Feed aggregator

Red Sonja 2021 Holiday Special preview

First Comics News - Mon, 11/29/2021 - 19:22

Red Sonja 2021 Holiday Special

writer: Mirka Andolfo & Luca Blengino

artist: Zulema Scotto Lavina

covers: Joseph Michael Linsner (A), Will Robson (B), Cosplay (C), Cosplay (D-RI/Virgin), Will Robson (E-RI/Virgin)

FC | 40 pages | Action/Adventure | $4.99 | Teen+ 

An all-new She-Devil tale, from ongoing Red Sonja architect MIRKA ANDOLFO and a cavalcade of creators! The grim Sonja is not one for ebullient festivities. But her recent “adoption” of the mysterious child Sitha has (temporarily) melted her defenses, just in time for revelry. But will outside forces aiming to prod and pillage put a pause on the party? By MIRKA ANDOLFO (Sweet Paprika)!

Categories: Comic Book Blogs

Sonjaversal #10 preview

First Comics News - Mon, 11/29/2021 - 19:22
Missing Attachment

Sonjaversal #10

writer: Christopher Hastings 

artist: Pasquale Qualano

covers: Lucio Parrillo (A), Joseph Michael Linsner (B), Jae Lee & June Chung (C), Junggeun Yoon (D), Gracie the Cosplay Lass Cosplay Variant (E), Joseph Michael Linsner (F-RI//BW), Jae Lee (G-RI/BW), Junggeun Yoon (H-RI/BW), Gracie the Cosplay Lass Cosplay Variant (I-RI/BW)

FC | 32 pages | Action/Adventure | $3.99 | Teen+ 

Final issue!

The worlds of Purple Sonja, Yellow Sonja, Sonja Noir begin collapsing on themselves. In order to save them, they must learn the humongous secret… what is HELL SONJA’s grand design!?

By CHRISTOPHER HASTINGS (Deadpool) and PASQUALE QUALANO (Dejah Thoris)!

Categories: Comic Book Blogs

Encounter With The Unknown - Play Session Recap #3 - ACK's Barbarian Conquerors of Kanahu & Colonial Troopers Knight Hawks rpg

Swords & Stitchery - Mon, 11/29/2021 - 19:11
 So the PC's have located the post 'After The Fall of Man' already and this blog post is going to go right back into the other day's blog entry here. We've been really busy with work so I've had to fall back when it comes to making plans for our crossover campaign 'After the Fall of Man'  a part of our on going ' The Barbarian Conquerors of Kanahu'  & Colonial Troopers campaign. And question cameNeedleshttp://www.blogger.com/profile/11243274667834930867noreply@blogger.com0
Categories: Tabletop Gaming Blogs

Clover Bracelet Maker Review and Giveaway

Moogly - Mon, 11/29/2021 - 16:00

Remember friendship bracelets? Have you noticed they’re back?! The Clover Bracelet Maker tool is what I wish I had when I learned to make them as a teen – and I think anyone who makes them now would love to have one! Take a closer look, and enter to win your own Clover Bracelet Maker...

Read More

The post Clover Bracelet Maker Review and Giveaway appeared first on moogly. Please visit www.mooglyblog.com for this post. If you are viewing this on another site they have scraped the content from my website without permission. Thank you for your support.

0
Categories: Crochet Life

Hackers all over the world are targeting Tasmania’s emergency services

Malwarebytes - Mon, 11/29/2021 - 14:49

Emergency services—under which the police, fire, and emergency medical services departments fall—is an infrastructure vital to any country or state. But when those services come under threat from either physical or cyber entities, it’s as good as putting the lives of citizens at risk as well.

Unfortunately, not every place has the means and manpower like the US to put pressure on cybercriminals who dare target their vital infrastructures. And this is probably why some threat actors would rather take their chances targeting other countries for profit.

As a case in point, the island state of Tasmania in Australia continues to be subjected to multiple cyberattacks on its emergency services from all around the globe.

Hackers have tried breaking into Tasmania Police employee accounts over 800 times in the last 12 months, according to an internal report from the Department of Police, Fire and Management (DPFEM) that was obtained by ABC News Australia.

And that’s just the tip of the iceberg. The report also revealed:

  • CCTV cameras have been compromised
  • A section of the Tasmania Fire Service website was taken over by one or more unknown parties for at least two weeks
  • Two-factor authentication (2FA) was defeated in five occasions on devices owned by DPFEM employees

The DPFEM is said to store and maintain personally identifiable data and classified information, which makes it a goldmine for hackers. If it was ever completely compromised, DPFEM said it won’t be able to bounce back as quickly as the Federal Group, Tasmania’s casino operator that fell victim to a ransomware attack from the DarkSide hacking group, did.

“Unlike Federal Group, DPFEM will not be able to recover its entire business operation in under six weeks, even with external assistance, because its Information Security Program is not mature enough to determine the full extent of a system compromise and, therefore, will be required to take all its systems back to bare metal to ensure environmental integrity,” the report said.

The report recommended that the Tasmania Police and Fire Service should invest an $550,221 annually to “keep the department cyber safe.”

The post Hackers all over the world are targeting Tasmania’s emergency services appeared first on Malwarebytes Labs.

Categories: Techie Feeds

CronRAT targets Linux servers with e-commerce attacks

Malwarebytes - Mon, 11/29/2021 - 14:03

There’s an interesting find over at the Sansec blog, wrapping time and date manipulation up with a very smart RAT attack.

The file, named CronRAT, isn’t an e-commerce attack compromising payment terminals in physical stores. Rather, it looks to swipe payment details by going after vulnerable web stores and dropping payment skimmers on Linux servers. It’s your classic Magecart attack with a stealthy twist.

This method means it bypasses the protection people using the websites arm themselves with, rigging the game from the start. By the time you get onto the website, everything may be fine at your end but the stream further up river has already been polluted. It achieves this thanks to the Linux Cron Job system, which we’ll come back to a little later.

First of all, here’s a brief rundown on what Magecart is, and the difference between client-side and server-side attacks.

What is Magecart?

It’s the collective used for multiple groups who partake in web skimming. These attacks rely on outdated CMSes, or plugin zero days. They may go after small businesses running a particular e-commerce platform. It’s possible they use services like bulletproof hosting to frustrate researchers and law enforcement. Web shells are a popular tactic. There are even impersonators out there, just to make things even more confusing.

Client-side versus server-side attacks

Client-side is where the people who buy things from websites hang out. These are the places where operations such as Magecart may lurk. It could be bogus JavaScript loading in from untrusted domains, or perhaps some other form of rogue code. You can ward off threats such as these by using browser plugins like NoScript. There’s an element of control over these factors, in terms of how you try and secure your browser.

Server-side is an attack on the merchants. Your security processes and tools are great, but when someone is directly corrupting the site under the hood, you may be fighting a lost battle. While your typical web shopper’s first run-in with Magecart would be the previously mentioned rogue JavaScript or other code, this attack means browser-based fixes may not help.

With those out of the way, we’ll loop back to Cron and Cron Jobs.

What is Cron?

Cron is a way that people running a Linux system can schedule tasks. Those tasks will run at a specified time/date in the future, and are known as Cron Jobs. Where things get interesting is that you can enter any date you like, even ones which don’t exist. As long as the system accepts your input, it’ll take it on board and file away in the scheduling system.

CronRAT adds various tasks to the cron table, with a date specification that’ll generate run time errors when triggered. What the malware authors have done is take advantage of the “any date can be used” functionality, and assigned them to February 31st. Of course, this is a date which doesn’t actually exist. As a result, the errors will never happen.

As Sansec puts it:

…the actual malware code is hidden in the task names and is constructed using several layers of compression and base64 decoding.

The payload is a “sophisticated bash program that features self-destruction, timing modulation and a custom binary protocol to communicate with a foreign control server.”

This is definitely one way for Magecart to make waves over the Black Friday period and also further still into the Christmas season.

The problem of digital skimming

Here’s some thoughts from Jerome Segura, our Senior Director of Threat Intelligence:

We’ve known for a long time that there are two different ecosystems when it comes to website security: server-side and client-side. While most security companies focus on the latter, the former is probably the more interesting and perhaps less documented one as it requires access to backend systems. This is an example of a threat that is well crafted and meant to evade detection by default browser-side, but also in some aspects server-side due to its clever obfuscation techniques.

What that means from a digital skimming standpoint is that you are always accepting a level of risk by shopping online and placing trust in the merchant’s ability to keep their systems safe. You should be aware of any subtle changes in payment forms and other possible giveaways that a website is not up to par. Without getting too technical, certain things like outdated copyright information or broken HTML elements may be an indication that the store is not keeping their site up to date.

An attacker will first compromise online shops that are vulnerable to attacks, so it makes sense to stay clear of those that are not following best practices.

Safety first

There’s lots of things you can do out there in the real world to avoid ATM skimmers, and related threats. You can also be proactive in the realm of web-based skimmers targeting the sites you make payments on. Issues such as CronRAT may take a little while longer for various industries to figure out.

While there are varying levels of protection for web purchases, it may be dependent on payment method and/or location. It’s also not great to know that if payment data has been compromised, it’s possible the criminals have grabbed other data too. While this may not be the most reassuring message to take into the new year, forewarned is most definitely forearmed.

The post CronRAT targets Linux servers with e-commerce attacks appeared first on Malwarebytes Labs.

Categories: Techie Feeds

Brewkessel Level 1

Ten Foot Pole - Mon, 11/29/2021 - 12:11
By Tom Holmgren OSE Level 1?

Once upon a time, there was a wonderful school of spellcraft and sorcery called Brewkessel. 62 years ago it vanished in a flash of red lightning, taking with it some of the best and brightest names in magic. All that was left behind was a deep, smoking hole. Was it the result of a spell gone wrong? Had the gods finally rained down judgement on their vile witchcraft? No one could say for sure. In fear of repeating Brewkessel’s unknown mistake, one by one the other schools locked their doors. Brewkessel reappeared 7 months ago.

This 66 digest page “zine” uses about 36 pages to describe about 31 rooms on the first level of Hogwarts castle. A fucked up Hogwarts castle. It’s got a consistent vibe (fucked up Hogwarts) and does a relatively good job of supporting the DM, supplementing its excellent formatting and interactivity. Descriptions could use some work, but, hey, whatever. It’s pretty good. 

This mania for calling everything a zine needs to end. It’s a fucking module. Was G1, G2, and G3 three individual zines? No? They were modules? Fuck yes they were. And this is level one of a megadungeon, along with some supporting information on the village outside of hogwarts. The village inn, a bit on the outside grounds, the witch who guards the entrance and so forth. It being a digest, about one to two rooms are on each page, usually along with a nice little minimap showing their relation to each other. 

Ok, so, fucked up Hogwarts. That’s what you need to know. That, more than anything else, is going to be the deciding factor if you want this adventure. The tone. The party WILL recognize aspects of Hogwarts. Four houses. The great hall. Rowing across the lake perhaps. Paintings that talk. The owlery. But then, it’s going to be slightly twisted. A kind of Bioshock/City of Rapture version of Hogwarts. It is still KIND of functioning as a home for some powerful wizards & witches, but … things are a little rough inside and the occupants and magics a bit corrupted. 

You see, the castle was transported to Yuggoth and a lot of people got brain parasites. They settled on the land, learned to adapt, and had a couple of coup’s. Then someone brought the castle back. So, you’ve survived on an alien planet for 65 years, being a bit flexible to survive. That kind of warped. It comes off a lot, in many ways, like Castle Xyntillian, but with a Hogwarts vibe. Both, kind of functioning as their intended purpose … but both corrupted and having a very dangerous disposition. If you want that vibe then this adventure, or at least this level of this adventure, is for you.

Before reaching the castle keys we get a short rumor table and a few businesses in Hogsmead. Those are focused, all three on one page, with the content tending to less is more. A line about the proprietor and maybe what the party can get there. It’s focused on supporting the party through the dungeon rather some kind of a “day in the life of a rustic village” nonsense that all too frequently appears in print. We get a short little “by land or by lake” to the castle, along with wanderers, and a few rival adventuring parties. A wandering monster table for the castle with a paragraph or so for each entry, describing the monster (if there is one) and giving a little push to run the encounter in an interesting way. Exactly what it should be.

And then we reach RIGHT outside the castle. The map depicts a greenhouse, or, at least, the former site of one. And the whomping willow and the forbidden forest, all of which get no description at all. (Perhaps in a future volume?) What we do get, though, are the groundskeepers. When the castle returned a former student and now high level witch showed up to run the entrance, charging people to get in/out, having contracts to sign and casting spells for fee. She’s supported by a large group of animal headed mercenaries … with a variety of possibilities, from mundane to FUCKED UP, as to why they have animal heads and why they support the witch. This harkens back to the old days of groups of thieves hitting the party on the way to/from the dungeon, taking some loot … serving the purpose that the gate guards and tax collectors sometimes do. It’s a nice touch and she adds a lot to the vibe as well as providing some practicalities like Remove Disease and Identify, as well as some mini-quests like finding keys, etc. I should note that there are also a few hooks provided, with one of my favorite being “whenever your blood is spilled, it runs uphill toward the castle”, with a close second being a hideous oracle predicting your death in the castle. Uh, duh, of course I want to go there then! 

Formatting emulates the Necrotic Gnome style of conveying information with bullets, with strategic bolding and cross-references. It’s clean and easy to scan.

Interactivity is great, with curses, boones, banes, potential allies and neutral parties scattered everywhere. Just about every room has some kind of thing going on, which, while not exactly true, even the “empty” rooms feel like you’re someplace worth looking in to. But, how about that painting with a vampire on it. She’d dearly like for you to find the key to the collar she wears … she’s so … thirsty. And in return she feeds you information, helps as much s a painting can … and giving her the key has “consequences for other paintings on this level.”  That’s enough detail for the DM to riff off of without needing to go in to exacerbating detail.

Owlgirl lives in the rookery, once an own, now a girl/owl hybrid. ALl she knows is the rookery, but will grow in to someone else if shes exposed to the wide world beyond … which she is curious about. A classic trope, and combined with the owlery and the owls, a perfect thing for the party to take advantage of. And take advantage they will need. The letter room, near the owlery, has an 8HD mail golem in it. There is no issue here with finding encounters beyond that of the party. They abound. Including the high level staff, who, at least on this level, mostly want to be left to their own devices. Their own Tallulah Bankhead hedonistic devices. 

I could take exception with some the language used to create an evocative environment. Certainly the mini-maps, in an iso-metric view, help, and the bulleted items do a decent job. But the overall nature of the room is, I think, lost a bit. The carpentry shop tells us about scattered rusty woodworking tools, unpleasantly siggy wooden planks and a crude carving. Thats a little lifeless, noting the individual elements present in the room but not the overall vibe of the room, proper. Most of the rooms fall in to this syndrome. A few, though, do not, like room two, the courtyard, which describes overgrown grass, dead in patches with three dead black wood trees spotted with red growths … and a three tier fountain of white stone in the middle, with flowing water, something painted on it, crudely. That’s two bullets, the foliage and fountain, that when taken together in a description provide a good overall feeling of the room. That is missing from most of the entries. This is one of the limits of the Necrotic format, the difficulty in providing an overall feeling. Or, perhaps, the need to ensure that the individual elements add up to that overall feeling. 

Beyond this, you get the usual issues with a single level of megadungeon. What are the connections? How does everything fit together? What do people know about things deeper in? If you are going to accept a level by level design then you must also accept the issues with this. And also, that future levels may be slow, or never, show up

Still, this is a very worthwhile addition to a game. It’s the best Hogwarts I’ve seen. It captures the spirit of Hogwarts, and warped nature turning it in to an adventuring locale … without it being too cutesy or bizarre for the sake of bizarre. It’s a fine line to walk and the designer does a good job. I hope to see more entries. 

This is $9 at itch. The product page has a good preview of the room page layout and so on, and how the designers on personal art compliments the vibe. Nice job.

https://kettlesberg.itch.io/brewkessel-1

Categories: Tabletop Gaming Blogs

Dark Sun: Daggers in the Night

Sorcerer's Skull - Mon, 11/29/2021 - 12:00


The party's caravan arrived at the Silver Springs Oasis. Eowen and Egon went to try to deliver a message given to them by the elf Iseela back in Dur-Taruk for  Toramundi, Chieftain of the Silver Hand Tribe that controls the carvanserai. With the mention of Iseela's name they are taken through confusing back alleys and underground passages until they are are ushered into a room where the chief sits cross-legged on the floor with a shaman.

Toramundi accepts the coded message. Egon asks him for help with information on Golothlay Canyon. He laughs and tells them he doesn't believe that the House Madar treasure exists, and he thinks they are on a fool's errand which can only lead to their deaths. Any other information will cost them.

Egon and Eowen pay his price in silver and obtain a map which will allow them to skirt some of the known dangers on the way to the canyon. Their employer, Urum ath Wo, is pleased because he has been unable to find a guide. He bids them bed down near the animals and heads off for better accommodations.


That night, while Eowen is on watch, she discovers two masked elves attacking some of the merchants in the party in their sleep. She sounds an alarm, and Egon and Keeb-Raa join the fight. They kill one assassin, but the other runs away. Eowen gives chase, but looses him in the twisting passages of the ancient structure.

Keeb-Raa manages to use his healing magics to stabilize the wounded merchant.

Re-post: Marriage as a Lifelong Building Project

Just Call Me Pastor - Mon, 11/29/2021 - 11:00

On December 20, Kathleen and I will have been married 74 years. And as we have from our wedding day onward, we both still look upon our relationship as a lifelong building project.

What exactly do married couples build into a marriage? After our decades together, here are some of our thoughts.

TRUST

We knew each other very well when, at age twenty-one on December 20, 1947, we made lifetime pledges of love and loyalty. Mutual trust was real from the outset. But after our simple wedding, trust had to be applied to many new experiences. Putting that initial trust to the test enriched it.

SHARED FAITH

From our first days in our one-room apartment, each morning after breakfast we would read a portion of Scripture, and then we both prayed, among other things, committing our precious union to the Lord. We still do this every morning at age ninety-five.  

FAMILY

Our daughter, Carolyn, arrived ten days before our first anniversary. We were young and declared that we would incorporate her into a youthful lifestyle that we thought needn’t change that much. But reality dictated otherwise. So we adapted joyfully to build a family.  

Eventually there were four children — Carolyn, Donald, Robert, and our youngest, John David, our special needs child. For John David, we weathered deep grief together as we were forced into special adaptations and eventually had to give him up to institutional care. Still, we would not let our heartache adversely affect the three older children.

We continued to build a family with the children God had given us — enlarged over time to include our children’s spouses, then grandchildren, and now great-grandchildren.

REPUTATION

Every marriage has an “inside” and “outside” reputation. What do growing children see from the inside? Do they see the same character and behavior in their parents at home and in public? What do onlookers see from the outside? Do they see the mutual respect and deference of a durable love, even at times of stress?

Marriage is about more than personal happiness. It is also about building a reputation that models Christian marriage to children, and that can encourage couples nearby who may still struggle.

AN ESTATE

“Estate” doesn’t necessarily mean a fortune. It means whatever joint possessions have come into being through the shared work and careful accumulations of husband and wife together. Estate may be only a bungalow and a modest bank account. Or it may be additional possessions, savings, and investments.

In this area, Kathleen and I built our estate with three purposes in mind: personal security for the closing years of our lives; gifts of love to leave the children; and something to bequeath to Christian causes we have supported in life and wish to continue to support after we have gone to be with the Lord.

To think of marriage as a lifetime building project gives a long-range perspective. It puts the present moment into a grander framework. And it keeps us thinking of how, even at 95, we can continue to build mutual trust, faith, family, reputation, and with our estate, the Kingdom.    

Photo credit: Holger Zscheyge (via flickr.com)

Categories: Churchie Feeds

REVIEW: Torchwood: The Red List – A Rich Character Drama of Isolation and Paranoia

Blogtor Who - Mon, 11/29/2021 - 08:00

McShane and Colchester have been assigned – Torchwood: The Red List provides rich, character based drama as the two quarantine buddies get cabin fever Amazingly, it’s now been six years since Big Finish’s Torchwood range began. Since the beginning it’s set new standards for Doctor Who related audio adventures and quickly grown to be one […]

The post REVIEW: Torchwood: The Red List – A Rich Character Drama of Isolation and Paranoia appeared first on Blogtor Who.

Categories: Doctor Who Feeds

1561

Looking For Group - Mon, 11/29/2021 - 05:00

The post 1561 appeared first on Looking For Group.

Categories: Web Comics

Doctor Who: UNIT’s Five Rounds Rapid!

Blogtor Who - Mon, 11/29/2021 - 00:11

Kate Stewart and UNIT are back on our screens in Doctor Who: Flux! Blogtor Who takes a look back at five times the defenders of the Earth were bang on target UNIT are back! The international task force dealing with anything from this world, or beyond, hasn’t graced our screens since 2016’s The Return of […]

The post Doctor Who: UNIT’s Five Rounds Rapid! appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Doctor Who Flux – Ep 5 – Survivors of the Flux: Twitter Reactions

Blogtor Who - Sun, 11/28/2021 - 20:45

The survivors of the Flux face danger and death across time and space, with the end of the universe in sight. But what did YOU think of it?   Survivors of the Flux was Doctor Who at its most epic, with perhaps never bigger stakes. And like most of this year’s episodes, it seems to […]

The post Doctor Who Flux – Ep 5 – Survivors of the Flux: Twitter Reactions appeared first on Blogtor Who.

Categories: Doctor Who Feeds

REVIEW: Doctor Who: ‘Survivors of the Flux’ – Revelations and chaotic time jumping

Blogtor Who - Sun, 11/28/2021 - 19:25

Following the dramatic conclusion to ‘Village of the Angels‘ the penultimate episode of Doctor Who: Flux was can’t miss television. But could ‘Survivors of the Flux‘ live up to expectations? *BEWARE! SPOILERS UP AHEAD!* So far Doctor Who: Flux has been a series of hits and misses. The Halloween Apocalypse was a miss with way too much […]

The post REVIEW: Doctor Who: ‘Survivors of the Flux’ – Revelations and chaotic time jumping appeared first on Blogtor Who.

Categories: Doctor Who Feeds

Pages

Subscribe to Furiously Eclectic People aggregator