been similarly raided.
  3. The tunnel is one of several in the complex, designed by Dufay to quickly move forces for flanking in the event of an incursion, for storage, or as escape passages.
  4. Storeroom – This room held an overflow of supplies for the kitchen and elsewhere.
  5. Kochi’s piety would not allow him to display presentations of the group’s actions, but he did allow symbolic representations. He also allowed a modest display of captured trophies,

In each of those cases, above, you can see an emphasis on the past. A past that will NOT be interacting with the party in this adventure. The guardroom text starts by telling us its a guardroom, and then explains that it used to be a guardroom. Just as he barracks does. Just as the storeroom does. In all four cases we get some history in the form of “used to be”, none of which impacts the party, today. We know the room is a former barracks [guardroom/storeroom], that’s the room title. The guardroom has a peerhole and a couple of monsters poking around in the rubble, with a small chance of them using the peehole. The door is ron-bound with a peephole, just like every other door in the complex, or so the general dungeon overview tells us, but it has to be repeated here, in this room description. This all detracts from the room proper, the monsters poking about and the peephole. It hides it from the DM when they scan the text and, other information could have been included to make the room far more evocative, or even interactive, than it is. I’m not making the case that every room needs to be a set-piece, but that the focus of the writing needs to be evocative descriptions, scannability and, maybe, some interactivity.

Instead we’re told that the guard room used to be a guard room and that in the dungeon of iron-bound doors that this room has an iron-bound door. The emphasis is, over and over again, in the wrong place.

Unless I missed something, four rooms have monsters in them. 2 giants centipedes, a room with skeletons, and two rooms with a couple of hob/s/gobs each. This is not a jam-packed exciting place to visit, full of the wonder and mystery of D&D.

This is Pay What You Want at DriveThru with a suggested price of $1. The preview is five pages. You Get to see the map, which is decent for the size, as well as a boring rumor table, a boring wandering monster table, and some generic background information. A better preview would have included a couple of rooms also.


https://www.drivethrurpg.com/product/279317/Vobleavira-Haven-Complex?1892600

Categories: Tabletop Gaming Blogs

How to Give Order and Enrichment to Daily Prayers

Just Call Me Pastor - Mon, 06/24/2019 - 11:00

Seventy-three years ago, when I was 20, the main building of the Christian college I attended served many purposes. It held classrooms, dining facilities, the administrators’ offices, library and, on the third floor, a women’s dormitory.

People seemed everywhere.

There was no private corner where I could go right after breakfast with my pocket New Testament for a quiet time, and the men’s dormitory was too distant. So I found a place in the furnace room next to the coal bin, and each morning I sat there on a three-legged stool under a bare 25-watt light bulb and had my prayers.

That is not a boast. After a lifetime of attempting to make prayer a regular and central part of my life I feel I am still a beginner. Prayer is an inexhaustible subject and at 93 I am still a student of it.

But in this blog I share with you — as I have in past years — the format and strategy I often use to guide and enrich me in the practice of daily prayer. Call it the five stages of prayer: A-C-P-I-T.

1. ADORATION. Here’s one thing I’ve learned: prayers should always begin with time to focus on who it is we are addressing. We come before God with a keen sense of his majesty, his holiness, his infinite greatness and power. And we give time for these attributes to sink in.

The Virgin Mary burst forth, My soul glorifies the Lord, and my spirit rejoices in God my Savior. Her flash of reverence is worth our pondering. We can set our minds to adoration by repeating such Psalm fragments as, Bless the Lord, O my soul, and all that is within me bless his holy name. Or, we can use the instruction of our Lord as a starting place. Jesus himself said of the Father: Hallowed be thy name. Hallowed means “greatly revered and honored.”

Adoration as an exercise clears the mind and takes us into the inner sanctuary of worship. It dispels the fog of our earth-bound living and awakens the soul to reality that is much larger than our realm of time and space.

2. CONFESSION. In a collection of prayers that John Wesley published before he was 30 years of age, he gave this helpful pattern for confession: “Heal, O Father of mercies, all my infirmities (_____), strengthen me against all my follies (_____), forgive me all my sins (_____). Wesley put blanks in so anyone using this prayer could personalize it. Our prayer should always have a place for self-examination and confession, sometimes made with tears and shame but always made with full confidence in God’s forgiving and sustaining mercy.

3. PETITION. In petition we bring personal needs before our Heavenly Father. They follow naturally upon confession. Our petitions are likely to grow out of issues we have confessed — our infirmities, our follies, our sins.

But we don’t remain there. We pray for more grace to overcome, more strength to do hard tasks, and a clearer vision to carry out our mission in life. George Buttrick wrote, “No situation remains the same when prayer is made about it.”

4. INTERCESSION. This means going beyond ourselves to pray for others — family, friends, work associates, neighbors, our congregation, enemies, other ministries, civic leaders in government, etc. To intercede thus for others near and far saves us from narrowness in our prayers.

The efficacy of intercession is one of the profoundest mysteries of the spiritual life. Prayer’s effects are often imperceptible. Answers to them on occasion may be immediate, but not always. And our intercessions are never to be viewed like approaching a vending machine, producing instantly what we ask.

Sometimes the answer is contrary to our desires. Isaiah the prophet proclaimed to a forlorn nation: They that wait upon the Lord (remain constant in their faith) shall renew their strength. James Hastings wrote, “It would not be unfair to estimate a person’s religion by the earnestness by which he longs for the welfare of others.”

5. THANKSGIVING. In adoration, where we began, we worship God for who he is; in thanksgiving, where we end, we praise him for all his benefits. For example, salvation through our Savior and Redeemer, Jesus the Christ, typically springs first to mind. In response to that unprecedented gift it is good to let our spirits soar in thanksgiving.

We might next recall the largest blessings of our lives, and give thanks. And we also remember the smallest mercies, and give thanks. Giving thanks is like priming a pump. It may take a few pumps before the sense of gratitude flows. But even if our thanksgiving is sluggish at first due to fatigue or low mood, it will begin to flow.

After many decades of regular prayer, I commend it to you as a daily practice. Try out the A-C-P-I-T strategy. Find a time and place, if even in a furnace room and under a dim light bulb. And continue along with me to plumb prayer’s depths and joys.

Photo credit: Stephen Platt (via flickr.com)

Categories: Churchie Feeds

Modification Monday: Soldotna Spring

Knitted Bliss - Mon, 06/24/2019 - 11:00

www.knittedbliss.com

Original Pattern: Soldotna Crop Knitter Extraordinaire: Rose (Ravelry Profile) Mods: Lengthened the body from a crop top to a full length sweater, added more of the yoke motif to the hem, as well as lengthened the sleeves. Details can be found on her project page, here. What Makes This Awesome:  This gorgeous sweater is great

The post Modification Monday: Soldotna Spring appeared first on %%www.knittedbliss.com%%.

2
Categories: Knitting Feeds

Madness in Castle Machina

Sorcerer's Skull - Mon, 06/24/2019 - 11:00
Our 5e Land of Azurth came continued last night, with a new player: the daughter of two or regulars. Her character, Bellmorae the Dragonkin Sorcerer, joins the party after their visit to the benevolent Frog Temple. The party means to find out how this dark future came to be, and thinks that The Clockwork Princess, if she still is in the castle, may be able to give them the answers they need.

Find the castle isn't difficult. He tends me be crab-walking a wobbly orbit around the ruins of Rivertown. Getting in his a little bit more difficult. They fly up to the courtyard and find the palace doors replaced with an industrial metal one with a mechanical face (that looks something like the Princess) at its center. The face's eyes scan each party member who approaches and demands a pass code. When it scans Dagmar, it declares her a "maker" and allows her to reset the pass code. Inside, the party finds the entry area and throne room replaced with the gigantic gears that power the legs.

Down one hall is a furnace and engine room. Automata shovel coal into a magically warded boiler, where eyes like a void in the white-hot flame watch them. A voice from the fire claims to a prince that was drawn into this cold world and trapped here, asks or demands they free him. The party does not.

Elsewhere they find the elevator shaft empty and blocked 3 floors up. In the turret around the stairwell, 3 scruffy,  gray gnome-like creatures behave like lunatics in an asylum. The party initially plans to avoid them, but with no other exits is forced to engage them in conversation. The think the creatures are perhaps the debased descendants of the gnomes that worked for the Princess in years past.


The madness of the gnomes prohibits meaningful dialogue. Waylon attempts to charm the one they appears to be their leader. The spell fails, and the enraged creature attacks. The party makes short work of the six of them, though they all managed to deliver nonsensical last words as they die. They have nothing of value in their possession.

The party climbs the spiral stair, slowly becoming aware of a curious and unsettling background hum or droning...

Pages

Subscribe to Furiously Eclectic People aggregator