Feed aggregator

[TROIKA!] Cliff the Ardent Giant of Corda | Starter

Furiously Eclectic People - Sun, 11/08/2020 - 14:47

Hi, I'm Cliff.

I am an Ardent Giant of Corda seeking adventure.

Check out my Skill of 5; Stamina of 21 and Luck of 9. You need me.

I have some really cool advanced skills in Strength 4 (I'm a Giant!); Astrology 3 (Whooooo); Run 2 (long legs help); Climb 2 (so versatile).

Right now, all I own is a knife, lantern, flask of oil, 6 provisions (food to the English-disabled), 7 silver pence to make purchases and a Rucksack to put it all in. My knife is the easiest to grab.

Oh ho! I also have an Artefact of Lost Corda! Yes, this prized possession of mine is the Blue Star Map that helps me figure out where any portal may lead.

That's it. The rest is up to you. Take me out for a spin!


Categories: Miscellaneous Blogs

Parent Cue Cards – November 8th

Mark Hughes (Church of the Rock) - Sun, 11/08/2020 - 04:00

Hi Parents,

You can use the below activities to engage in fun and conversation with your kids over the week.

Salvation Guide
Kidz Rock Spotify

Check out our ongoing resources for each age group:

The post Parent Cue Cards – November 8th appeared first on Church of The Rock.

Categories: Churchie Feeds

Elementary – November 8th

Mark Hughes (Church of the Rock) - Sun, 11/08/2020 - 04:00


Worship Video


Check out our ongoing resources for each age group: And don’t forget to follow Kidz Rock on Facebook and Instagram!


The post Elementary – November 8th appeared first on Church of The Rock.

Categories: Churchie Feeds

Collide – November 8th

Mark Hughes (Church of the Rock) - Sun, 11/08/2020 - 04:00

Survival Skills Discussion Questions
Check out our COLLIDE Spotify Playlist!


Check out our ongoing resources for each age group:

And don’t forget to follow Kidz Rock on Facebook and Instagram!


The post Collide – November 8th appeared first on Church of The Rock.

Categories: Churchie Feeds

Preschool – November 8th

Mark Hughes (Church of the Rock) - Sun, 11/08/2020 - 04:00


Worship Video


Check out our ongoing resources for each age group: And don’t forget to follow Kidz Rock on Facebook and Instagram!


The post Preschool – November 8th appeared first on Church of The Rock.

Categories: Churchie Feeds

Quick OSR Overview & Review - Vaults Of The Weaver By Emperor's Choice For Dungeons & Dragons or The Arduin rpg For Your Old School Campaigns

Swords & Stitchery - Sat, 11/07/2020 - 20:14
 "This is the Classic Arduin Module Collection of previously published Arduin Dungeons and some never before published Dungeons from the mind of David A. Hargrave!...Harken back to the days of old! Feel the shiver of terror within the shadow of the Howling Tower! Brave the treacherous cliffs of the Thousand Thunder Falls...dare you venture behind the thundrous sheets of water? Sally forth in the Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

(5E) The Secrets of Skyhorn Lighthouse, D&D adventure review

Ten Foot Pole - Sat, 11/07/2020 - 12:11
By Kelsey Dionne Self Published 5e Level 5

Rumors of a rampaging sea monster have ground shipping traffic to a halt in the harbor. The characters discover that the Jade Lion has gone missing near Skyhorn Lighthouse and learn they must brave the open seas and cutthroat enemies in order to save the crew from a murky fate!

This 24 page adventure features around eight “one page each” scene based encounters. It’s a great example of forum plus function and what can be achieved when a designer has a vision and doesn’t go in to autopilot mode. The choices made in the design make sense given the assumptions and should work out well in play. Kelsey Dionne joins that rare group of designers who have earned the description “Not a fucking idiot.” 

I believe that old school D&D, exploratory D&D, provides a substantially different experience, and a superior experience, than alternative forms of D&D. Those other forms are closer, I think, to story based indie-rpg’s. I also recognize that story based D&D has been around since about 1978 and became the dominant form around 3 or so, I’d guess, and is the way the vast majority of people play D&D and have fun with it. (and by “D&D, i mean “fantasy role playing”) And since drinking beer, eating pretzels and having fun with friends while escaping the crushing ennui of life IS the main point of ALL D&D, I’ll take it. 

The point of all of that is that modern fantasy RPG’s are DIFFERENT THINGS. Different things require different formats to support their different assumptions. In a social adventure it doesn’t make sense to have a room/key format since it’s not an exploratory adventure … it’s a social adventure. And yet, most adventures don’t recognize that they are writing for different assumptions. They stubbornly stick to the old formats that were optimized for other assumptions, if they put any thought in to it at all. But not Kelsey. Kelsey has put some thought in to what’s trying to be accomplished and has made decisions about the adventure, formatting, etc, that directly support those assumptions. And does a good fucking job at it as well.

Modern fantasy RPG’s are essentially scene based RPG’s. The adventure is designed around that. You get a page of overview/summary, describing how the adventure is going to unfold. This primes the DM for what is to come, generally a necessary step to fully leveraging the DM as a resource to expand your adventure and their brain to accept the coming information. Then there’s a page of hooks/little scenes. Then there are eight pages that describe, one page each, the eight scenes in the adventure. A few pages of maps and appendices round things out. Eight pages. One per scene. You read the overview. Great. You’re set now to run the adventure. The players do a couple of shots each and grab their 40’s/Mad Dog to sit down. The DM runs the hooks from the hooks page.  The adventure starts. The DM uses one page per scene to run the games. Everything they need is on that page. Its available there, at a glance. It’s laid out with bullet points and offset text, with good bolding. It’s easy to scan and run the scene, embellishing as necessary. There’s a little text in a couple of bullets, maybe two, that give an atmosphere or physical description of the scene. It makes sense and the DM can build from it. NPC’s are easy to locate. They have a six word appearance, a six word mannerism and a six word secret and are easy to grok and run at a glance. The secret might actually lead to interesting play, in some situations. So far so good, right? Scene based, once scene per page. Not exactly an innovation, either, but when taken together the start to formulate the basis of that modern D&D assumption. Then, Kelsey adds “Dramatic Question.” This is an explicit section. This is what the scene is about. This is what is going on. “Can you X?” And then, the scene ends with a transition. Again, another explicit section that tells the DM what to do when the dramatic question is answered. “Ascend the stairs from the island docks to the lighthouse.” for example. It makes sense. The four elements, all taken together, with the formatting/style choices … this is a great format for most adventures being published. It works. It’s immediately obvious it works. It’s immediately obvious that most adventure should be written this way, regardless of system, if it’s not exploratory D&D. I won’t say it’s the ONLY way, but it should be obvious to every designer that this format is a good one and easy to mimic in their own adventures. 99% of DMsGuild and DriveThru adventures should be formatting this way, designed this way.

And yet, there’s room for improvement.

Kelsey includes a section of the adventure in which the design choices made, the formatting choices, etc, are justified. It’s sad that has to be done, but, whatever. In it it is noted that the DM is to embellish the descriptions. That’s correct. A good adventure inspires the DM with the physical description. The DM then takes that and embellishes that as they see fit and/or where the game goes. (In contrast to the standard overwritten and long description. No, this is not a case of personal preference, unless you prefer eating garbage.) But, this requires a strong inspiration from the designer. Kelsey does a good job with this, certainly above average, but could do better. The first scene, on the docks, has a two bullet description, the faint glimmer of a lighthouse on a small island a few miles out to sea, and the docks choked with ships, quiet compared with the normal bustle of activity. I’ll take this any day of the week over the overwritten garbage that is choking the hobby. And, you can even see signs of good writing. Docks CHOKED with ships. That’s good imagery. And I get where the lighthouse thing is going. Both, however, are not given room to breathe and even, I would assert, are reigned in. A SMALL island. Small is a boring word. That whole second clause deflates the first one, the glimmering. A second sentence should puff it up more, instead of bringing it down using “small” and “a few miles out.”  Likewise the ship description. The choking bit is GREAT. Perfect imagery. But then it is reigned back in with “quiet compared to …” IE: boring. Drunken sailors, dice games, or even unearthly quiet, maybe … either would have heightened the description instead of “normalizing” it with “its quieter than normal.” I find this common in the adventure … most of the text is spot on but the scene overviews, the location description where the scene takes place, gets short shrifted. It’s not given the room to breathe it should, and in some cases I’d suggest that iconic “views” that should be in the adventure are not present at all in a meaningful  way  … the lighthouse and island in particular. 

But … it’s a good adventure. A water elemental “coughs up” treasure when killed. (Nice solution to a treasure problem in the ocean … and a good word choice.) The monster descriptions START with the physical description, what is most relevant to the DM when running the game. There’s a monster reference in the form of “combat cards” for the DM to use to run the fights. I could bitch more about interactivity beyond “talking and fighting” and more about a certain magic item that is key to the adventure and yet unlootable … but thats nitpicking compared to the rest. It’s a good adventure and Kelsey Dionne is NOT a fucking idiot. That means that until a Kelsey work is bastardized by a third party publisher, you can trust future work from this designer. Man, I really have a hard time saying something is good, don’t I? It is, of course, one of the Best, but, also, ther Not A Fucking Idiot means that you can probabally buy Kelsey’s stuff in the future and know its good. As with Chainsaw’s works, when a publisher is involved things might change, but self-published by Kelsey should be a sign of quality.
This is Pay What You Want over at DMsguild with a suggested price of $0. Nineteen fucktards gave it three stars, three gave it two stars and one gave is one star. Well, fuck those asshats. 


Categories: Tabletop Gaming Blogs

'Its In The DNA' Secrets of the Mutants - Using Cepheus Atom By Omer Golan-Joel From Stellagama Publishing & The Mutant Epoch Rpg In An Epic Interstellar Campaign

Swords & Stitchery - Sat, 11/07/2020 - 03:08
 "The bombs fell. Nations wielded varied and monstrous weapons against one another. Fires, clouds of poison, and worse have swept the world. Now only the savage Wastes remain: haunted by mutants, deranged robots, and genegineered monstrosities. But from the fire, heroes and villains rise: tribals, survivors, mutants, all the warped remnants of Humanity. Armed with primitive weapons, pre-Collapse Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

The Continuing Outer Realm War Round Two - Godbound/Cha'alt Play Session Six - Narcosa,The Fungal, & the Cartels!

Swords & Stitchery - Fri, 11/06/2020 - 19:25
After camping, refreshing their spells, & re equipping themselves our 'heroes' set off insearch of large prey to gather up some new 'treasure' after losing their literal shirts in last game session. The party had been crammed into NPC Lisa's van & used it camp out under the wasteland sky. Everything went off without a hitch for sleeping. Morning brought encounter with a giant Cha'alt alien Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Shape of My Heart

Aikido Blogs - Fri, 11/06/2020 - 18:33
Shape of My Heart

Patton and Rommel
Machiavelli and Sun Tzu
Think they know the shape of my heart
Much better than you

I'm a lost warrior poet
Caught up in a febrile dream
Dancing with Musashi and Beowulf
Faraway on an errant moonbeam

But it is Tu Fu and Basho
Lord Byron and Poe
Firing madrigals and haiku
That will bring me back to Glasgow

Dickinson and Angelou
Whitman and Hughes
Providing inspiring stanza
That never fail to amuse

Armed with rhyme and meter
Along with blade and gun
I have Kipling and Frost
Wordsworth and Donne

But you know the shape of my heart
Longs for refuge and care
Far from desolate battlefields
Away from constant bloody warfare

How I long to just sit with you
Sharing Twain and Alighieri
Nestled securely under a shade tree
Distant from any mindless savagery

Patton and Rommel
Machiavelli and Sun Tzu
Musashi and Beowulf
Don't really know my heart like you

Categories: Aikido

Update your iOS now! Apple patches three zero-day vulnerabilities

Malwarebytes - Fri, 11/06/2020 - 17:28

Apple has patched three vulnerabilities in iOS (and iPadOS) that were actively being exploited in targeted attacks. Vulnerabilities that are being exploited in the wild without a patch being available are referred to as zero-days. The vulnerabilities were found and disclosed by Google’s Project Zero team, and patches were issued yesterday.

What has Apple patched in the update?

Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) list. CVE is a dictionary that provides definitions for publicly disclosed cybersecurity vulnerabilities and exposures. The goal of CVE is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services).

The zero-days are listed under the ID numbers:

CVE-2020-27930: Affected by this issue is some unknown processing of the component FontParser. Manipulation with an unknown input could lead to a memory corruption vulnerability. This means a font could be created which leads to memory corruption, allowing for a remote code execution (RCE) attack .

CVE-2020-27932: A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Using such a vulnerability could allow malware to bypass security restrictions on an affected system.

CVE-2020-27950: A malicious application may be able to disclose kernel memory. Apple is aware of reports that an exploit for this issue exists in the wild. Disclosed kernel memory may contain sensitive data like encryption keys and memory addresses used to defeat the address space layout randomization.

What is Project Zero?

Formed in 2014, Project Zero is a team of security researchers at Google who find and study zero-day vulnerabilities in hardware and software systems. Their mission is to make the discovery and exploitation of security vulnerabilities more difficult, and to significantly improve the safety and security of the Internet for everyone.

Update your iOS now

Since Apple has flagged that at least two of these vulnerabilities are being exploited in the wild and told us of the possible consequences, users should install the update as soon as possible.

Owners of an iPhone or iPad are advised to update to iOS 14.2 and iPadOS 14.2 or iOS 12.4.9. Apple patched the same vulnerabilities in the Supplementary Update for macOS Catalina 10.15.7. You can always find the latest Apple security updates at its security updates site.

Stay safe, everyone!

The post Update your iOS now! Apple patches three zero-day vulnerabilities appeared first on Malwarebytes Labs.

Categories: Techie Feeds

RegTech explained: a crucial toolset for the financial industry

Malwarebytes - Fri, 11/06/2020 - 16:30

Every organization in the financial industry needs to meet certain regulatory obligations, even if it’s just filing a tax return or submitting an annual report. In certain industries, such as financial services, they’ve added their own additional sets of rules that must be adhered to. For example, organizations who take and process credit card payments have an obligation to meet the Payment Card Industry Data Security Standard (PCI DSS).

To make keeping up with new regulations easier, financials are turning to RegTech. RegTech is the contraction of the words Regulatory Technology. In the financial word it is one of the hot topics. What is it and why is it so popular? Read on.

What is RegTech?

By definition, RegTech is an innovative technology that enables organizations to effortlessly adjust to the weight of always expanding needs for regulatory reporting. In essence, RegTech providers are an industry within the financial industry that provides other members of the financial world with the technology that helps them to stay current with ever-changing rules and regulations.

The wins for the users of RegTech consist mainly of these elements:

  • Gain efficiency by streamlining and harmonizing processes within the organization.
  • Reporting of compliance and issues is made easier by prefabricated, but often customized, modules.
  • Risk can be identified and countered quicker by using smart technology.

To achieve these goals, RegTech uses 5 different types of technology:

  • Monitoring processes to obtain a real-time objective about what is going on in the organization. This is essential for reporting and risk identification goals.
  • Reporting is often a mandatory part of new regulations and, by constant monitoring, the required reports can be produced at the touch of a button.
  • Data exchange is another part of many new regulations, specifically those that help startups on their way. Technology to enable and monitor the exchange of data helps to comply with these regulations while keeping an eye on data streams.
  • Internal legal departments are supported with tools to make the implementation of new regulations more efficient and thus cheaper.
  • Automation is introduced where possible to avoid human mistakes. The jungle of regulations can easily lead to human error. Monitoring and streamlining can help to avoid such errors. Reporting will have to record them if they should occur, nonetheless. And corrections can be applied where needed.
What makes RegTech so popular?

At one point, the financial industry was under a lot of stress due to new regulations. Depending on the country financials are working from and the regions they plan to do business with, the range of regulations they have to comply with can be challenging. RegTech helps financials to respond in a cost-efficient and versatile way, while maintaining a high standard of quality and security.

How does Regtech work?

This is a very hard question to answer as developments are happening at a fast pace. Every new regulation creates opportunities for the RegTech companies to work on new technology and offer it to banks, financial institutions and FinTech companies. On the other side, RegTech companies supply the supervisory agencies that lay down the rules and regulations with the technology to check compliance by the constituents. This branch is sometimes referred to as SupTech.

For example, by combining Artificial Intelligence (AI) and Big Data it is possible to predict suspicious behavior by monitoring transactions in real-time and scanning for irregularities. This technology will pick up the signals much sooner than any human possibly can, and helps to find patterns indicating money laundering and terrorist funding.

Security implications of RegTech

Many of the regulations are laid down with privacy and security in mind. A correct implementation of these regulations should not pose a problem in this field. On the contrary, if the regulators are accomplishing what they set out to do, these regulations should lift the privacy and security demands to a higher level.

Also, implementation of RegTech gives the in-house security teams at financial organizations the opportunity to focus on other issues as the technology takes over one part of their job. This doesn’t mean internal teams should let go of the process entirely, even though that might sound appealing as they often have a lot of other things on their plate, but it should ease the burden somewhat.

It’s not only necessary to measure the effectiveness of your organization’s security controls against the regulations, but also to check whether new and anticipated legislation does not interfere with your existing security standards. An obligation to offer information to your competitors should not reduce your defenses against a data breach. The Know Your Customer (KYC) documentation not only authenticates the customer’s credentials but also helps maintain a verified record of customers. Regulatory compliance mechanisms like the KYC registry store extremely sensitive personally identifiable information (PII) and elaborate customer data. So, it is important to devise systems that prevent unauthorized access, minimize cyber risks, and limit the possible consequences of a data breach.

Risk and compliance functions use different methods to keep up with regulatory challenges. They use software as a service (SaaS) in the cloud to identify risks, strategize risk tolerance, and facilitate regulatory requirements across various regions and financial services.

How does RegTech provide data security and privacy?

There are some key areas where RegTech contributes to keep our data safe:

  • Fraud prevention. Information provided by criminals can be checked against existing KYC data. This helps to prevent identity theft and abuse of stolen data.
  • Money laundering and terrorist funding are other areas that are monitored by using KYC data.
  • Compliance with national regulations. On top of worldwide and business standards you will often find local standards are applied.
  • Cloud security tools to keep data stored in the cloud at the same safety level as locally stored data.
  • Authentication methods to ensure a high level of security. For example, multi-factor authentication (MFA) methods, cryptography, and encryption.

As more and more business collect PII, customers are concerned about their personal data security and their privacy. And as cybercriminals get more sophisticated, the need for more advanced and effective tools has risen. RegTech companies provide an important part of this new technology for the financial industry.

The post RegTech explained: a crucial toolset for the financial industry appeared first on Malwarebytes Labs.

Categories: Techie Feeds

An "Old Solar System" of Your Own

Sorcerer's Skull - Fri, 11/06/2020 - 13:05

The "Old Solar System" is a term that has been used to refer to the more romantic views of our planetary neighbors before space probes and better observations through a wet blanket of reality over the whole thing. 

Back in 2019, I wrote a series of posts with generators based ideas drawn from fiction of the era about the three most important worlds of the Old Solar System. Check them out and roll up your own version!




The War of the Worlds Godzilla 1898! - A Troll Lord Games Victorious rpg Campaign Session Report Nine With Imagine magazine #12 ~ TSR (March, 1984)

Swords & Stitchery - Thu, 11/05/2020 - 17:56
Now besides an excellent cover by Rodney Mathews, Imagine magazine #12 ~ TSR (March, 1984)  has quite a bit to recommend it. But we're only concerned about one loose end. Taking care of some of the campaign  ends that over the years have come outta of various Sword & Sorcery games isn't easy. This is especially true if your dealing with experienced Advanced Dungeons & Dragons players playing a Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Leaf Wiggle Trivet

Moogly - Thu, 11/05/2020 - 15:43

The Leaf Wiggle Trivet is a fun and handy stashbuster crochet pattern that livens up the table all year long! And it’s part of the Holiday Stashdown Crochet Along – get the free crochet trivet pattern on Moogly! Disclaimer: This post includes affiliate links; materials provided by Yarnspirations and Furls Crochet. Part of the CAL...

Read More

The post Leaf Wiggle Trivet appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

Categories: Crochet Life

Prop 24 passes in California, will change data privacy law

Malwarebytes - Thu, 11/05/2020 - 14:12

First-day returns in California showed voters firmly approving to change their state’s current data privacy law—which already guarantees certain privacy protections that many states do not—through the passage of Prop 24.

As of the morning of November 4, according to The Sacramento Bee, 56.1 percent of California voters said “Yes” to Prop 24. At that time, 65.3 percent of the state’s votes had been counted. Though far from a complete tally, the numbers proved advantageous enough for celebration for the “Yes on 24” campaign.

“With tonight’s historic passage of Prop 24, the California Privacy Rights Act, we are at the beginning of a journey that will profoundly shape the fabric of our society by redefining who is in control of our most personal information and putting consumers back in charge of their own data,” said Alastair Mactaggart, chair of Californians for Consumer Privacy and sponsor for Prop 24. “I’m looking forward to the work ahead and the next steps in implementing this law, including setting up a commission that is dedicated to protecting consumers online.”

Proposition 24 represented one of the rarer examples in data privacy law that split advocates in two. The typical roster of data privacy supporters in the state—including Electronic Frontier Foundation, ACLU of Northern California, Consumer Watchdog, Common Sense Media, Color of Change, and Oakland Privacy—divided themselves into three separate categories: Support, oppose, or neither.

The disagreement was well-founded. As we reported, while some groups praised Prop 24 because of its increased protections on data that could reveal race and ethnicity, other groups opposed the proposition because of new loopholes that could disproportionately harm minority communities.  

Adding a potential sense of voter whiplash to the ballot proposition was that its biggest supporter and primary funder Mactaggart actually served as one of the lead architects on the very law that the proposition was trying to amend. Two years ago, after announcing an intention to bring a ballot proposition to Californians to better secure their data privacy rights, Mactaggart instead worked directly with California lawmakers to get a bill drafted, passed, and signed by then-governor Jerry Brown.

That law, called the California Consumer Privacy Act, barely went into effect in January of this year, and details on its enforcement and on how the public could assert their rights were released only this summer.

In the end, though, none of that drama appeared to matter much to California voters. With the passage of Prop 24, Californians can expect additional protections on what the proposition has defined as “sensitive personal information,” as well as the country’s first government agency established entirely to enforce a data privacy law.  

The post Prop 24 passes in California, will change data privacy law appeared first on Malwarebytes Labs.

Categories: Techie Feeds


Looking For Group - Thu, 11/05/2020 - 05:00

The post 1450 appeared first on Looking For Group.

Categories: Web Comics

Review & Commentary On Crimson Blades 2: The Dark Fantasy RPG By Simon Washbourne From Beyond Belief Games For Your Old School Campaigns

Swords & Stitchery - Thu, 11/05/2020 - 01:15
" With a familiar yet different set of rules, Crimson Blades gives you fantastic old school-style dark fantasy/sword & sorcery role-playing. You can be a brooding sorcerer with a demon blade, a savage barbarian with an equally savage panther companion, a grim tomb-robber seeking the riches of a long-dead empire or even a Dendrelyssi - one of the last members of a decadent race of necromancers Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

QBot Trojan delivered via malspam campaign exploiting US election uncertainties

Malwarebytes - Wed, 11/04/2020 - 20:10

This blog post was authored by Jérôme Segura and Hossein Jazi.

The 2020 US elections have been the subject of intense scrutiny and emotions, while happening in the middle of a global pandemic. As election night ended and uncertainty regarding the results began to creep in, threat actors decided to jump in on it too.

Those tracking the threat landscape know very well that major world events do not go unnoticed by criminals. In this case, we began observing a new spam campaign delivering malicious attachments that exploit doubts about the election process.

The QBot banking Trojan operators return with yet another themed spam wave using the same hijacked email thread technique enticing victims with malicious election interference attachments.

Hijacked email threads pushing bogus DocuSign documents

The malicious emails come as thread replies, similar to what Emotet does to add legitimacy and make detection harder. They contain zip attachments aptly named ElectionInterference_[8 to 9 digits].zip.

While the election results are still being evaluated and debated, victims are enticed to open up the document to read about alleged election interference:

Figure 1: Malicious email with ElectionInterference attachment

The extracted file is an Excel spreadsheet that has been crafted as if it were a secure DocuSign file. Users are tricked to allow macros in order to ‘decrypt’ the document.

Figure 2: Excel document containing malicious macro

This tried and tested trick will download a malicious payload onto the victim’s machine. The URL for that payload is encoded in a cell of a Cyrillic-named sheet “Лист3”.

Figure 3: Payload URL obfuscation

Once executed, the QBot Trojan will contact its command and control server and request instructions. In addition to stealing and exfiltrating data from its victims, QBot will also start grabbing emails that will later be used as part of the next malspam campaigns.

Figure 4: QBot process flow execution World events are the best lure

At the core of the malware attacks we witness each day are typical social engineering schemes. Threat actors need to get victims to perform a certain set of actions in order to compromise them.

Spam campaigns routinely abuse email delivery notifications (Fedex, DHL, etc.) or bank alerts to disguise malicious payloads. But world events such as the Covid pandemic or the US elections provide ideal material to craft effective schemes resulting in high infection ratios.

Malwarebytes users were already protected against this attack thanks to our Anti-Exploit technology. Additionally, we detect the payload as Backdoor.Qbot.

Figure 5: Malwarebytes blocking the macro from delivering its payload Indicators of Compromise

Malicious Excel documents




1edfe375fafa1f941dc4ee30702f4af31ba636e4b639bcbb90a1d793b5d4b06c 06be75b2f3207de93389e090afd899f392da2e0f1c6e02226db65c61f291b81b

QBot C2s

95.77.144[.]238 MITRE ATT&CK techniques TacticIDNameDetailsExecutionT1059Command-Line InterfaceStarts CMD.EXE for commands executionT1106Execution through APIApplication launched itselfT1053Scheduled TaskLoads the Task Scheduler COM APIPersistenceT1050New ServiceExecuted as Windows ServiceT1060Registry Run Keys / Startup FolderChanges the autorun value in the registryT1053Scheduled TaskLoads the Task Scheduler COM APIPrivilege EscalationT1050New ServiceExecuted as Windows ServiceT1055Process InjectionApplication was injected by another processT1053Scheduled TaskLoads the Task Scheduler COM APIDefense EvasionT1553Install Root CertificateChanges settings of System certificatesT1055Process InjectionApplication was injected by another processDiscoveryT1087Account DiscoveryStarts NET.EXE to view/change users groupT1135Network Share DiscoveryStarts NET.EXE for network explorationT1069Permission Groups DiscoveryStarts NET.EXE to view/change users groupT1012Query RegistryReads the machine GUID from the registryT1018Remote System DiscoveryStarts NET.EXE for network explorationT1082System Information DiscoveryReads the machine GUID from the registryT1016System Network Configuration DiscoveryUses IPCONFIG.EXE to discover IP address

The post QBot Trojan delivered via malspam campaign exploiting US election uncertainties appeared first on Malwarebytes Labs.

Categories: Techie Feeds

'Doing the Michael Moorcock Twist' Using Classic Dungeons & Dragons Edition Free Resources To Create The Elric Mythos Campaigns

Swords & Stitchery - Wed, 11/04/2020 - 20:10
 DM Steve has been using some of my ideas from last year's efforts on his own Godbound campaign.  That seems like a lifetime ago living in a post Covid 19 world. But just night I joined in on a jolly little Stormbringer rpg Facebook group that actually seems pretty solid. But now he wants to add in some Michael Moorcock Elric mythos elements from original Dungeons & Dragons Gods, Demigods, & Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs


Subscribe to Furiously Eclectic People aggregator