Feed aggregator

OSR Commentary - Dragon tree Press's Delos Campaign Setting & Veterans of the Supernatural Wars

Swords & Stitchery - Mon, 05/31/2021 - 07:12
 One of the events that's happened over the weekend is myself & the gang of players  getting together for a beer. The biggest problem getting together has been playing around everyone's work schedule. Back in the day we did quite a bit of adventuring on the world of Delos. The shores of Delos border many pan dimensional realms . It's a place that borders Arduin, Narnia, Fairyland, Oz, and many Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

1509

Looking For Group - Mon, 05/31/2021 - 04:00

The post 1509 appeared first on Looking For Group.

Categories: Web Comics

Warrior Heroes Trilogy - At Printers

Two Hour Wargames - Sun, 05/30/2021 - 21:42



Releases next week, Bat Reps to follow.



Categories: Tabletop Gaming Blogs

OSR Commentary - Is The OSR Going Fringe Again?!

Swords & Stitchery - Sun, 05/30/2021 - 20:06
  The number of bloggers who are now using Paetron to put content behind a pay wall is now staggering. The fact is that a number of major OSR publishers have been for a long while been offering fifth edition as an option is now main stream. There's a large number of former OSR writers who are doing solid content for fifth edition as a viable option. So has fifth edition D&D become the new main Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Doctor Who’s Karen Gillan Stars in Gunpowder Milkshake Trailer (VIDEO)

Blogtor Who - Sun, 05/30/2021 - 19:59

The trailer for Karen Gillan’s new action packed film, Gunpowder Milkshake, has been released Thanks to her roles in the likes of the Marvel and Jumanji films Karen Gillan’s post-Doctor Who career has made her one of the most bankable stars today. And this week Netflix and StudioCanal released the trailer for her latest project […]

The post Doctor Who’s Karen Gillan Stars in Gunpowder Milkshake Trailer (VIDEO) appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Doctor Who’s Matt Smith Stars in Last Night in Soho Trailer (VIDEO)

Blogtor Who - Sun, 05/30/2021 - 15:53

The trailer for Edgar Wright’s new film, Last Night in Soho, is here, including a dangerous and seductive Matt Smith Originally to be released last year, the global pandemic Last Night in Soho is now set to open in cinemas this October. The first trailer was released this week to great enthusiasm from movie fans. […]

The post Doctor Who’s Matt Smith Stars in Last Night in Soho Trailer (VIDEO) appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Images Under A Dying Sun

Sorcerer's Skull - Sun, 05/30/2021 - 14:30

 Thinking about doing this with this old post condensing my ideas about Dark Sun. Here are some images that get me in the right frame of mind. No actual Dark Sun art here, though of course a lot of that is pretty inspirational.













The Alien Agenda & H.P. Lovecraft - - Cepheus Engine rpg & The Gerry Anderson Factor

Swords & Stitchery - Sun, 05/30/2021 - 13:48
 "These Great Old Ones...were not composed altogether of flesh and blood. They had shape...but that shape was not made of matter. When the stars were right, They could plunge from world to world through the sky.... When, after infinities of chaos, the first men came, the Great Old Ones spoke to the sensitive among them by molding their dreams; for only thus could Their language reach the fleshy Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Video of the Day – HitFix, 2015

Blogtor Who - Sun, 05/30/2021 - 03:00

The post Video of the Day – HitFix, 2015 appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Doctor Who’s Jenna Coleman Joins the Cast of Neil Gaiman’s The Sandman

Blogtor Who - Sat, 05/29/2021 - 16:14

The Netflix adaptation of Neil Gaiman’s seminal comic book series The Sandman has added Jenna Coleman as Johanna Constantine Netflix have announced former Doctor Who companion Jenna Coleman as one of the cast of the much anticipated series. Based on The Sandman comic books it sees the one-time Impossible Girl playing a dual role. Coleman […]

The post Doctor Who’s Jenna Coleman Joins the Cast of Neil Gaiman’s The Sandman appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Mythos Mail Call - Campaigns, Cthulhu, & Ancient Rome?!

Swords & Stitchery - Sat, 05/29/2021 - 15:48
Now we've talked about grabbing some of the rarer rpg books that have come out since 2018. And since our group is now going to focus on running an Amazing Adventures Fifth edition campaign for a change up.  So we decided to get down & dirty with a bit of that old Call of Cthulhu goodness. But with an OSR twist or two. Cthulhu Invictus by Golden Goblin Press  is for Seventh edition Call of CthulhuNeedleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Nod 36 – Halfling Civil War!

Ten Foot Pole - Sat, 05/29/2021 - 11:11
By John M. Stater Self Published D&D 4EVAR!

This first issue of NOD for 2021 visits a land of halflings torn by civil war, introduces you to the halfling saints, and brings you Table Top Soccer.

This 95 page magazine uses about 75 pages to describe a hex crawl in the lands of the halflings, currently waging a civil war, along with a few of the borderlands nearby. It’s a great setting, a real D&D supplement, and I have no fucking idea how to use it. 

A disclaimer: I like to think I understand how a few things work. Not just pushing the button, but understanding how the burron works, what it does, why you would do it, and the deeper implications of pushing The Big Red Button. But I don’t know SHIT about about some of my favorite things, like running sci-fi adventures and … hex crawls. I don’t understand how to run them and thus I am only conjecturing.

So, a HUGE fuckign hex map. HUGE. 74 pages of hex descriptions, four or five to a page, a paragraph or two each. That a METRIC TON of hexes to explore and of things going on in the halfling lands. Oh, and their borders, the barbarians (Fuck them! Also, I just finally got Civ6, so I’m currently in a Fuck The Barbs! mood) that prowl them, and so on. There’s so much going on that I have trouble wrapping my head around it. More on that later.

I’m starting to see some patterns in things. We’ve got halfling places, usually involved in their civil war, which comes off as mostly gentle with threats of violence. Then you’ve strongholds, places where some powerful NPC hangs out with their band of supporters. THis might be a master thief and their hobgoblin minions in the mountain complex, or the nomad barbarian encampment fishing on the river, or any of a dozen different examples. Then you’ve got the intelligent monster encounter. Cloud giants playing in a stream, hill giants charging a 5cp toll to cross a flooded area, cyclopeans working in underground caves. These can be kind of good (rough house bully cloud giants, who are still good guys) to neutral (cyclopean forgers) to bad guys (gnoll raiders) … all of whom are generally presented in a such a way that makes talking a least a possibility. You’ve also got beasts, both magical and mundane, in hexes, as well a decent number of nymph, dryad, pixie, nature spirit encounters. And you’ve also got freaky deaky shit, like an endless series of short cliffs to climb, or historical landmarks like a monolith with carvings about some historical event. And a smattering of “realistic” gonzo, like a crashed jetpack and a teleportation platform to an alien Predator ship. It’s packed full, and, I’d guess only one in six hexes is described. 

It’s fascinating. I love  it. Well, as a travelogue, like a Lonely Planet guide. As a D&D thing? Well …

I don’t know how to run a hex crawl. I’ve been collecting links on my forum for a future book on how to write and run a hex crawl, but that doesn’t mean I understand it yet. It feels like there are three ways. First, it’s an adventure. You wander from place to place, there are little hooks and things in one hex that lead to another hex. Second, it could be a setting. It’s just a place and you have “normal” adventures in it that the DM comes up with and/or inserts. The hexes are just local color for the DM to use as fodder while traveling or downtime. Third might be Wanderers, where the party literally just wanders from hex to hex getting in to trouble as the DM riffs. This last one strikes me as having even more motivational issues for players than a normal D&D party or megadungeon. Maybe there’s some other way to run a hex crawl. I don’t know.

How does Nod 36 stand in relation to these three ways? If you just want to wander, without context or continuity, then you’re ok. Have at thee. 

As an Adventure, I think this is lacking. The linkages between hexes are few and far between. There is an occasional cross-reference, but they are few and far between, not because Stater is a hack but more because there are NOT linkages. One place doesn’t really lead to another. (With a few notable exceptions, like the jetpack hex and transporter pad hex, for example. Trace the trajectory of the pack to find the pad.) Also, there’s the setting issue.

As a Setting it would be great, but you’d need to put in a lot of work, or, I would anyway, to get a really top quality experience. This would apply also to the thing as an Adventure, since the Adventure would take place in the setting. The thing lacks overview. While there is a general discussion of the history (Fascinating! And it makes sense! I’ll gush on this later) and political climate, its just general. The very first hex has a hag, mostly harmless, that is the stuff of boogyman tales in surrounding villages. But you have to read the hex to know that. And then make a note somewhere, or remember, to include it while you are running the villages. Or the barbarians and the Crazy Guy leader of one tribe, or another having a big Holy Mammoth celebration gathering.  You WANT to drop these things in to a game. To get the party going. To add context. To add continuity. Same with the civil war and whats going on. It’s written and presented as a Wanderer style, where you just trip over things.

IF you put the work in, and takes notes, and put together those things, digging through a couple of hundred hex descriptions, political trees, local color and so on, and then make a bunch of notes, flowcharts and reference sheets (of which this has none) then you would have a MAGNIFICENT setting. So much so that, if those were present, we could all have a great time buying this and running a HUGE D&D-spehere game, a shared experience for all online players. I mean it, this is a GREAT setting. Easily housing an entire campaign. If you can figure out how to use it. I’m excited and apathetic at the same time. I have a million things to do, would I ever find time to put in the work to use this? 

I doubt it. But it would be SO rewarding if I did. No, no Best or Regerts, because I don’t know what the fuck I am doing or how to review it. I REALLY like it. I just don’t know what the fuck it is or how to use it and maybe I just like it as a travelogue … which makes me nervous that I like it as a READER, something I LOATHE.

This is $4 at DriveThru. You will never find a better bargain than an issue of Nod. And it has a real cover also, with real cover art! Nice! The preview is just the first few pages though, and shows you nothing of the writing style of the hexes you’ll encounter. A page or so of them would have been nice, in order to make a buying decision of what you are actually purchasing the product for.

https://www.drivethrurpg.com/product/351057/Nod-36?1892600

Great backstory, and short, about Powerful Ancient Elves, raising the lands to get rid of the locath, ancient towers and ruins, ild elves as the remains of religious sects and wood elves as those that found refuge in hunting lodged thousands of years ago when the elf god punished all elves. Nice Age of Magic thing without getting too detailed. Makes sense.

Categories: Tabletop Gaming Blogs

Doctor Who Novels – Ten, Thirteen, Missy and Magic!

Blogtor Who - Sat, 05/29/2021 - 07:00

Two new Doctor Who novels are coming next month! Including the first meeting between the Thirteenth Doctor and Missy, while the Tenth Doctor comes to Camelot BBC Children’s Books have announced two new books by popular author Jacqueline Rayner. Both are released on the 10th of June. The Wonderful Doctor of Oz sees the first […]

The post Doctor Who Novels – Ten, Thirteen, Missy and Magic! appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Hawks & Moons - Cepheus Engine rpg & The Gerry Anderson Factor

Swords & Stitchery - Fri, 05/28/2021 - 22:35
Does Earth's moon hold far more secrets then humanity understood?! Even as it was blasted from Earth's solar system in 1999?! Apollo 16, 1972. Unofficial picture from the Fox William Mulder archives provide by Andrea Bonazzi Two days ago Paul Elliot of Zozer games came out with a really cool little comment in the Cepheus Engine Face book group; " You could combine Orbital 2100 with Hostile, Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Threat spotlight: Conti, the ransomware used in the HSE healthcare attack

Malwarebytes - Fri, 05/28/2021 - 16:30

On the 14th of May, the Health Service Executive (HSE), Ireland’s publicly funded healthcare system, fell victim to a Conti ransomware attack, forcing the organization to shut down more than 80,000 affected endpoints and plunging them back to the age of pen and paper. This happened a week after DarkSide, another ransomware strain, hit the USA’s Colonial Pipeline systems.

More than 290 healthcare and first-responder organizations (of the 400 affacted worldwide) that fell victim to a Conti ransomware attack were based in the US. New Zealand, too, has reported of at least 5 hospitals shutting down their IT network in response to a similar attack.

In this blog, we’ll home in on Conti, the strain identified by some as the successor, cousin or relative of Ryuk ransomware, due to similarities in code use and distribution tactics.

Threat profile: Conti ransomware

Conti ransomware is created and distributed by a group the cybersecurity industry has named Wizard Spider, the same Russian cybercriminal group that created the infamous Ryuk ransomware. It is offered to trusted affiliates as Ransomware-as-a-service (RaaS).

According to Coveware, a company that offers incident response services to organizations impacted by ransomware attacks, Conti is the second most common ransomware family that victim organizations have reported in the first quarter of 2021. (The first is Ransom.Sodinokibi, which Malwarebytes has already profiled and has been detecting since 2019.)

There are several ways Conti ransomware could end up on a corporate network. As with other “big game” ransomware, the delivery method changes according to the preferences of the group operating it, but among the most common attack vectors are remote desktop protocol (RDP), phishing, and weaknesses in either software or hardware.

In the case of phishing campaigns, Wizard Spider and its affiliates have been known to use legitimate Google document URLs in the email body. Recipients are encouraged to click this link, which actually contains code that allows for the download and execution of either Bazar, a backdoor, or IcedID (aka BokBot), a Trojan.

Much like other RaaS tools, part of the overall Conti ransomware attack is human-operated, which means actors behind these attacks move laterally within compromised networks using tools like RDP, PsExec, and Cobalt Strike. The ransomware is executed manually in memory across all active endpoints, after as many files as possible have been exfiltrated. The files are then held for ransom and the victim is threatened by data loss, because of the encryption, and leaking of the exfiltrated data. Files are encrypted with a combination of AES-256 and RSA-4096 via the Microsoft CryptoAPI, as per CrowdStrike. Earlier versions appended the .CONTI extension to encrypted files. Newer versions now append a random 5-character string.

Below are screenshots of two of the four possible ransom notes that Conti ransomware leaves behind after fully encrypting affected endpoints. Known ransom note file names are CONTI.txt, R3ADM3.txt, readme.txt, and CONTI_README.txt.

All of your files are currently encrypted by CONTI ransomware.
If you try to use any additional recovery software – the files might be damaged or lost.

To make sure that we REALLY CAN discover data – we offer you to decrypt samples.

You can contact us for further instructions through our website :

TOR version :
(you should download and install TOR browser first https://torproject.org)

[redacted]

HTTPS VERSION :
[redacted]

YOU SHOULD BE AWARE!

Just in case, if you try to ignore us. We’ve downloaded your data and are ready to publish it on out [sic] news website if you do not respond. So it will be better for both sides if you contact us ASAP.

Your system is LOCKED. Write us on the emails:

[redacted]

[redacted]

DO NOT TRY to decrypt files using other software.

Conti is thought to be related to Ryuk ransomware somehow. In a conversation with BleepingComputer, threat hunter and CEO of Advanced Intelligence (AdvIntel) Vitali  Kremez said, “Based on multiple incident response matters and current assessment, it is believed that Conti ransomware is linked to the same Ryuk ransomware developer group based on the code reuse and unique TrickBot distribution. The same distribution attack vector is used widely by the Ryuk deployment group.”

Conti is unique in terms of its “lightning-fast” ability to encrypt files, and how much control it gives to its operator, according to Carbon Black’s Threat Analysis Unit (TAU). When encrypting, Conti uses 32 simultaneous CPU threads for speedier encryption—a huge number of threads compared to other ransomware families that also support multi-threaded operations.

Conti gives its controller the fine-grained option of skipping encrypting files on a local drive in favor of encrypting those on network shares by allowing a human to instruct it via a command-line interface.

Lastly, Conti misuses the Windows Restart Manager to free up files being used by applications—whether they are writing to or reading them—at time of infection by safely terminating these apps so Conti can encrypt the freed files as well.

Malwarebytes’ signature-less protection detects all known variants of Conti.

Adversary profile: Wizard Spider

Wizard Spider is a cybercrime group affiliated with a what is sometimes called the Ransomware Cartel, a collective of underground groups identified by threat intelligence company Analyst1. The group is known to operate a roster of technical tools it created and will willingly let other crime groups use—as long as they are trustworthy enough. When it first surfaced in September 2016, they were using TrickBot, aka TrickLoader, a highly popular banking Trojan.

They changed their tactics in 2018 and started using ransomware in the form of Ryuk. They are perhaps one of the early groups that got into “big game” attacks—and Ryuk was designed for this very purpose. Two years later, the group moved to using Conti, in May 2020.

It is believed that some members of Wizard Spider were once associated with the Dyre/Dyreza group. If you may recall, the group behind Dyre was responsible for attacking Sherwin-Williams, an Ohio-based building materials and paint company.

Unlike some other underground cybercriminal gangs, Wizard Spider doesn’t openly advertise on underground forums, perhaps for security reasons.

The sophisticated tools Wizard Spider have created tell us something of the threat group’s character: they’re resilient, persistent, adaptive, determined, and overall, very efficient.

Prepare for hard battles ahead

The Conti attack against the HSE has poleaxed Ireland’s healthcare system. Fifteen days after the attack, the Irish Independent reports that about half of outpatient appointments are being cancelled daily. At the time of writing, that adds up to just over 100,000 appointments cancelled so far. HSE head Paul Reid estimates that the cost of restoring and updating its systems could reach €100m.

Ransomware attacks, after all, are not just about systems getting crippled and files being held hostage for a fee. It’s also knowingly putting lives at risk to satisfy a deep, insatiable want for money.

Indeed, hard battles are ahead. And as much as we’d like to think that HSE might be a step too far, even for ruthless threat groups like Wizard Spider, it’s not. We should continue to expect the worst, and remember that prevention is better than attempting to apply a cure after the attackers arrive.

Below is a list of recommended mitigations from the FBI, which it issued along with an alert on Conti ransomware late last week:

  • Regularly back up data, air gap, and password protect backup copies offline. Ensure copies of critical data are not accessible for modification or deletion from the system where the data resides.
  • Implement network segmentation.
  • Implement a recovery plan to maintain and retain multiple copies of sensitive or proprietary data and servers in a physically separate, segmented, secure location (i.e., hard drive, storage device, the cloud).
  • Install updates/patch operating systems, software, and firmware as soon as they are released.
  • Use multi-factor authentication where possible.
  • Use strong passwords and regularly change passwords to network systems and accounts, implementing the shortest acceptable timeframe for password changes. Avoid reusing passwords for multiple accounts.
  • Disable unused remote access/RDP ports and monitor remote access/RDP logs.
  • Require administrator credentials to install software.
  • Audit user accounts with administrative privileges and configure access controls with least privilege in mind.
  • Install and regularly update anti-virus/anti-malware software on all hosts.
  • Only use secure networks and avoid using public Wi-Fi networks. Consider installing and using a VPN.
  • Consider adding an email banner to messages coming from outside your organizations.
  • Disable hyperlinks in received emails.
  • Focus on cyber security awareness and training. Regularly provide users with training on information security principles and techniques as well as overall emerging cybersecurity risks and vulnerabilities (i.e., ransomware and phishing scams).

The post Threat spotlight: Conti, the ransomware used in the HSE healthcare attack appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Link Love: My Favourite Things This Week

Knitted Bliss - Fri, 05/28/2021 - 15:12

www.knittedbliss.com

My Favourite Articles and Links This Week The rising problem of fake products on Amazon. Finding joy in simple, everyday pleasures. A very interesting article from The Atlantic about how much work and time friendships really take. “On the anniversary of George Floyd’s death, how do I stay hopeful?” My Favourite Pins This Week Pasta

The post Link Love: My Favourite Things This Week appeared first on %%www.knittedbliss.com%%.

0
Categories: Knitting Feeds

SolarWinds attackers launch new campaign

Malwarebytes - Fri, 05/28/2021 - 14:24

Nobelium is a synthetic chemical element with the symbol No and atomic number 102. It is named in honor of Alfred Nobel. But it is also the name given to the threat actor that is behind the attacks against SolarWinds, the Sunburst backdoor, TEARDROP malware, GoldMax malware, other related components.

Microsoft Threat Intelligence Center (MSTIC) has issued a warning stating that it has uncovered a wide-scale malicious email campaign operated by NOBELIUM. In this campaign NOBELIUM leveraged the legitimate mass-mailing service Constant Contact. This allowed the threat actor to masquerade as a US-based development organization to distribute malicious URLs to a wide variety of organizations and industry verticals.

The campaign

This new wide-scale email campaign leverages the legitimate service Constant Contact to send malicious links that are disguised since they are obscured behind the mailing service’s URL. Many similar services use this type of mechanism to simplify the sharing of files while providing insights into by who and when links are clicked.

Finding the most effective delivery method

The early beginnings of these campaigns were first noticed January 28, 2021, when the actor was seemingly performing early reconnaissance by only sending the tracking portion of the email, leveraging Firebase URLs to record targets who clicked. Malicious payloads were not observed during this early activity.

In the next evolution of the campaign, MSTIC says it observed NOBELIUM attempting to compromise systems through an HTML file attached to a spear-phishing email. If a receiver opened the HTML attachment, embedded JavaScript  code in the HTML wrote an ISO file to disc and encouraged the target to open it.

Similar spear-phishing campaigns were detected throughout March, which included the NOBELIUM actor making several alterations to the HTML document based on the intended target. MSTIC says it observed the actor encoding the ISO within the HTML document itself; redirecting from the HTML document to an ISO, which contained an RTF document, with the malicious Cobalt Strike Beacon DLL encoded within it; and replacing the HTML with a URL that led to a website that spoofed the targeted organization and hosted the ISO file.

The ISO payload

As we noted above, the payload is delivered via an ISO file. When ISO files are opened they are mounted much like an external or network drive. Threat actors may deploy a container into an environment to facilitate execution or evade defenses. And sometimes they will deploy a new container to execute processes associated with a particular image or deployment, such as processes that execute or download malware. In others, a threat actor may deploy a new container configured without network rules, user limitations, etc. to bypass existing defenses within the environment. In this case, a shortcut file (.lnk) would execute an accompanying DLL, which would result in a Cobalt Strike Beacon executing on the host. It is worth noting that the DLL is a hidden file. Cobalt Strike Beacons call out to the attacker’s infrastructure via port 443.

Experimenting with the payload

The delivery method was not the only evolving factor in the campaign. In one of the more targeted waves, no ISO payload was delivered, but additional profiling of the target device was performed by an actor-controlled web server after a user clicked the link. If the device targeted was an Apple iOS device, the user was redirected to another server under NOBELIUM control, where the since-patched zero-day exploit for CVE-2021-1879 was served.

During the waves in April, the threat actor stopped using Firebase, and no longer tracked users. Their techniques shifted to encoding the ISO inside the HTML document. Target host details were now stored by the payload on a remote server via the use of the api.ipify.org service. The threat actor would sometimes employ checks for specific internal Active Directory domains that would terminate execution of the malicious process if it identified an unintended environment.

The latest surge

On May 25, the NOBELIUM campaign was noticed to escalate significantly, attempting to target around 3,000 individual accounts across more than 150 organizations. Due to the high volume of emails distributed in this campaign, many automated email threat detection systems blocked most of the malicious emails and marked them as spam. However, some automated threat detection systems may have successfully delivered some of the earlier emails to recipients either due to configuration and policy settings or prior to detections being in place.

The goal

The successful deployment of the payload enables NOBELIUM to gain persistent access to the compromised machines. The successful execution of these malicious payloads would also enable NOBELIUM to conduct further malicious activity, such as lateral movement, data exfiltration, and delivery of additional malware.

Indiciators of compromise (IOCs)

In its warning, MSTIC provides a list of indicators of compromise from the large-scale campaign that launched on May 25, 2021. The organization notes that the attack is still active, these indicators should not be considered exhaustive for this observed activity.

Malwarebytes detected the Cobalt Strike payload prior to the attack Malwarebytes also blocks the domain theyardservice.com

Stay safe, everyone!

The post SolarWinds attackers launch new campaign appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Cuddle Up Dinosaur Blanket

Moogly - Fri, 05/28/2021 - 13:59

The Cuddle Up Dinosaur Blanket features the corner to corner stitch and a roaring good time! Crochet one for your own little wild one with this crochet pattern on Moogly! Disclaimer: Materials for this pattern were provided by Yarnspirations; this post includes affiliate links. Cuddle Up as a Dinosaur… or Dragon? With this pattern, it’s...

Read More

The post Cuddle Up Dinosaur Blanket appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

0
Categories: Crochet Life

Pages

Subscribe to Furiously Eclectic People aggregator