Feed aggregator

The Desingverse

The Splintered Realm - Fri, 07/09/2021 - 19:04

Max T has jokingly (I think) referred to my work as 'the Desingverse', which I suppose is my own sort of universe where my stories exist. Up until now, I didn't think much about the moniker (although I found it flattering), but I've started to realize that I can unify everything I've done in this one milieu - or at least my comics work.

My first comic book was called Seymour, about a fantasy world and a sword-wielding teddy bear who is on a quest. A few months ago, I started sketching Seymour again, and actually created two pages of a comic. I knew he was on a quest in a dark land, and that he was protecting a baby girl. I didn't really know much else. It hit me today; he is an important link in the story of Vesper. She is the princess of the Shadow Realm, but is currently deposed (she and Oberion can get together and complain about it some time). However, she was originally trapped there as an infant, and her subconscious mind created Seymour to protect her and get her out, into the mortal realm. He is still there, waiting for her return. He cannot leave the Shadow Realm (he is part of it), but he's still there fighting the good fight. He's met Doc Stalwart a few times.

I already fit the Army Ants in. They were a backup feature in the golden age stories, and have appeared in dream machine sequences in his present adventures.    

Teaching Ted was a comic strip I did about a teacher named Ted Zeitgeist who is trying to make his way through his first few years of teaching. However, Ted has a side hobby - he is the world's biggest collector of Doc Stalwart merchandise, and he is publishing a book about Doc Stalwart, taking a scholarly approach to documenting and analyzing Doc's adventures. He is 'me' in the world where Doc Stalwart comics are being published. I almost think that he is the one writing the prose adaptations, not me... if that makes any sense. So his comic strip has actually happened to him in the world where Doc Stalwart comics are being published (but where superheroes and Doc Stalwart are entirely fictional). The Stalwart Age is the world's most popular RPG in that world (as it should be in this one, but I digress...).

How to send an anonymous email

Malwarebytes - Fri, 07/09/2021 - 16:37

Sometimes readers ask us how to send an anonymous email or how criminals and scammers manage to send anonymous emails. Since this is not an easy question to answer, because, for starters, there are several ways to interpret the question, I’ll try to give you some information here.

Interpret the question

Sending an anonymous letter via snail-mail was easy. You forgot to add the sender address, filled out a false one, and if there was a chance the receiver could recognize you by your handwriting you used newspaper clippings to construct the sentences. And snail mail had the advantage that you could drop your message in a mailbox that gathered mails from various senders before starting the delivery process. So, not even the carrier had any way to identify the sender. The place of origin is hidden except maybe roughly by looking at the post stamp to see from what postal district the letter came. Unless the sender went through the trouble of driving halfway across the country to post the letter.

As you can see there are a few sides even to this low-tech version of an anonymous mail:

  • No sender address
  • False sender address
  • Masking the content > encryption
  • Carrier
  • Origin masking
What is a spoofed email?

Since sending an email without a sender address can result in errors and will certainly raise suspicion, it is easier to spoof a sender address. Spoofing is sending an email with a false sender address. Spoofing an address is relatively simple since the Simple Mail Transfer Protocol (SMTP) does not check the information in the  “From”, “Reply to”, or “Sender” fields. The only reason it is possible to track back an email with a spoofed address is because the email headers will include the sending IP address.

So, to pull off a completely untraceable spoofed email the sender will have to use a VPN to mask their IP address or use a compromised system to send the emails from. Compromised servers are popular with people running malicious email campaigns.

How can I send and receive an encrypted email?

A very different concern is to hide the content of an email from anyone except the intended receiver. This requires some type of encryption that only the receiver can decrypt. Encrypting emails like this—known as end-to-end encryption—has historically been difficult, although the tools for achieving this kind of encryption are getting better and easier to use.

Most emails are encrypted during transmission, but they are stored in clear text when they are at rest, making them readable by third parties such as email providers. But there are some providers that provide end-to-end encryption and zero access encryption to secure emails. This means even the service provider cannot decrypt and read your emails.

If you want to have full control and not depend on a provider you will need to exchange public keys with the parties that you want to start encrypted communications with. Once you have exchanged keys, most email clients will offer you the option to encrypt emails on a per-message basis.

How can I send an email anonymously?

I wrote a blog post on how to send encrypted mails a long time ago. Some things have become considerably easier since then. Some carriers offer you the option to send end-to-end encrypted email for free. Personally I have only tried Protonmail which allows you to come up with your own email address, and even the free version is free of advertisements. You only need to provide an existing email address if you want to use that as a recovery method in case you forget your credentials. If you do not need that option the sign-up procedure is completely anonymous.

Is ProtonMail really anonymous?

Protonmail is a secure email provider that does not solicit any information from you to use the free version, as long as you don’t chose to use the recovery option. For any legitimate use case Protonmail can be considered secure and private. This is considering that for any legitimate use cases it should be enough to send an encrypted email, so that the intended receiver is the only one that can read the content of the message.

Protonmail can even be used in combination with a VPN so that even your IP address remains hidden. Unfortunately this also makes the service very popular amongst ransomware peddlers who sometimes create individual Protonmail accounts for every single victim.

Can email be traced?

Even hardened criminals make mistakes, so you should always be weary of the fact that an email you sent can be tracked back to you. On the other hand it is virtually impossible for anyone to trace back an email that was sent using all the techniques we have described above. As so often, it is wise to assume the worst possible scenario. We have seen script kiddies that thought they could use a Gmail account as a means to send anonymous emails. Maybe the receiver will not be able to trace it back, but the police certainly will, with some help from Google. If you need plausible deniability don’t put it in writing. For legitimate use we hope to have handed you some useful tips.

I have received an anonymous or spoofed email. What should I do?

How you deal with any mails you receive normally depends on the content. As with any email, it is advisable to scrutinize whether the email and the sender are who and what they claim to be. If you recognize the sender but don’t trust the content, contact the sender through other means to verify they sent it. Do not send read receipts or other confirmations that you have read the mail before you are sure you can trust the sender.

You can find some tips on how to recognize and deal with unsolicited mail in this blogpost about recognizing and disposing of malicious emails and this article about phishing. If the mail has the character of an extortion email you may find our post describing what to do when you receive an extortion email helpful. Depending on where you live it may be prudent, or even mandatory, to inform the proper authorities about any extortion attempts.

The post How to send an anonymous email appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Judge drops hammer, dishes 7 years slammer for BEC and romance scammer

Malwarebytes - Fri, 07/09/2021 - 16:21

A Texas resident has finally paid the price for a heady mix of malicious mail antics. A combination of business email compromise (BEC) scams and romance fakeouts bagged them $2.2 million across roughly 6 years.

This is quite a divergent portfolio of scamming activity. You may typically assume BEC scammers, for example, stick to that as it’s their area of expertise. Did you want the fake romance department? Sorry, they’re back down the hall.

If nothing else, this case is instructive in that people running these schemes happily mix-and-match. Shall we take a look?

Business email compromise 101

Business email compromise is a simple yet potentially devastating attack aimed at organisations the world over. These begin with a phish from a stolen or spoofed company mail address. If the address belongs to someone in finance or a CFO, so much the better. The aim of the game is convincing someone to wire funds overseas. If the company has no mechanisms in place to deal with such a threat, there’s a good chance the money is gone forever.

Romance scams 101

These have been around pretty much forever. You know the score: Fake military generals promising a new life overseas, catphishing, random emails out of the blue from people who only need the cost of the airfare to fall into your arms, and so on.

Something this has in common with BEC scams is the ridiculous amount of money to be made from it. Both of these scam areas are wildly profitable for people who know what they’re doing.

So now you can perhaps see why this particular individual was so invested in dabbling in not one, but two scam tactics. With that short explanation out of the way, let’s get back to the story at hand.

What happened in Texas?

Roughly seven years of imprisonment and an order to pay $865,210.78 back to victims, that’s what.

You know how we’re always warning people about the risk to fraud victims from money laundering? That’s where an innocent party is tricked into moving money from / to accounts, without realising the money has been stolen. The innocent party, otherwise known as a money mule, is left holding the legal responsibility as the perpetrators pull strings from behind the scenes. Prison time often beckons.

Here, we have someone caught by those same rules while actively getting up to no good. According to the a release, the perpetrator pleaded guilty to one count of conspiracy to commit money laundering.

Using a “fraudulent foreign passport” to open a number of bank accounts in different areas, they used them to:

…receive, launder and distribute wire transfers to coconspirators illegally receiving proceeds of BEC and romance schemes.  For his efforts, Onoimoimilin collected between 10% and 15% of more than $420,000 in fraudulently obtained funds.

New crimes, old laws

It’s frequently tricky to charge people with bad computer related activities, despite there being quite a lot of laws to cover them. Money laundering though, that’s a relatively straightforward one and legal folks understand it perfectly. If they can prove you’ve been ushering money in and out of your account in ways you shouldn’t be, rest assured a whole lot of trouble is heading your way.

Mileage may vary for how satisfying it is for victims to see this person put in prison. There’s almost certainly folks who won’t be getting their money back. Considering we’re talking about life savings and wage packets, there won’t be a happy ending for everyone. Whether we’re talking BEC or romance scams, we need to do our part to ensure we give scammers as few opportunities to strike as possible.

The post Judge drops hammer, dishes 7 years slammer for BEC and romance scammer appeared first on Malwarebytes Labs.

Categories: Techie Feeds

How one word can disable an iPhone’s WiFi functionality

Malwarebytes - Fri, 07/09/2021 - 15:41

A researcher has found a way to disable the WiFi functionality on iPhones by getting them to join a WiFi hotspot with a weird name.

This shouldn’t be happening. The first thing you learn in coding school when it comes to input (which is literally any data a device has to do something with) is to validate it. Well, maybe not the first thing, but if you want to practice secure coding it is one of the most important things: Make sure that a hacker can not abuse your application by feeding it something it can’t digest. Like a WiFi network name.

It is not the first time by the way that iPhones can be compromised by using a format string vulnerability. And I’m afraid it will not be the last.

Let’s talk iPhone

iPhones are supposedly much more secure than Android devices, but as it turns out I can disconnect your secure iPhone from any WiFi by using a simple format string vulnerability. All I would have to do is make you connect to a specific WiFi hotspot.

The magical WiFi network name (SSID) for fritzing your phone is %p%s%s%s%s%n but since the underlying issue is almost certainly the fact that  % is interpreted as a string format specifier, you can bet there are more possibilities to be found.

After joining my personal WiFi with the SSID “%p%s%s%s%s%n”, my iPhone permanently disabled it’s WiFi functionality. Neither rebooting nor changing SSID fixes it :~) pic.twitter.com/2eue90JFu3

— Carl Schou (@vm_call) June 18, 2021 String format specifiers

In programming you sometimes have to build words and sentences you want to show the user using some information you know in advance, and some you don’t. In C and C-style languages, string format specifiers are used. They have a special meaning and are processed as variables or commands by the printf function.

A simple printf command might look like this:

printf("Malwarebytes %n rules", &c);

In this example %n is a string format specifier that modifies the output. When the program prints the sentence “Malwarebytes %n rules” the %n will be replaced by the number of characters preceding it, so it will output:

Malwarebytes 13 rules

There are many other format specifiers that do different things. They look like a percentage sign followed by a single character that specifies the type of data, for example %s will be replaced by a string of characters, %d by a number (a decimal integer), %p by a pointer address and so on.

So you can see why an WiFi network called %p%s%s%s%s%n might cause problems. Apple’s programmers should have ensured their code reads names like that as percent signs and letters, not as string format specifiers. It seems they didn’t.


I can hear you thinking, so what? I would never join a WiFi Hotspot with such a weird name. Well, maybe you wouldn’t, if you would notice that the name looks out of the ordinary. But anyone can spoof a well-known SSID and your device will happily connect to it again if it’s connected to an open SSID by that name before.

Other research has shown that the vulnerability is not only restricted to the iOS operating system, it can potentially affect the macOS operating system. The same research team found a way to construct the network name in a way that does not expose the user to the weird characters, making it look like a legitimate, existing network name.

It is not impossible that researchers will find a way to construct SSID names that can lead to remote code execution (RCE) attacks. But this will probably turn out to be too complicated since you would be limited by the maximum length of an SSID (32 characters), the limited functionality of the string  format specifier, and the memory location of the format string. The format string is located on the heap which does not provide the attacker control of the pointers on stack. Which is not to say that this method could not be used in combination with other vulnerabilities.

Recovery from testing

If you couldn’t resist testing this and now you want your WiFi options back, here is how to do it. You will have to reset their iPhone network settings (Settings > General > Reset > Reset Network Settings), which will erase all your WiFi passwords. This is not a permanent fix for the issue. Any time your device is affected by the issue, you will have to reset it again.

And don’t go overboard with your testing. As this researcher has found out the reset does not work for every possible string.

You can permanently disable any iOS device's WiFI by hosting a public WiFi named %secretclub%power
Resetting network settings is not guaranteed to restore functionality.#infosec #0day

— Carl Schou (@vm_call) July 4, 2021

The post How one word can disable an iPhone’s WiFi functionality appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Bernat Mushroom Stuffie

Moogly - Fri, 07/09/2021 - 15:12

The Bernat Mushroom Stuffie is a cute and very cuddly friend you can crochet with Bernat Blanket! Easy to customize and perfectly huggable, it’s a new free crochet pattern – video tutorials included! Disclaimer: This post is sponsored by Yarnspirations, all opinions are my own.  Bernat Mushroom Stuffie The Bernat Mushroom Stuffie is made with Bernat...

Read More

The post Bernat Mushroom Stuffie appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

Categories: Crochet Life

Stingray is Back! And Five Star Five Flies at Last

Blogtor Who - Fri, 07/09/2021 - 14:56

There’s action aplenty for Anderfans this summer at Big Finish, as two new audio adventures arrive in July and August 2021   Five Star Five: John Lovell and the Zargon Threat and Stingray: Operation Icecap are the next Anderson Entertainment audio adventures. Big Finish will be digitally distributing both stories this summer. With epic scores […]

The post Stingray is Back! And Five Star Five Flies at Last appeared first on Blogtor Who.

Categories: Doctor Who Feeds

On the Top Ten Tactics for Hostile Dungeons

Hack & Slash - Fri, 07/09/2021 - 12:00
10. Lard/Grease: Whether a squeaky door, a greased staircase before a fight, or assisting with opening rusty and old latches, having some lard and grease is always useful.
9. Tiny birds: A lot of times, you'd like to see what would happen if someone went somewhere, only you don't trust it enough to go. With this small sack of birds, you can check for traps, trade to people for passage, notice if the air is toxic, or even distract unintelligent opponents. Taking them along extends your life, at the expense of theirs.
8. Paying attention: At its core, Dungeons & Dragons is about exploring a resonant fantasy realm filled with archetypal representations. This process is handled by conversation using the Socratic method. You ask questions, the Dungeon Master gives answers, yeah? If you're not asking questions or listening, you're watching your friends play Dungeons and Dragons. When you all jump in and work together, it raises the experience for all involved.
7. Gloves & Helmet: If you don't have to touch something with your bare hands, don't. Don't press parts of your body (like ears or eyes) against things. You call people that don't wear covers corpses. Get a hat, preferably one made out of metal that lets you see in the dark, grants telepathy, or makes you smart or something. There very well might be treasure in the garbage or latrine, there almost certainly is, but you don't want to go in there yourself.
6. Equipment shenanigans. Casting a light spell on a shield lets you see opponents and plays havoc with enemy archers. Buy a metal sectioned pole, so you can attach a hook, vary length, and carry one in cramped quarters. Collect potions and scrolls and don't hesitate to use them, there's always more magic to find.
5. Hammer & Piton: It holds doors both closed AND open. It draws a lot of attention. It allows you to attach rope to things. They solve problems.
4. Torchbearers & Porters: Yes it's difficult to convince them to head into dangerous territories, but when there are a lot of things that need to be done, having a man or two around who can do them is helpful. Purchase them brightly colored festive outfits. Give them nets and poles to trip up enemies, ball bearings, oil, caltrops and other things they can throw. They can pull people to safety and best of all, they draw archer fire. People don't get into this vocation because they want a safe workplace.
3. Elves & Dwarves: Everyone loves their half-demon, half-cat, half-turtle, kenku-whatever sub race, but facts remain. You want an elf for secret door detection and a dwarf for detecting stonework traps and sliding doors. Often they can see in the dark. If you don't have one in your party, hire one in town as a buddy.
2. Oil: You don't want to need it and not have it. If you want to be sure something is dead, burn it to ash.
1. Ten-Foot Pole: You will want to touch things and not be near them. Trust me.

I hope you explore some fun dungeons this weekend!

Your support is needed. You like posts like this? Support on Patreon, and you keep them coming!

Hack & Slash 

FollowTwitchNewsletterSupportDonate to end Cancer (5 Star Rating)

Categories: Tabletop Gaming Blogs

Link Love: My Favourite Things This Week

Knitted Bliss - Fri, 07/09/2021 - 11:00


My Favourite Articles and Links This Week I’m in awe of the scale and colours of these huge weavings– so graphic and fun. Don’t worry if your lockdown didn’t feel like a personal growth sabbatical. I loved reading this- Nigella Lawson and the pleasure of eating food. Why your ’emotional runway’ is shorter than it

The post Link Love: My Favourite Things This Week appeared first on %%www.knittedbliss.com%%.

Categories: Knitting Feeds

Stripe Gremlin Variant Adapted From the Film Gremlins '84 Adapted For Cepheus Engine, Cepheus Atom, & Hostile Rpg Setting

Swords & Stitchery - Fri, 07/09/2021 - 06:17
 Gremlins are a foul kobold like small humanoid creature created by the mishandling of the Mogwai progenitor animaloid. The Stripe variety of Gremlin is an evil parent species of the monster slightly more intelligent & very cruel. The Stripe Gremlin is distinguished  by the while mohawk hair like crest upon their heads. Any drop of water will create 1d6 more Gremlins from the Stripe projenitor Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

250 Cover

The Splintered Realm - Thu, 07/08/2021 - 17:22

Over on Patreon, I've posted a public link to the cover to Doc Stalwart #250. I have already posted a summary (in draft form) of what happens in issue 250. I have been posting A LOT to the Patreon page, and I plan to do that going forward. Patrons get to see at least two new things per week (character profiles, issue summaries and covers, new one-page adventures), a week before these things go live to the Stalwart Age blog. I've also added a $1 tier to pledge at; please consider signing up. I am going to be delivering a LOT more than $1 worth of content every month, and your patronage will help me keep working on Stalwart Age material. Thanks!

Retooling the Free L5B: The Kroten Adventures by Lenard Lakofka (Author) For An OSR Sword & Sorcery Campaign

Swords & Stitchery - Thu, 07/08/2021 - 17:21
 This blog post is going to pick right up from where the last blog post left off. And we pick up with the fact that in Hyperborea, the Koaten region is actually a place that has been transported from Greyhawk over to Hyperborea. But how & why are lost to legend & its simple as that. From here the campaign can easily kick into high gear. L5A: The Kroten Campaign Guide is essential for what we're Needleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Malspam banks on Kaseya ransomware attack

Malwarebytes - Thu, 07/08/2021 - 16:45

The Malwarebytes Threat Intelligence Team recently found a malicious spam campaign making the rounds and banking on the ransomware attack that forced Kaseya to shut down its VSA service.

This is a classic example of an opportunistic attack conducted by (potentially) another threat actor/group off the back of another threat actor/group’s attack. With Kaseya being a big name in the MSP world and the company attempting to take their VSA SaaS platform off the ground, post-attack, it’s the perfect time and opportunity to also capitalize on organizations who are eagerly waiting for the hotfix that REvil exploited in the first place so they can get back to business as quickly as possible.

This is a sample malspam captured by Malwarebytes experts. Note that it appears to be a reply that is part of an email thread.

The email that Malwarebytes found contains both a malicious link and attachment purporting to have come from Microsoft. The link leads to the download of a file called ploader.exe while the attachment, named SecurityUpdate.exe. Both of these are Cobalt Strike payloads.

The email reads in part:

“Guys please install the update from microsoft to protect against ransomware as soon as possible. This is fixing a vulnerability in Kaseya.”

The Threat Intelligence Team at Malwarebytes also noted that the location where the payload is hosted is the same IP address used in another malspam campaign that was pushing Dridex, a known information stealer. In the past, threat actors behind Dridex campaigns were also observed using Cobalt Strike.

If you may recall, Cobalt Strike is a legitimate software that bills itself as an “adversary simulation software.” Ransomware actors, in particular, are known to abuse legitimate software and make it part of their overall malicious attack against target organizations during their big game hunting (BGH) campaigns.

If you’re a Kaseya client, you can get first-hand updates on the VSA incident here.

It goes without saying that any and all companies affected by the Kaseya ransomware attack should only get patches straight from their vendor. Links and/or attachments sent over your way, even from a trusted colleague, should be suspect until you have confirmed with your vendor of the availability of a patch and where or how to get it. Realize that this is not the first time that threat opportunists bank on attacks like what Kaseya experienced. Opportunists will show no mercy in targeting cyber attack victims multiple times as long as they get something out of it.

In this case, with the use of Cobalt Strike, these threat actors intend to also gain access to your already-compromised system possibly for further reconnaissance or to conduct a local, follow up attack.

Stay safe!

The post Malspam banks on Kaseya ransomware attack appeared first on Malwarebytes Labs.

Categories: Techie Feeds

MooglyCAL2021 – Block #14

Moogly - Thu, 07/08/2021 - 15:00

MooglyCAL2021 Block 14 is a graphic tapestry crochet design by Briana Kepner of Briana K Designs! The Monstera Crochet Square is right on trend – so totally 2021! Read on for all the details, and for the link to Block #14 in this free year-long crochet along! Disclaimer: This post includes affiliate links; materials provided...

Read More

The post MooglyCAL2021 – Block #14 appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

Categories: Crochet Life


First Comics News - Thu, 07/08/2021 - 14:23

PORTLAND, Ore. 07/08/2021 — Image Comics is pleased to announce that every issue of the wildly popular Stray Dogs by Tony Fleecs and Trish Forstner will be rushed back to print—for the final time—to alleviate the untamed reorder activity on the series.

In this suspenseful miniseries, readers meet Sophie, a dog who can’t remember what happened. She doesn’t know how she ended up in this house. She doesn’t recognize any of these other dogs. She knows something terrible happened, but she just…can’t…recall…Wait! Where’s her lady? Now Sophie has to figure out where she is, what’s happening, and how she’s going to survive this. They say there’s no such thing as a bad dog—just bad owners.

Stray Dogs is a five issue, Don Bluth-style mystery/horror miniseries best described as Lady and the Tramp meets Silence of the Lambs.

The Stray Dogs #1-5 final reprints will be available at comic book shops on Wednesday, August 4:

  • Stray Dogs #1 fifth printing, Cover A – MAY219398
  • Stray Dogs #1 fifth printing, Cover B blank – MAY219399
  • Stray Dogs #2 fourth printing – MAY219400
  • Stray Dogs #3 fourth printing – MAY219401
  • Stray Dogs #4 fourth printing – MAY219402
  • Stray Dogs #5 second printing, Cover A – MAY219403
  • Stray Dogs #5 second printing, Cover B 1:10 copy incentive – MAY219404

Stray Dogs is also available for purchase across many digital platforms, including Amazon Kindle, Apple Books, comiXology, and Google Play.

There will also be a FCBD edition of Stray Dogs available on August 14, at participating comic shops, which will feature a brand new prologue, “That Doggie in the Window”—the unnerving story of the very first dog to ever come to the Master’s house.

Categories: Comic Book Blogs


First Comics News - Thu, 07/08/2021 - 14:21

STAMFORD, Conn., July 7, 2021 – WWE® (NYSE: WWE) and Rolling Loud, the world’s premier rap festival, today announced a new partnership that brings Friday Night SmackDown to Rolling Loud Miami 2021 on July 23. The occasion marks the first ever collaboration between WWE and a major music festival.

Gracing the same stage as festival headliners Travis Scott, Post Malone and A$AP Rocky, WWE Superstars will compete in matches live from Rolling Loud Miami. The July 23 edition of Friday Night SmackDown on FOX will feature a split-site broadcast with multiple matches at Rolling Loud Miami, and the remainder of the evening held at Rocket Mortgage Fieldhouse in Cleveland.

“What Matt Zingler, Tariq Cherif and the entire Rolling Loud team have built is spectacular,” said Scott Zanghellini, WWE Senior Vice President, Revenue Strategy & Development. “We couldn’t think of a better partner to deliver such a unique WWE experience to fans during the July 23 edition of Friday Night SmackDown on FOX.”

“I grew up on Sweet Chin Music, mesmerized by the spectacle that Vince McMahon and co have built at WWE,” said Tariq Cherif, Co-Founder/Co-CEO of Rolling Loud. “The idea of weaving our two storylines into one world, one must see event, is electrifying.”

“And I quote! If ya smell…what the WWE and Rolling Loud…is…cookin’! Give me a hell yeah!,” said Rolling Loud Co-Founder/Co-CEO, Matt Zingler.

WWE has a rich history of integrating music into all aspects of its brand and collaborating with some of the most celebrated artists in the world. Over the years, world-renowned hip-hop artists including Snoop Dogg, Diddy, Three 6 Mafia, MGK, Wale and many others have performed at WWE’s biggest events.

Bringing 130 of the hottest acts in hip-hop to Hard Rock Stadium in Miami Gardens, Fla., the sold out Rolling Loud Miami 2021 is a triumphant return for live rap music, and a coming out party for risers and new superstars eager to play in front of a festival crowd. The sixth Rolling Loud festival in Miami, where it started as a humble one-day event in Bayfront Park, Rolling Loud Miami 2021 will occur from July 23-25.

Friday Night SmackDown airs live on FOX at 8/7c and features Universal Champion Roman Reigns, SmackDown Women’s Champion Bianca Belair, SmackDown Tag Team Champions Rey and Dominik Mysterio, WWE Intercontinental Champion Apollo Crews, Bayley, Seth Rollins, Kevin Owens and more.

Rolling Loud Miami is the first of three Rolling Loud festivals happening this year. On October 28-30, Rolling Loud returns to the birthplace of Hip Hop with Rolling Loud New York 2021, headlined by Travis Scott, J. Cole, and 50 Cent, taking place at Citi Field in Queens. The festival heads to the West Coast on December 10-12 for Rolling Loud California, headlined by J. Cole, Kid Cudi, and Future, from NEO Events Center in San Bernardino, Calif.

Stay tuned for more announcements about the Rolling Loud and WWE/Friday Night SmackDown partnership in the weeks leading up to the festival.

Categories: Comic Book Blogs

Kaseya update delayed for security reasons

Malwarebytes - Thu, 07/08/2021 - 13:53

Software vendor Kaseya has been caught in the chaos of a supply-chain compromise by the REvil ransomware gang since Friday. Around 40 managed service providers (MSPs) that rely on Kaseya VSA software to administer customers’ IT—and up to 1,500 of their customers—have been stricken with the ransomware.

In response to the attack, Kaseya shutdown the SaaS version of VSA, and instructed users of its on-premises customers to do the same. Organizations that use Kaseya VSA, and their clients, have been without the administration tool since.

Yesterday, the company released a video detailing the attack and steps taken to mitigate it. It was hoping to be back up and running as soon as possible, but it seems an already cautious approach has taken on an additional helping of reserve.

A new, unscripted video has been released in the last few hours which details a delay to getting things back up and running. The original estimate for a recovery timeline appeared to be bringing the SaaS version of VSA back on Tuesday morning, with on-premises installations to follow. That then switched to today. This latest video now mentions Sunday as the most likely date for things to get moving. The reason? Security, apparently.

Security concerns

Friday’s attack was made possible by a zero-day vulnerability in the on-premises VSA platform. Since then, Victor Gevers of the Dutch Institute for Vulnerability Disclosure (DIVD) has revealed that the organization had been in a “coordinated vulnerability disclosure process” with Kaseya at the time of the attack. Fixing those is clearly top of Kaseya’s agenda before it can instruct customers to restart VSA servers.

Striking an apologetic and far less bullish tone than in his first video, the beleaguered Kaseya CEO, Fred Voccola, says the new release time is going to be “this Sunday, in the early afternoon, Eastern Standard time“. This decision, he says, is down to him alone in order to put additional layers of protection in place.

In his own words:

The reason for that is we had all the vulnerabilities that were exploited during the attack, we had them locked. We felt comfortable with the release. Some of the third-party engineers, engineering firms and companies that we’ve been working with, as well as some of our own IT people, made some suggestions to put additional layers of protection in there for things that we might not be able to foresee. This was probably the hardest decision that I’ve had to make in my career. And, we decided to pull it for an additional three and a half days, or whatever the approximate time is … to make sure that it is hardended as much as we feel we can do for our customers.

The slow, careful approach will no doubt cause some roadblocks for customers waiting on systems to be back online. However, this has to be a better alternative than something else happening because a weak spot wasn’t identified.

The company has released a Compromise Detection Tool, and created a runbook of changes Kaseya VSA customers will need to their on-premises environments to prepare for Sunday’s patch.

You can see a full up-to-date timeline of events in the Kasya supply-chain attack in our original article. We will update this as new facts emerge.

The post Kaseya update delayed for security reasons appeared first on Malwarebytes Labs.

Categories: Techie Feeds

On the Thursday Trick, Monster Guts

Hack & Slash - Thu, 07/08/2021 - 12:00
So, it never fails.

You put ONE GEM inside of a dead kobold, and for the next TWO YEARS your players butcher the guts of every creature they come across.

How to turn this into an example of agency instead of an automatic action?

Two steps:

  • Have a consequence for taking this action
  • Provide clues in the environment or the encounter that the creature might have eaten something
ConsequenceMuch of what a relevant consequence is has to do with what type of game your are playing. In a megadungeon, having the butchering take a turn and grant a bonus to the next one or two wandering monster checks is a reasonable and significant penalty.
In quest based small site adventures it becomes more difficult to institute a reasonable penalty. Perhaps a penalty to monster reaction, or in the likely event that reaction rolls are not used in your quest-based game, a penalty to social checks or even charisma for a short period after butchering the creature. Certainly in a more social game, providing to diplomacy, gather information, and bluff checks along with a bonus to intimidate checks) is a reasonable penalty (or a penalty on reaction rolls). 
CluesWhat can clue you in that a person or animal might have something hidden inside their stomachs?
  • A wild animal lair with fresh kills of humanoids
  • A corpse nearby something subtly missing
  • A prisoner being interrogated
  • Nearby non-food substances having bite or teeth marks
  • Interesting items found in stools or obvious elimination areas 
These need not be obvious. A fresh kill in a monster lair can be described as having equipment, but with his guts and groin chewed out and eaten. Searching the stomach of the monster will turn up a belt buckle and pouch. The same with leaving a fresh kill that is missing a hand, where you find a ring inside the target.
The subtle missing item can be something very obvious i.e. "There is a circle of dust where something once stood on the table" or it can be more subtle "You find paper and pens inside a drawer" where the stomach contains magical inks. The corpse doesn't necessarily have to be in the room -- the players can kill it nearby and be forced to connect the missing item with the monster that could have eaten it. 
Interrogated prisoners will often consume anything valuable they are carrying to hide it.  
The other two are obvious clues that if downplayed only active and experienced adventures will follow up after itemizing the treasure they found.

Your support is needed. You like posts like this? Support on Patreon, and you keep them coming! Original publication date April 2014.

Hack & Slash 

FollowTwitchNewsletterSupportDonate to end Cancer (5 Star Rating)

Categories: Tabletop Gaming Blogs

Doctor Who Returns to San Diego Comic Con!

Blogtor Who - Thu, 07/08/2021 - 10:50

Jodie Whittaker, Mandip Gill and Chris Chibnall will be representing Doctor Who at SDCC this year — plus a mystery guest! San Diego Comic Con is a virtual event again this year, but the biggest convention in the world will still playing host to a Doctor Who panel. This year, the panel will include Jodie […]

The post Doctor Who Returns to San Diego Comic Con! appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Is Peacemaker Set to Be One of the Best Superhero Series Ever?

First Comics News - Thu, 07/08/2021 - 05:50

Peacemaker is a brand-new superhero series set for release on HBO Max in January 2022. It is a spinoff of The Suicide Squad, focusing on John Cena’s character from the film. It will mainly draw from the DC Comics source material of the same name, which has been in publication since 1966. There are some big names attached to the series, including Cena and The Suicide Squad director James Gunn. With HBO’s reputation for creating incredible series, this could be one of the best superhero offerings to ever hit television screens.

All the Components of For an Incredible Series

Are you ready for what the #Peacemaker crew is cooking up? @DCPeacemaker @hbomax #teampeacemaker @thedanieb @JohnCena @jennlholland @steveagee @CConradTweets pic.twitter.com/Yo5hfHhHLJ

— James Gunn (@JamesGunn) February 18, 2021

After HBO’s Watchmen in 2019, superhero fans have been desperate for the network to adapt another classic comic. The dystopian offering from Damon Lindelof earned incredibly high esteem from critics and has a score of 96 percent on Rotten Tomatoes. This success led HBO to decide to work on another DC offering – Joe Gill and Pat Boyette’s Peacemaker. The fact that this series will appear on HBO Max – home of other classic series such as The Wire and The Sopranos – is already promising.

Some other factors suggest Peacemaker could be a massive hit. The fact that Gunn has such a commanding role in the series production is tantalizing. The 54-year-old director has written all the episodes and is directing most of them. He also serves as the series’ overall showrunner. Gunn is known for having written several popular films including Dawn of the Dead in 2004, and all three Guardians of the Galaxy volumes.

Cena is one of a few well-known actors set to appear in Peacemaker. He will be joined by Steve Agee, Danielle Brooks, and Robert Patrick. Peacemaker is far from a traditional superhero, and there are some dark themes in the comics. This should help it appeal to audiences who enjoyed Watchmen.

Franchise Could be Expanded into Games

As an additional way to market the new series, HBO may decide to commission several games to boost the franchise and spread the word about it. This has often been the case with superhero offerings, as fans of the genre can be found in a few different markets. To ensure that everyone is aware of Peacemaker, it would make sense to release games on a variety of platforms.

This model has been highly successful for other DC characters in the past, and it seems that superheroes from these comics are perfectly adaptable to games. The list of incredible games based on DC superheroes is endless. Some of the most popular ones featured in the Batman: Arkham series from Rocksteady Studios. Other notable offerings include Justice League Heroes in 2006 and Injustice 2 in 2017. There have been some classic mobile games as well, such as Teeny Titans, and DC Legends: Battle for Justice.

Perhaps the best place to find DC Comics characters all in one place is in the online casino industry. There are countless free slots based on these Superheroes for players to choose from. These include Wonder Woman: Bullets & Braces, Man of Steel, The Dark Knight Rises, and Aquaman. A Peacemaker title would certainly not look out of place among these similar options. The variety here also shows how players are constantly searching for more superhero slots to play. Due to advancements in technology, these slots can be played on mobiles too as most of these slots are based on HTML5, meaning you don’t have to game on your PC. This also means you don’t have to download anything, as most you may need to just register an account somewhere.

It should also be noted that there is going to be a Suicide Squad console game from Rocksteady Studios next year. Peacemaker doesn’t feature in Suicide Squad: Kill the Justice League, but it could have a knock-on effect on the success of the television series by making more viewers aware of The Suicide Squad film.

Could All Depend on the Success of Suicide Squad

Despite having a lot of things working in its favor, the success of Peacemaker could all hinge on how well The Suicide Squad does when it is released later this year. The new silver screen title from DC Films is considered more of a reboot, rather than a sequel to 2016’s Suicide Squad. That offering was a box office success, but it was torn apart by critics with negative reviews. The 2021 title has a chance to redeem these characters and could revitalize the franchise.  If it does, then viewers will be desperate for more content and will be eager to watch Peacemaker.

Marvel has already released a variety of superhero offerings for television, with mixed success. DC Films will be hoping to branch out to this medium with a greater number of options in the future. Peacemaker has all the ingredients to make it a classic and, if it lives up to its potential, it could lead to several other spinoff series in the DC universe.

Categories: Comic Book Blogs


Subscribe to Furiously Eclectic People aggregator