Mira And The Legend Of The Djinns Is An Upcoming Metroidvania Inspired By Moroccan Mythology

Developer Little Knight Games has revealed Mira and the Legend of the Djinns, an upcoming 2D side-scrolling Metroidvania inspired by Moroccan mythology. Set to be published by Assemble Entertainment, which is publishing Endzone 2 this spring, Mira and the Legend of the Djinns is due out on PC via Steam this year. 

Mira And The Legend Of The Djinns Is An Upcoming Metroidvania Inspired By Moroccan Mythology

In classic Metroidvania fashion, you can expect plenty of enemies and secrets to discover with a variety of tools, items, and abilities as you progress through the game. Plus, unlockable moves add flair to your exploration and combat encounters as you attempt to uncover the secret of the last Djinn. 

Check out Mira and the Legend of the Djinns for yourself below:

[embedded content] 

“Not every ancient treasure belongs in a museum, as treasure hunter Yuba discovers within the debris of the kingdom of Fallen Amazgesh,” a press release reads. “There, Yuba meets a Djinn named Mira, a race long lost to the world of man, and the pair team up together to escape the ruins and discover Mira’s lost memories.”

Little Knight Games says the game’s combat “emphasizes fluidity and experimentation, and allows you to switch between weapons and elemental modes on the fly.” The Germany-based studio says it’s a team of seven people from different countries around the world and that Mira and the Legend of the Djinns is a love letter to Metroidvanias, “featuring a world based on the Moroccan and Amazigh mythology.” 

“Morocco has a rich culture filled with fantasy stories about Djinns and mysterious creatures,” the press release reads. “With the team’s diverse background, they wanted to show this in their very first game.” 

Other Mira and the Legend of the Djinns features include a sprawling map full of secrets, fast action combat, and a mystery to keep you pushing forward. 

Mira and the Legend of the Djinns is due out on PC this year. 

While waiting for its release, read Game Informer’s top 10 Metroidvanias to play right now

Are you interested in checking out Mira and the Legend of the Djinns? Let us know in the comments below!

Here Are The Horizon Forbidden West PC Specs And System Requirements

Horizon Forbidden West Complete Edition hits PC this month on March 21 and ahead of its release, developers Guerrilla Games and Nixxes, which is handling the PC port, have revealed the PC specifications and system requirements needed to run it. Perhaps unsurprisingly considering it’s one of the PlayStation 5’s prettiest games, you’re going to need a lot of PC power to run Horizon Forbidden West at its best. 

“If you prefer to tweak settings and visuals to your own liking, you’ll find plenty of options in the launcher and in the game menus,” a PlayStation Blog post reads. “Next to individual quality settings for textures, level of detail, shadows, water, terrain and more, you can use sliders to adjust the field of view and visual effects like motion blur and film grain. You’ll also find toggles to adjust full screen effects like radial blur, lens flares, bloom, and vignette to taste.” 

[embedded content]

Here Are The Horizon Forbidden West PC Specs And System Requirements

Below, we’ll list the minimum, recommended, high, and very high requirements alongside different processors, memory capacities, operating systems, and more needed to run the game. 

Minimum

  • Preset: Very Low
  • AVG Performance: 720p @ 30 FPS
  • Processor: Intel Core i3-8100 or AMD Ryzen 3 1300X
  • Memory: 16GB Ram
  • Graphics: Nvidia GeForce GTX 1750 4GB or AMD Radeon RX 5500XT 4GB
  • Storage: 150GB SSD space
  • OS: Windows 10 64-bit (version 1909 or higher)

Recommended

  • Preset: Medium
  • AVG Performance: 1080p @ 60 FPS
  • Processor: Intel Core i5-8600 or AMD Ryzen 5 3600
  • Memory: 16GB Ram
  • Graphics: Nvidia GeForce RTX 3060 or AMD Radeon RX 5700
  • Storage: 150GB SSD Space
  • OS: Windows 10 64-bit (version 1909 or higher)

High

  • Preset: High
  • AVG Performance: 1440p @ 60 FPS/4K @ 30 FPS
  • Processor: Intel Core i7-9700 or AMD Ryzen 7 3700X
  • Memory: 16GB Ram
  • Graphics: Nvidia GeForce RTX 3070 or AMD Radeon RX 6800
  • Storage: 150GB SSD Space
  • OS: Windows 10 64-bit (version 1909 or higher)

Very High

  • Preset: Very High
  • AVG Performance: 4K @ 60 FPS
  • Processor: Intel Core i7-11700 or AMD Ryzen 7 5700X
  • Memory: 16GB Ram
  • Graphics: Nvidia GeForce RTX 4080 or AMD Radeon RX 7900XT
  • Storage: 150GB SSD
  • OS: Windows 10 64-bit (version 1909 or higher)

If you’re picking up Horizon Forbidden West Complete Edition, here’s a quick reminder of everything this edition includes, alongside the preorder rewards: 

Here Are The Horizon Forbidden West PC Specs And System Requirements

Horizond Forbidden West Complete Edition hits PC on March 21. 

While waiting for its launch, read Game Informer’s Horizon Forbidden West review and then read our review of its Burning Shores expansion. After that, read Game Informer’s review of the PlayStation VR2 exclusive Horizion Call of the Mountain, which might soon be playable on PC now that Sony is looking into PC support for it

Are you picking up Horizon Forbidden West Complete Edition on PC later this month? Let us know in the comments below!

Here’s Why You Should Always Log Out of WordPress

We may think we know WordPress security. But we can’t underestimate the task at hand. It seems that surprises lurk around every corner.

Consider a recent report from the security firm We Watch Your Website, for example. The report claims that 60% of hacked WordPress sites stem from stolen session cookies. I sure didn’t see that one coming.

We know about using strong passwords and setting file permissions. We understand the importance of updating our WordPress installs. We may even use a security plugin or two.

However, even the most security-conscious among us can miss things. That one oversight can lead to a hacked website. And that’s despite taking a bevy of security measures.

Stolen session cookies weren’t on the radar. So, what can we do to prevent this from happening? The author of this report has some advice.

How to Prevent Stolen Session Cookies

Thomas J. Raef is the author of “The Real Attack Vector Responsible for 60% of Hacked WordPress Sites in 2023.” His report demonstrates the threat of stolen session cookies in great detail. And a recent appearance on the WP Tavern Jukebox podcast shed more light on the subject.

But what about remedies? How do we stop these attacks from impacting our websites? I asked Raef for some preventative tips. The answer is as simple as logging out.

Our interview was lightly edited for clarity and brevity.

How do session cookies get stolen?

Thomas J. Raef: If it’s not WordPress, they’re frequently stolen via cross-site scripting. However, WordPress uses the HttpOnly option in the headers. So, that prevents cookie theft in WordPress via XSS.

The main way is by info stealers. If you Google the term, you’ll see it’s almost as popular as ransomware. Some ransomware hackers are starting to use info stealers more for their infections. Info stealers are designed to evade detection from most anti-malware programs. Some are dedicated to evading detection on Windows, others on Macs.

They typically steal everything possible in about 10 seconds. Some ask, why would they bother stealing WordPress session cookies if they’re also stealing bank logins, etc. But look at the cybercriminal industry. What do they need for the majority of their attacks? Oh, a legitimate website to infect unsuspecting visitors.

They steal the session cookies because it totally bypasses 2FA (Two-Factor Authentication), MFA, etc. because the user is still authenticated. As long as the cookie hasn’t expired.

Here’s Why You Should Always Log Out of WordPress

Raef’s report shows that nearly 60% of hacked WordPress websites were the result of stolen session cookies.
Image credit: We Watch Your Website

How can we secure our devices against this type of threat?

TJR: The easiest way is to remember to log out. That’s it! When you log out you expire the cookie. If you just close your browser window, it leaves the cookie active. So, if it’s stolen, it can be used by anyone.

One simple prevention is using SolidWP (Solid Security). Their Trusted Devices feature uses the IP address to generate the session cookie. If it’s stolen, it can’t be used anywhere other than where it was originally created. Those two things are the best way to prevent session cookies from being used against your sites.

Are there any changes the WordPress project could take to increase the security of session cookies?

TJR: Possibly. If there was a procedure that checked for inactivity after 30 minutes, and then automatically logged out the user, that might help. But I believe that would involve JavaScript and that’s getting too complicated. They already include the HttpOnly option, so they’re doing a lot to prevent this from being even bigger.

Do you have any other advice for web designers managing WordPress sites?

TJR: Make sure that everyone with admin access to your site is also focused on sanitary procedures for all local devices. We’re seeing more and more sites being infected due to malware on the local device of an admin. It can steal usernames, passwords, and session cookies.

2FA can stop the usage of username and password, but not session cookies. Tell all devs to log out! It’s quite simple and 100% effective.

One thing we’re starting to see more of is hackers attacking from the local device. Not stealing session cookies or anything else, just piggybacking on a legitimate admin session.

We see the legit IP address of an admin, and they’re doing their work and then suddenly from the same IP address at the same time, the legit admin is working – BAM! – a bogus plugin is installed from the same IP address!

The hackers have control over the local device and they’re attacking from that device. This supports the fact that you MUST be concerned about the health and well-being of your local devices.

Make sure your device is secured and free from malware.

Your Device Is Also a Factor in Website Security

A compromised computer or mobile device can impact your website’s security. On the surface, this theory makes sense. However, we typically don’t hear much about it.

Website security usually means a focus on the site itself. We attempt to filter out malicious traffic. And we employ various methods to prevent direct attacks.

It’s past time to look at our devices as well. You know, the systems we use to log into our websites. Good security should start there.

An info stealer can do untold damage in mere seconds. We won’t know the consequences until it’s too late. Let’s do something about it.

Follow best practices to secure your device – and encourage your clients and colleagues to do the same. A few simple steps could prevent a catastrophe.

And to follow Raef’s advice: Be sure to log out of your website! An expired session cookie is useless. Thus, it can’t do any harm.

Many thanks to Thomas J. Raef for chatting with us! Check out more of his security advice at We Watch Your Website.

Related Topics


Top

Anthropic’s latest AI model beats rivals and achieves industry first

Anthropic’s latest cutting-edge language model, Claude 3, has surged ahead of competitors like ChatGPT and Google’s Gemini to set new industry standards in performance and capability. According to Anthropic, Claude 3 has not only surpassed its predecessors but has also achieved “near-human” proficiency in various tasks….