Feed aggregator

The Emmy-winning actor takes the lead in the twist-fueled murder mystery.

• Eclipsa Audio is a Dolby Atmos rival from Samsung and Google
• It's in Samsung's 2025 TVs and soundbars, Chrome and YouTube
• But it isn't in Samsung's earbuds or phones yet…

Imagine you've created an amazing new platform for audio, and you want the world to use it. And imagine that you've also got the world's eyes on you because you're launching one of the world's most desirable smartphones. Would you:

(a) Use the phone launch to promote your amazing new audio?

or (b) Not do that?

Surprisingly, Samsung chose (b) for its launch of the Samsung Galaxy S25. We really thought we'd be seeing (and hearing) support for Eclipsa Audio, Samsung and Google's rival to Dolby Atmos. But no. And that's really weird.

A total Eclipsa

It's really weird because we know that Eclipsa is coming to Android. It's in a coming-soon version of the Android Open Source Project (AOSP). But software support is only part of what you need to launch a new format. You need people to know about it too, and most of all you need people to be excited about it. And the best way to do that is to let people listen to it.

The Samsung Galaxy S25 launch would have been a great opportunity to make the hype train at least start to choo-choo – and Samsung has already started to talk about Eclipsa in its other products, because it's coming to its 2025 soundbars and TVs. But the Android audio market is potentially much bigger than the soundbar one, and there's still no sign of Eclipsa's arrival.

You could say – and I'm sorry for what I'm about to type – that there's been a total Eclipsa so far.

We really thought Samsung would use the Unpacked event to talk about Eclipsa, and to announce an update for the Samsung Galaxy Buds 3 Pro to support it, since you also need something to listen on.

I suspect one of the reasons Samsung didn't do that is because there isn't much to listen to that uses the format. There isn't support for it on the best streaming services, other than YouTube in the future.

As my colleague Matt Bolton wrote earlier this month, even if Samsung had announced Eclipsa Audio support it still needs more: "Samsung's support alone won't be enough to build momentum for Eclipsa – it really needs to get the hottest headphones makers for all budgets on board to make it feel like a must-have feature."

But in the phones and earbuds world right now, Eclipsa doesn't even seem to have Samsung (or Google, for that matter). At least not yet. Perhaps the inevitable August Samsung Unpacked will see the planets align for Eclipsa.

You might also like

• Our Samsung Galaxy Buds 3 Pro review
• Samsung Galaxy Buds 3 Pro vs Google Pixel Buds Pro 2
• The best headphones for TV

• AMD’s Ben Conrad was interviewed by Notebookcheck.net
• The exec was asked about the prospects for RDNA 4 laptops in the future
• Conrad’s reply was vague, but clearly hints that we shouldn’t expect anything on the RDNA 4 mobile front in the near future

AMD’s RDNA 4 graphics cards are coming to desktop PCs soon, in March 2025, but if you were hoping these next-gen GPUs could be in one of the best gaming laptops in anything like the near future, well, you can seemingly forget about that idea.

This nugget of news comes from an interview that Notebookcheck.net conducted with AMD’s Ben Conrad, who is Director of Product Management for Premium Mobile Client at the company (via VideoCardz).

The tech site asked the following question: “Do you see prospects for RDNA 4 laptops going ahead? Unfortunately, the number of AMD dGPU-based laptop SKUs have been pretty anemic.”

Conrad replied: “Our current graphics strategy is focused on the desktop market with RDNA 4. So, I think you’ll see those types of products first in the future. Certainly, RDNA 4 and future graphics technologies will make it into mobile, whether they be on APUs or future products.”

To clarify, dGPU-based laptops means notebooks with discrete graphics cards, meaning a separate GPU, rather than integrated graphics (built into the processor, which is the solution a good number of laptops run with, due to space constraints and thermal factors).

So, the idea of a discrete mobile RDNA 4 graphics card – the laptop equivalent of the RX 9070 desktop card, say – is not something on AMD’s nearer-term radar. We may get RDNA 4 products for mobile eventually, but Conrad is pretty vague about when that might happen, which makes it sound like it’s something that’s on the backburner for now.

For 2025, then, it looks like the beefy GPUs for gaming laptops are going to be Nvidia’s RTX 5000 mobile graphics cards, and they won’t be challenged by any discrete RDNA 4 offerings.

(Image credit: Future / John Loeffler) Analysis: Not a surprise, really

Is this a big surprise? Not exactly, because Radeon hasn’t been a huge presence in discrete laptop GPUs anyway, and on top of that, RDNA 4 has been a weird generation from AMD. By which I mean on the desktop, it was purportedly cut back to mid-range GPUs as the fastest offerings (rumors point to a high-end solution being on the table initially), with Team Red seemingly focusing on making bigger moves with the next generation. (That could be RDNA 5, or maybe UDNA instead, which is thought by some to be the next step on AMD’s graphics roadmap).

There have also been rumors from some time ago that RDNA 4 is not planned for laptops, even in the form of APUs with integrated graphics, for quite some time. AMD’s big new APUs (including Strix Point Halo, which there’s some major excitement around) are using an integrated GPU that’s RDNA 3.5 (a refresh of RDNA 3, somewhat honed), not RDNA 4.

Indeed, the rumor mill has previously put forward the idea that RDNA 3.5 (or RDNA 3+ as it’s alternatively known) will be used in integrated GPUs in AMD’s APUs for this year, and in 2026.

Of course, all this is very much deep into the realm of speculation, but Conrad’s comments here certainly fit with the idea that RDNA 4 is going to be desktop GPUs only for the foreseeable future.

That doesn’t mean nothing exciting is happening with AMD on the laptop front, of course, because Strix Halo is certainly a huge development, but for thinner gaming laptops with integrated graphics, which are very different beasts to larger notebooks with discrete GPUs. Still, the claim is that the integrated graphics in the Ryzen AI Max+ 395 (Strix Halo) APU outdoes the RTX 4070 laptop graphics card, an eyebrow-raising assertion.

You might also like...

• Trust me, 2025's lineup of gaming handhelds may be the best yet with Aokzoe's A1 X taking the fight to the Nintendo Switch 2 and Asus ROG Ally X
• Still worried RTX 5000 GPUs don’t have enough VRAM? Nvidia’s secret weapon is powerful AI texture compression, and it’s calmed some of my fears
• AMD vs Nvidia: who is the graphics card champion?

• Limited edition Tracks headphones in collaboration with Brain Dead
• Even more limited edition Unit-4 wireless studio monitors
• Headphones are $70 / £60; speakers are $400 / £330

Looking at the image above you might think we've been hurled into a DeLorean and taken back to a sci-fi themed '80s club. But these headphones are as contemporary as headphones get.

The headphones are a new, limited edition version of AIAIAI's Tracks headphones, made in collaboration with creative fashion brand Brain Dead – a firm AIAIAI has worked with previously, with their collaboration selling out in minutes. And there's a matching speaker, a "highly limited edition" of the AIAIAI Unit-4 studio monitor.

(Image credit: AIAIAI / Brain Dead) What does this creative collaboration deliver?

As with a lot of Brand X Brand team-ups, these are existing products given a makeover. And that's no bad thing. While the Tracks headphones may look like the orange-felt horrors that came with early '80s Walkman cassette players, they won't sound like them: their 40mm drivers have been praised for their surprisingly bold bass.

It's the same story with the Unit-4, which has been praised by audio experts: they're excellent near-field studio monitors whose low-lag wireless capability make them stand out from the crowd (this is something of a specialism for AIAIAI, which makes wireless low-lag DJ headphones too).

The collaboration was intended to "highlight the rich music culture of Los Angeles", and the launch event this past weekend gave all its proceeds to the California Fire Fund. There's also a compilation tape for people further away to contribute to the cause.

The Brain Dead versions of the Tracks headphones and Unit-4 speaker will be available from AIAIAI, Brain Dead and selected retailers from January 28. The Tracks are $70 / £60 / about AU$111 and the Unit-4 are $400 / $330 / about AU$635.

You might also like

• The best headphones for all kinds of ears
• Why we love this modern take on the classic cassette player
• 45 years of the Walkman, the world's favorite tape deck

The Chinese AI company may be about to burst Silicon Valley's bubble.

(Image credit: Greg Baker)

Another streaming service raises its prices.

• Microsoft's Windows 11 24H2 update continues to affect PC users, with new Bluetooth and webcam issues
• Windows is failing to detect webcam and has audio playback issues on Bluetooth audio devices
• The latest KB5050009 (24H2) and KB5050021 (23H2) builds appear to be responsible

It's not a secret that Microsoft's Windows 11 24H2 has been a massive problem for plenty of PC users, with bugs and functionality issues present across the board, which has more recently affected gamers - and now, it looks like a new set of issues have arrived to cause more frustrations.

As reported by Windows Latest, the most recent 24H2 KB5050009 build is leaving users with webcams that aren't being detected and Bluetooth audio devices no longer working even when connected to a system. I can corroborate this last point, as Windows 11 shows Bluetooth audio devices as connected, but without any audio, leaving headphones and more useless for the time being.

Windows Latest claims states that this audio issue occurs on both KB5050009 (24H2) and KB5050021 (23H2), along with USB DAC ports not working with the latter.

The only fix for the Bluetooth issue (as of now) is uninstalling the recent update, while the webcam problems reportedly require a reinstallation of Windows 11. Considering the effort it takes for both supposed fixes, it might be better to wait for Microsoft to address the matter with a patch - but who knows if that won't introduce new issues as well.

The biggest problem here is that it can be hard to diagnose some of the reported issues - there’s an abundance of different PC setups, with different applications installed which could be responsible for some bugs. In this case, it appears that it's indeed a widespread issue (notably with webcams), with users of Microsoft's Feedback Hub voicing their complaints.

(Image credit: Shutterstock / Melnikov Dmitriy) Alright, it's time to stick with SteamOS via Bazzite for now...

If Windows 11 24H2's update breaking multiple games wasn't bad enough already, the Bluetooth issues have taken matters to a new level of frustration. Since I use Windows 11 primarily for gaming, this has hit me - and audio playback on Bluetooth devices isn't the only issue I've run into, as the taskbar and quick settings both become unresponsive (even after pressing the Windows key), forcing me to restart the system.

This isn't ideal for gaming or even general usage, especially when coupled with random slowdowns and stutters in multiple games - Ubisoft's hand was forced to update its Assassin's Creed games that were facing constant crashes. It's already a pain having to deal with PC ports and figuring out what might be the cause behind occasional stutters and more, and 24H2 has added to this.

Until these problems are fixed, I feel like I need another operating system to run my games on. Since Bazzite (and Valve's SteamOS) are far more suitable to use on a handheld gaming PC, I would be cautious about installing it on a desktop PC - and I've only tested Bazzite on the Asus ROG Ally, but if it means I have to use my handheld over my powerful desktop machine while Microsoft puts these issues to bed, then so be it.

You may also like...

• I can't believe I'm saying this, but Nvidia, good on you - RTX 4000 series GPUs will receive DLSS Frame Generation enhancements this month
• Don’t want to upgrade to Windows 11? Microsoft’s upcoming Drag Tray feature could change your mind
• Microsoft is finally fighting back against the rise of SteamOS by overhauling Windows 11 to be better on handhelds

• Researchers find hackers using VMware ESXi's SSH tunneling in attacks
• The campaigns end up with ransomware infections
• The researchers suggested ways to hunt for indicators of compromise

Cybercriminals are using SSH tunneling functionality on ESXi bare metal hypervisors for stealthy persistence, to help them deploy ransomware on target endpoints, experts have warned.

Cybersecurity researchers from Sygnia have highlighted how ransomware actors are targeting virtualized infrastructure, particularly VMware ESXi appliances, enterprise-grade, bare-metal hypervisors used to virtualize hardware, enabling multiple virtual machines to run on a single physical server.

They are designed to maximize resource utilization, simplify server management, and improve scalability by abstracting the underlying hardware. As such, they are considered essential in data centers, cloud infrastructures, and virtualization solutions, and offer a tunneling feature, allowing users to securely forward network traffic between a local machine and the ESXi host over an encrypted SSH connection. This method is commonly used to access services or management interfaces on the ESXi host that are otherwise inaccessible due to network restrictions or firewalls.

Attacking in silence

The researchers say ESXi appliances are relatively neglected from a cybersecurity standpoint, and as such have been a popular target for threat actors seeking to compromise corporate infrastructure. Since they’re not that diligently monitored, hackers can use it stealthily.

To break into the appliance, crooks would either abuse known vulnerabilities, or log in using compromised admin passwords.

“Once on the device, setting up the tunneling is a simple task using the native SSH functionality or by deploying other common tooling with similar capabilities,” the researchers said.

“Since ESXi appliances are resilient and rarely shutdown unexpectedly, this tunneling serves as a semi-persistent backdoor within the network.”

To make matters worse, logs (the cornerstone of every security monitoring effort) are not as easy to track, as with other systems. According to Sygnia, ESXi distributes logs across multiple dedicated files, which means IT pros and forensic analysts need to combine information from different sources.

That being said, the researchers said IT pros should look into four specific log files to detect possible SSH tunneling activity.

Via BleepingComputer

You might also like

• BlackByte ransomware returns with new tactics, targets VMware ESXi
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

We found good deals on utterly giftable WIRED-approved gadgets.

• Security researchers find way to abuse Meta's Llama LLM for remote code execution
• Meta addressed the problem in early October 2024
• The problem was using pickle as a serialization format for socket communication

Meta's Llama Large Language Model (LLM) had a vulnerability which could have allowed threat actors to execute arbitrary code on the flawed server, experts have warned.

Cybersecurity researchers from Oligo Security published an in-depth analysis about a bug tracked as CVE-2024-50050, which according to the National Vulnerability Database (NVD), carries a severity score of 6.3 (medium).

The bug was discovered in a component called Llama Stack, designed to optimize the deployment, scaling, and integration of large language models.

Meta issues a fix

Oligo described the affected version as “vulnerable to deserialization of untrusted data, meaning that an attacker can execute arbitrary code by sending malicious data that is deserialized."

NVD describes the flaw like this: “Llama Stack prior to revision 7a8aa775e5a267cf8660d83140011a0b7f91e005 used pickle as a serialization format for socket communication, potentially allowing for remote code execution”.

“Socket communication has been changed to use JSON instead,” it added.

The researchers tipped Meta off about the bug on September 24, and the company addressed it on October 10, by pushing versions 0.0.41. The Hacker News notes the flaw has also been remediated in pyzmq, a Python library that provides access to the ZeroMQ messaging library.

Together with the patch, Meta released a security advisory in which it told the community it had fixed a remote code execution risk associated with using pickle as a serialization format for socket communication. The solution was to switch to the JSON format.

LLaMA, or Large Language Model Meta AI is a series of large language models developed by social media giant, Meta. These models are designed for natural language processing (NLP) tasks, such as text generation, summarization, translation, and more.

More from TechRadar Pro

• Meta is letting the US military use its Llama AI model for ‘national security applications’
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

Review info

Platform reviewed: PS5
Available on: PS5, Xbox Series X|S, PC
Release date: January 28, 2025

As part of a traveling band of outcast mages known as weavers in a time when magic is shunned, you could be forgiven for assuming that Eternal Strands is a role-playing game (RPG) with a party of richly drawn characters like the Dragon Age games. Not least when developer Yellow Brick Games' creative director is ex-BioWare Mike Laidlaw.

However, rather than dwelling on moral conundrums or building relationships, this is very much a capital A action RPG that has a mix of modern The Legend of Zelda's free-climbing and physics-based smashing and titanic encounters like those in Shadow of the Colossus. And while it may not reach the same heights of its inspirations, it nonetheless offers something unique with how you engage with its magical elements.

Strand game

(Image credit: Yellow Brick Games)

You play as Brynn, a weaver who knows her way around a sword and bow. It's her use of elemental magic powers, strands, that makes her stand out, however.

We all know that fire burns, ice freezes, that fire is effective against ice, and vice versa. But rather than just a simplistic rock, paper, scissors approach, the laws of thermodynamics are carefully applied. You don't just shoot ice to freeze an enemy completely, but if you can encase a dragon's feet with ice then it will stop them from taking off in the air. But get too close yourself and you'll also take damage if you're not properly protected from the cold.

These strands must be earned by felling the big bad monsters and arks (ancient colossal machines) that roam more than half a dozen of the maps that make up a secluded realm known as the Enclave. While you could just keep thwacking them until their health bar's gone – you're also encouraged to deal damage to all parts of their body – figuring out the steps to expose their weakness that allows you to harvest their strand.

It feels especially badass clinging onto these bosses for dear life then reaching into their glowing weak spot, sending the titan crashing down regardless of how much health they still have.

Best bit

(Image credit: Yellow Brick Games)

While there's a strong emphasis on flame and frost, kinetic powers are probably my favorite. Weaver's Grasp is terrific when you can grab and hurl containers or lanterns that set off a chain of explosions, while a strand that unlocks in the latter half creates a kind of speeding warp tunnel that makes it possible to launch yourself in the air – even cooler if you use it to grab onto a flying monster!

It would feel epic if these were one-offs like in Shadow of the Colossus. However, the structure here is designed so that you'll have to fight them multiple times Monster Hunter-style to upgrade your gear, or powers, or to advance the story.

The loop diminishes somewhat on repeat because, once you know how to take down one of them, it becomes very straightforward and I found myself rinsing and repeating the same tactics. What does keep you on your toes is a more deadly enemy type that appears partway through the story that hits harder and requires flame or frost powers to finish off.

A good time, not an eternal time

(Image credit: Yellow Brick Games)

Much of Eternal Strands is divided between a hub where you spend time with your weaverband companions and teleporting to different parts of the Enclave, made up of impressively large buildings to scale or underground caverns to delve deeper into. It's worth exploring every nook and cranny, as you'll find new information about an area, as well as recipes for crafting new gear.

The weaverband and other characters you eventually meet in the Enclave are well-written with their own arcs and issues, tackling topics like mental health and redemption, and there's even a married couple who just about stay on the right side of endearing.

Personally, I was more interested in their function than their chattiness, such as Casmyn's ability to increase the number of tonics I can carry or Sola's forge that doesn't just let you create new gear, but even reforge something you already have with better materials.

(Image credit: Yellow Brick Games)

That said, my gripe comes from having to return to the hub more often than I'd like. There's a stop-start nature to missions where, after you've found something, you just drop what you're doing and have to teleport back to the hub to debrief with the gang before you can continue the story.

You can, of course double, up the mission by fighting a boss too, though because you can't refill your supplies until you're back at camp you're at a disadvantage, and - if you die you lose most of your loot. At the same time, once you've explored these maps, the second half feels a bit padded, as you're just revisiting the same areas as initially optional boss hunts suddenly become mandatory. A day and night cycle that also changes weather and enemy locations does at least things up here.

Nonetheless, these are minor complaints as the story avoids overstaying its welcome. Its mechanics may not sustain a much longer gameplay loop like Tears of the Kingdom or Monster Hunter World but then this is not trying to be an epic timesink.

With its novel use of magic and colossal set pieces, Eternal Strands is a fun and breezy adventure to kickstart 2025.

Should you play Eternal Strands? Play it if...

You like an interesting mix of combat options
The physics-based magic is definitely a highlight in Eternal Strands when it comes to combat and exploring its world.

You like fighting giant monsters and ancient machines
There's a mix of Monster Hunter and Shadow of Colossus in taking on the game's large enemies, identifying their weaknesses, and enjoying the catharsis or taking one down for the first time.

Don't play it if...

You're expecting a choice-driven RPG
As an action RPG, Eternal Strands is very much focused on the action side with an authored story rather than making your own choices. There is nonetheless a rich cast of companions with their own questlines and plenty of optional dialogue for fleshing out the world.

Accessibility

Eternal Strands' options menu provides a suite of accessibility features. Subtitles can be toggled on, off, or only during cinematics and voiceovers, with three font sizes and the option to display on a background. Colorblind options can be set according to type and severity.

If you don't have headphones, there is a night mode, which raises the volume of ambient sound while making explosion sounds less prominent. Game difficulty can be adjusted at any time, which only affects your maximum health and the amount of health recovered from vitality tonics. In easy mode, vitality tonics are restored after defeat.

How I reviewed Eternal Strands

(Image credit: Yellow Brick Games)

I played Eternal Strands for 20 hours on my PS5 Pro, which allowed me to complete the main story and some side quests, although that didn’t include upgrading every strand to max level or completing all companion questlines, which would extend the game’s length.

There are no specific graphics modes apart from an option to turn on and off depth of field in-game.

Throughout, I used an LG C2 OLED TV with the default TV speakers and a DualSense Edge controller.

First reviewed January 2025

Check out Walton Goggins, Jason Isaacs and Natasha Rothwell, reprising her role as Belinda.

• Mark Gurman's latest Power On newsletter notes 'camera-equipped AirPods'
• AirPods are just one wearable product Apple allegedly wants to fit with cameras
• The question is, are IR cameras enough to beat Meta and Samsung?

Like the idea of your AirPods seeing what you see – even if it's just the same tired faces on your daily commute? Apple CEO Tim Cook clearly does, although AirPods are just one Apple product the Cupertino giant is reportedly looking to equip with cameras.

That's according to Mark Gurman's latest Power On newsletter (Sunday, January 26), anyway. The report states that lukewarm demand for Apple's bulky Vision Pro has led Apple execs to concentrate their efforts on AR glasses as the "superior" option, but that those same people in the know at Apple "don’t think a (glasses) product will be ready for three years or more."

So, in the meantime, the company is exploring other types of wearable products that could benefit from cameras, including – but not limited to – camera-equipped AirPods.

This isn't the first time Gurman's mentioned it, either. In February 2024, the noted Apple analyst reported that Apple was exploring AirPods with cameras. Also, six months ago, fellow analyst Ming-Chi Kuo claimed future additions to the best AirPods could be Apple earbuds that include infrared cameras to be paired with your Vision Pro headset and thus create a spatial audio experience to trounce any Meta Orion rivals. And as we know, in the world of rumors and predictions, two noted tipsters saying the same thing is infinitely better than one…

We were warned not to get too excited, though; IR-enabled AirPods aren't going to be available imminently, with mass production not expected to start in 2026 (which had us wondering in October whether Apple can still beat Meta's smart glasses by adding cameras and AI to AirPods Pro).

And just five days ago (January 22), as if to add insult to injury, it was reported that Meta and Samsung are also looking into earbuds with cameras, following Apple's lead with AirPods.

Can Apple win the race to put its eyes in your ears – and will it matter?

With camera-equipped AirPods possibly two to three years away, it feels like the door's wide open for rivals to step in and further dominate the AR space. Even if Meta and Samsung are playing catch-up on actually putting IR cameras in earbuds, the Meta Orion has been slated for a 2027 release (alongside Oakley smart glasses for athletes), and that's just for starters.

Another camera-enhanced rival product that jumps to mind is the hotly-anticipated improved Meta Ray-Ban smart glasses, which could land in 2025 – with a "single small in-lens screen." No, they won't be the full-ticket (and very impressive) Meta Orion AR glasses prototype, but Meta's next step will almost certainly have Apple execs a little rattled.

What about Apple's other plans for its AirPods? Well, the long-promised heart-rate monitor could be one step closer as the company seeks to make its earbuds the most capable earbuds for tracking your health on the market. But it's unlikely that heart-rate monitoring will arrive in AirPods Pro 3 because (also according to Gurman late last year) although Apple's made great strides in this area particularly, the accuracy isn't quite there yet.

Back to the notion of cameras in your AirPods quickly, though, and – because it may not be immediately apparent why you'd want eyes in your ears – it's best to think of them working in conjunction with your other Apple tech rather than simply AirPods that can see.

For example, an IR camera might perform the same function as capacitive sensors for gesture control while offering a wider field of vision for your Vision Pro. Your all-seeing AirPods might also feed data to your Apple Watch or perhaps ping information to your iPhone in future versions of Apple Intelligence – hopefully not just targeted ads about the bar, store, or gym you just glanced at, but let's acknowledge the thought.

Finally, putting cameras in your listening gear could greatly benefit Apple's purported (albeit three years in the pipeline) AR glasses. It goes without saying that they'll need to be light and comfortable to compete. One way of shaving a few grams off the frame? Put the camera in your ears.

Will it be enough to beat the competition, given AirPods undeniable popularity – and most importantly, should we all take a leaf out of the great David Bowie's book and sit right down, waiting for the gift of sound and vision? I'm not so sure, but then again, it wouldn't be the first time Apple's arrived late to the party and then walked all over it…

You may also like

• See our pick of the best earbuds
• Need over-ears? See our roundup of the best headphones
• Sony's next flagship headphones leak in official docs, and now I'm getting excited

• A security vulnerability in Microsoft Exchange servers remains largely unpatched
• A fix was issued four years ago, but some users clearly didn't update
• This flaw may have aided the hacking group Salt Typhoon

Critical security vulnerabilities seem to be a regular occurrence in technology reporting, with countless patches and updates to keep track of - but this Microsoft Exchange Server flaw might be one to take very seriously.

Most of us will be familiar with the major incident in which 9 US telecom giants were breached in what appeared to be a Chinese state sponsored cyber-espionage campaign. The attack, attributed to hacking group Salt Typhoon, is said to have, at least in part, exploited a known critical security flaw in Microsoft Exchange Server.

The vulnerability, nicknamed ProxyLogon, was disclosed by Microsoft in 2021, and a patch has been available for 4 years. Despite this, cyber-risk management company Tenable has calculated in nearly 30,000 instances affected by ProxyLogon, 91% remain unpatched.

CISA guidance

The US Cybersecurity and Infrastructure Security Agency (CISA) previously released in-depth guidance on strengthening visibility and hardening systems and devices in response to the breach, and have emphasized end-to-end encryption for secure communications.

The ProgyLogon is one of five commonly exploited vulnerabilities used by Salt Typhoon. Others include Ivanti Connect Secure Command Injection and Authentication Bypass vulnerabilities, as well as a Sophos Firewall Code Injection Vulnerability.

In light of this, the recommendation and advice for any security teams out there is to always patch where available, and keep as up to date as possible on any software for potential vulnerabilities or fixes.

“In light of the vulnerabilities exposed by Salt Typhoon, we need to take action to secure our networks” said Federal Communications Commission Chairwoman Jessica Rosenworcel.

“Our existing rules are not modern. It is time we update them to reflect current threats so that we have a fighting chance to ensure that state-sponsored cyberattacks do not succeed. The time to take this action is now. We do not have the luxury of waiting.”

You might also like

• Check out our list of the best firewall software around today
• ‘You’re fired’ - Salt Typhoon investigative body gets the axe in US government cuts
• We've also rounded up the best antivirus on offer right now

• Security researchers spot new piece of malware called J-Magic
• It listens to traffic in anticipation of a "magic package"
• Once detected, J-Magic initiates the deployment of a backdoor

Hackers have been found targeting companies in the semiconductor, energy, manufacturing, and IT sectors, with a unique piece of malware called J-magic, experts have warned.

A new report from the Black Lotus Team at Lumen Technologies revealed unnamed threat actors repurposed cd00r - a stealthy, backdoor Trojan designed to provide unauthorized access to a system, initially designed as an open source proof-of-concept for educational and research purposes in cybersecurity.

The repurposed Trojan, dubbed “J-magic”, was being deployed to enterprise-grade Juniper routers serving as VPN gateways. The researchers don’t know how the endpoints got infected, but in any case, the Trojan was sitting silently until the attackers sent it a “magic” TCP package.

SeaSpy2 and cd00r

“If any of these parameters or “magic packets” are received, the agent sends back a secondary challenge. Once that challenge is complete, J-magic establishes a reverse shell on the local file system, allowing the operators to control the device, steal data, or deploy malicious software,” the researchers explained.

The campaign was first spotted in September 2023, and lasted roughly until mid-2024. Black Lotus could not say who the threat actors were, but said that elements of the activity “share some technical indicators” with a subset of prior reporting on a malware family named SeaSpy2.

“However, we do not have enough data points to link these two campaigns with high confidence,” they said.

In any case, SeaSpy2 is also built on cd00r, and works in similar fashion - scanning for magic packets. This persistent, passive backdoor, masqueraded as a legitimate Barracuda service called "BarracudaMailService," allows threat actors to execute arbitrary commands on compromised Barracuda Email Security Gateway (ESG) appliances.

SeaSpy was apparently built by UNC4841, a Chinese threat actor.

Via BleepingComputer

You might also like

• UnitedHealth confirms major cyberattack, says hackers stole "substantial" amount of patient data
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

As the CMA scrutinizes Apple's WebKit restrictions and Google's revenue-sharing deals in the UK, the DOJ proposes Chrome's sale in the US. Could other browsers finally get their chance to innovate?

The mobile browser market isn't working as well as it could for businesses and millions of phone users – that's the verdict not only from the UK's Competition and Markets Authority's (CMA) recent investigation, but also from the US Department of Justice (DOJ), which has proposed forcing Google to sell off Chrome as part of antitrust remedies. As the founder of a privacy and security-focused browser, I've watched this space evolve, and these findings reflect many of the challenges we've observed firsthand.

The numbers tell a striking story. In the UK alone, Safari commands an 88 per cent share of mobile browsers on iOS, while Chrome holds 77 per cent on Android. This dominance mostly stems from two significant market dynamics. The first of these is Apple's requirement that all iOS browsers must use its WebKit engine. This limits what developers can achieve – a restriction that notably doesn't exist on Apple's desktop operating system macOS, or on Android devices.

It's important to note that these limitations can be major, leading to one of the CMA's main points – the stifling of mobile browser innovation. It directly impacts what we can offer users. When browsers want to implement additional security features like 'Safebrowsing mode' for warning users about dangerous sites, or 'site isolation' for protecting against malicious attacks, for example, they're constrained by WebKit's limitations. Even large companies like Meta face these restrictions – the social media giant is unable to build its own customized in-app browser experience on iOS, despite having millions of users through apps like Facebook and Instagram.

To be clear, WebKit is an undoubtedly capable engine, and is one of several excellent options alongside other offerings like Chromium and Mozilla's Gecko. But the issue isn't about WebKit's quality. Rather, it's about the lack of choice. Apple maintains that this requirement is necessary for security, which is a valid concern. Nobody wants malicious browsers accessing banking apps or stealing data, after all. However, Apple already has robust certification processes in place for browsers, including special certificates and extensive checks. As browser developers, we're open to additional security measures – whether that's source code audits or Apple employees visiting our offices to verify our practices. The mechanisms for ensuring browser security already exist – they just need to be applied to non-WebKit browsers as well.

Stifling innovation

The second, and perhaps more fundamental issue, involves the revenue-sharing arrangement between Google and Apple for mobile browsers on iOS. According to the CMA's findings, Google pays Apple a significant share of the search advertising revenue earned from traffic on both Safari and Chrome on iOS. This creates an unusual competitive dynamic – the revenue share that each company earns from their competitor's product is lower, but similarly significant to what they earn from their own browsers.

Or to put it another way – the current arrangement fundamentally reduces the financial incentives for browser competition on iOS. The motivation to compete aggressively with innovative features is diminished when the financial gain from winning new users is minimal. This helps explain why, despite the mobile web being such a crucial part of our daily lives, we've seen relatively limited innovation in core browsing functionality. The CMA's investigation marks the first time a major regulator has specifically scrutinized these revenue-sharing arrangements, and their impact on browser competition. With the UK's Digital Markets, Competition and Consumers Act coming into force in 2025, these findings could lead to significant changes in how mobile browsers operate and compete in the UK.

This landmark legislation will establish a new digital competition regime similar to the EU's Digital Markets Act, while also expanding consumer protection through updated commercial practice regulations and strengthened consumer rights. Crucially, it will also give the CMA direct enforcement powers, including the ability to fine businesses for breaches. Ultimately, this could finally address the competition issues that have long concerned smaller browser developers, creating an environment more conducive to innovation.

The impact of these revenue-sharing arrangements has caught regulators' attention beyond the UK. In the United States, the Department of Justice has proposed that Google sell Chrome as part of remedies following an antitrust ruling. The DOJ's proposal would prohibit Google from offering money to make its search engine the default on any platform – a move that could dramatically reshape the browser market's economics. This aligns with growing global scrutiny of how search revenue influences browser competition. The DOJ's proposal goes even further than the CMA's investigation, suggesting Google should be required to share its search index with competitors at marginal cost. Such changes could accelerate the transition toward new business models in the browser market.

For browsers, the impact of potential future legislation changes could be huge. Consider Mozilla Firefox, which has been in the market for decades. Its 2021-2022 financial statements reveal the sheer scale of these arrangements – of Mozilla's $593 million in revenue, $510 million came from its Google search deal. This stark reality shows how browser companies could lose around 80 per cent of their revenue overnight if these arrangements were to end. Such a change would force a fundamental rethinking of how browsers operate – they would need to either adopt subscription models, aggressively increase donations, or resort to advertising, which could compromise user privacy. With that in mind:

What might a more competitive future look like?

I envision a landscape where browser choice is more transparent and accessible to users. When someone gets a new phone, they should be presented with clear, unbiased options for their default browser. Android already demonstrates that this is possible, allowing browsers to use different engines and giving users more control over their browsing experience.

With regulators on both sides of the Atlantic targeting search revenue arrangements, the shift toward subscription-based models may come sooner than expected. While this might initially raise eyebrows given the prevalence of free browsers, it's worth considering the broader context. Many users already pay separately for VPNs, password managers, and privacy tools. A browser subscription wouldn't necessarily mean yet another monthly payment – instead, it could consolidate these existing services into one comprehensive package. This model enables browsers to focus purely on user interests rather than advertising revenue. Innovation, in short, becomes more feasible when browsers can invest in development without relying on search engine revenue sharing.

We're already seeing examples of what's possible when browsers prioritize user needs. Our browser, for example, recently introduced a Cookie Consent Management feature which automatically handles cookie preferences based on user settings. This addresses a real pain point – the constant interruption of cookie pop-ups – while maintaining true privacy protection rather than just hiding the prompts. The future of mobile browsing isn't just about technical capabilities however – it's about creating an environment where innovation can flourish while respecting user privacy and choice. Whether through regulatory changes or evolving business models, the goal should be to enable browsers to compete on their merits, offering users genuine alternatives rather than variations on the same theme.

We're at a pivotal moment where the decisions made by regulators and industry players will shape how we access the internet for years to come. The CMA and DOJ’s investigations have highlighted the challenges, but it's up to browser developers, platform holders, and users to work together to create a more open, innovative, and user-focused mobile web. And here’s to hoping they do.

We've featured the best secure browser.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

These useful accessories help AirTag users find their car keys, track their luggage and more.

TopMate C12 Laptop Cooling Pad review

The TopMate C12 Laptop Cooling Pad is a mid-range cooling pad for high-performance gaming and creative laptops. Not only does it rock three 110mm fans and three 70mm fans, but it offers six different fan speeds, with the smaller fans capable of hitting 2400rpm. As such, I was expecting to see some seriously frosty cooling here.

Unfortunately, in our standard 3DMark stress test run on our Acer Predator Helios 300 with an Nvidia GeForce RTX 3080, I found the TopMate C12 more Chicago than Siberia in terms of chilliness. Our baseline test of the laptop alone saw it rise from 20.2ºC to 52.1ºC, an increase of 31.9ºC, while the TopMate on full fan power curbed its heating from 21.2ºC to 44ºC. While this reduced 22.8ºC temperature rise is a definite improvement, it’s nowhere near as impressive as the Liangstar Laptop Cooling Pad, for example, which reduced this down to 15.3ºC.

On the plus side, the TopMate C12 Laptop Cooling Pad runs about as quiet as you could realistically expect. Ten minutes into our stress test, I used a sound level meter to measure the combined noise of the cooling pad and laptop – it registered 58.5dB from three inches away and 45dB from my head height at 21 inches away. That’s bang in line with any of the best laptop cooling pads I’ve tested, and better than the 60dB produced by the uncooled laptop.

Offering eight adjustable heights, you can adjust the angle of your laptop from 6.5 to 50 degrees, which really enabled me to position things at the most ergonomic angle for my height. Chunky flip-up rests keep the laptop firmly in position; however, while these were fine for a bulky gaming laptop, I did find they dug into my wrists when typing on an Ultrabook that these dug into my wrists, so bear this in mind if your laptop is on the slimmer side. In terms of additional flourishes, the RGB lighting is well designed and offers 10 different settings if psychedelic gaming rainbows aren’t your thing.

All in all, the TopMate C12 Laptop Cooling Pad offers perfectly decent performance and a solid, aesthetically pleasing build. This may convince that it’s as good a choice as any other, but there’s one other factor I’d urge you to consider before making your purchase: its price. At $29.99 / £29.77 / AU$49.77, it costs more than some of the other cooling pads I’ve reviewed while offering marginally weaker performance. If you really want something that delivers great bang for your buck, I’d argue that the $19.99 / £19.99 Tecknet N5 Laptop Cooling Pad or $19.99 / £19.93 / AU$47.95 Liangstar Laptop Cooling Pad offer a better deal.

(Image credit: Future) TopMate C12 Laptop Cooling Pad review: price & availability

• Released January 19, 2022
• MSRP of $29.99 / £29.77 / AU$49.77

First launched on January 19, 2022, the TopMate C12 Laptop Cooling Pad is now available for $29.99 / £29.77 / AU$49.77. It’s worth keeping your eyes peeled for better prices, though: it has occasionally been reduced to £25.30 / AU$42.30 – while this is a modest drop, it does help it compete better with some of the best cooling pads for value.

But, for the most part, it’s easy to find similarly powerful cooling pads that cost a bit less – both the Tecknet N5 Laptop Cooling Pad and the Liangstar Laptop Cooling Pad performed better in our benchmarking tests, while also costing less at $19.99 / £19.99 and $19.99 / £19.93 / AU$47.95 respectively.

(Image credit: Future) Should I buy the TopMate C12 Laptop Cooling Pad? Buy if if…

You want stable, ergonomic design
Not only is this cooling pad adjustable and comfortable to use, but it’s also rock-solid. Thanks to its flip-up rests, your laptop shouldn’t slip or slide about, even during frantic Counter-Strike matches.

You want competitively quiet running
The TopMate runs as quietly as the best laptop cooling pads we’ve tested. Even at max cooling, it should kick out less noise than your laptop’s fans straining on their own.

Don’t buy it if…

You want the best cooling
Despite the fact it comes packing an array of six fans, some of which top out at 2400rpm, I didn’t find the TopMate capable of as effective cooling as some comparable pads we tested. So if you only care about how many degrees you can shave off, you should probably look elsewhere.

You want a bargain
Don’t get me wrong: this is still an affordable cooling pad, especially compared to the $150 / £125 / AU$150 you'll pay for some products. Nevertheless, this pad is still more expensive than some others we’ve tested, and falls short of their cooling power. So you can definitely get better cooling for your cash.

(Image credit: Future) TopMate C12 Laptop Cooling Pad review: also consider

Liangstar Laptop Cooling Pad
If you’re after the cheat codes for affordable yet arctic cooling, this is my personal tip. The Liangstar Laptop Cooling Pad is reasonably priced, costing just $19.99 / £23.59 / AU$65.66, and yet during tests it kept our laptop from rising any more than 15.3 degrees – that’s a full seven degrees cooler than the TopMate. It’s well worth a look.

How I tested the TopMate C12 Laptop Cooling Pad

• Tested it over several days
• Ran a stress test and measure temperature difference with a thermal camera
• Measure fan noise 10 minutes into test using a sound level meter

Testing the TopMate C12 Laptop Cooling Pad, I ran it through several all of the standardised benchmarks we use for all laptop cooling pads. First, I checked the hottest point of our Acer Predator Helios 300 with an Nvidia GeForce RTX 3080 testing laptop, ran a 3DMark stress test for 15 minutes with the cooling pad set to max speed, and then re-checked the temperature.

I also tested how noisy it was with a sound level meter. Ten minutes into the test, I measured sound levels from three inches away, as well as from head height to get the absolute and subjective volumes of the pads fans combined with the gaming laptop’s cooling system. I then compared this to benchmarks of the noise generated during a stress test by the laptop’s fans alone.

I also used the laptop cooling pad while gaming and conducting everyday office tasks to test its overall design, sturdiness and ergonomics. For this, I drew on my 30 years experience as a gamer and laptop user, not to mention my 10 years’ experience covering tech and gadgets.

• First review January 2025
• Read more about how we test

In The Boscombe Valley Mystery by Arthur Conan Doyle, Sherlock Holmes comments that, “There is nothing more deceptive than an obvious fact.” When it comes to risk, it’s obvious that companies should want to remove or reduce risk as much as possible. But the process - how you actually carry out the actions to eliminate risk, and how you collaborate to make that risk reduction work across the business - is not obvious. To improve this, we have to look at how we consider risk across the whole organization. This requires a Risk Operations Center, or ROC.

What's in a name?

When CISOs hear the phrase “Risk Operations Center” they invariably ask, “How is a ROC different from a Security Operations Center?” Let’s begin answering this question with a concise definition for what a ROC aims to achieve: A ROC orchestrates risk elimination.

I can hear risk purists objecting, “You can never eliminate risk – only control it!” I have two responses. First, I was being purposefully terse as a means of easing readers into a fuller definition. Second, I suspect objections stem from not completely aligning on terms. Let’s fix that by defining what I mean by risk and elimination.

For the definition of risk I will turn to How To Measure Anything In Cybersecurity Risk: “Risk is a state of uncertainty where some of the possibilities could lead to loss, catastrophe, or some other undesirable outcome.” Here is a thought experiment: If you completely remove your uncertainty, have you eliminated risk?

Imagine I am driving an SUV. I’ve just been told there is a small tunnel ahead. I don’t know what small means in this context. I just know I’m driving a high occupancy vehicle full of children and my spouse. I’m now uncertain if my vehicle will fit. As I approach the tunnel I see a sign overhead that says the tunnel is twenty feet by twenty feet – and I can also clearly see that my SUV will fit. Using “measurement” I just eliminated my state of uncertainty about possible future “loss, catastrophe or some other undesirable outcome.”

Risk measurement moderates our uncertainty. We define risk measurement as, “A quantitatively expressed reduction of uncertainty based on one or more observations.” In the case of tunnel versus SUV, my state of uncertainty was reduced 100%. Unfortunately, in business environments, not all risks are this cut and dry or easy to understand with one fact. This is why we need to clarify what elimination means.

For elimination I’m using its “risk oriented” word origin. In Latin, elimination is “ex limine.” The “ex” means “off or out.” And “limine” is limit or boundary. In short, to eliminate risk is to set a boundary or limit that should not be exceeded. This ties nicely with the concept of a cyber insurance limit and risk tolerance. Indeed, a limit is a mathematically unambiguous and contractually binding expression of business risk tolerance.

With our terms defined I can expand my overly pithy ROC definition to something acceptable even by the most ardent of risk purists: “A ROC continuously orchestrates the remediation, mitigation and or transfer of cybersecurity risk that may exceed business tolerance.”

What differentiates a ROC to a SOC is that the SOC is specifically focused on security alerts and managing responses to issues within the technology stack. A ROC, conversely, takes all that information and provides it to the whole business, including finance and compliance leaders, so the organization can manage and understand risk mitigation in that wider context.

What's a ROC platform?

I have the unique pleasure of engaging with CISOs and their teams around the globe on all things cybersecurity risk management. A growing majority of enterprise level CISOs are attempting to stand up DIY ROCs, because they have to put risk into that wider business context. Perhaps you are one of these CISOs. How might you know?

One of the first tells for this approach is that you are aggregating comprehensive “Risk Data” into a data lake, so you can make sense of that data for risk purposes. This includes a complex approach to handling data so that it can be used, from de-duplicating IT asset records to consuming full-stack vulnerability data and rationalizing disparate scores for those assets over time. This includes integrating multiple threat intelligence feeds and correlating compensating controls for risks that cannot be fixed immediately. Alongside this, you may look at how to use this data to trigger automated mitigation and remediation actions, whether that is through patching or deploying best practice deployment frameworks.

If you answered yes – even in part – then you are likely embarking on your own ROC journey. It’s a non-trivial DIY proposition. Consider that the average enterprise level firm has 76 security tools deployed, according to Panaseer. Getting each stage of this process right with each investment would most likely be out of reach, even for those with outsized budgets.

It is also essential to distinguish risk data from security data, as they should be purposefully thought of differently. I distinguish “risk data” from threat oriented “event data” that materializes in your SOC. SOC event data consists of streams of arrival time stamps with light weight meta-data. Due to its volume and millisecond velocity it’s invariably light on context. Event data is best persistent and modeled via time series data structures and related analysis. This is similar to what is used in real-time trading and network analysis. It’s for specific IT security decision making around threats.

Risk data is the other end of the spectrum when it comes to context. Consider all the rich content and context that you are putting in place around those IT security signals so that other teams can use it, and how it turns into understandable metrics for the board.

At the same time, all this analysis and reporting is usually done in some form of OLAP structure enriched with high context graph connected data. Indeed, graph comprehension is a must as cloud native data and other ephemeral “assets” aren’t IP addressable. The days of first and third party assets always being tied to a machine – and its IP – are fading. It would seem that the only thing the industry can agree on when it comes to assets is that they are probably nouns.

You can still do time series analysis with ROC data. You would do this to baseline metrics and do other forms of change analysis. The event grain for ROC data is not meant to duplicate log aggregation and/or observability solutions that back-end SOC systems create and consume. The ROC - and the data it provides - will carry out sophisticated analysis around potential risks and responses, but that complexity will be hidden from view so that the emphasis is on protecting value and reducing potential loss.

What's different around risk?

The ROC actually sits at the nexus of value and loss exposure. Consider that a successful business is in the business of exposing more value, to more people, through more channels with higher velocities. In other words, businesses want to make more revenue and more profits. You can call this “digital and AI transformation,” but it is a process that every business will go through in the pursuit of growth. At the same time, any new venture or investment increases the potential risk back to the organization. In this sense, successful businesses are risk exposure machines.

The ROC is in the center of risk flowing into and out of your “risk surface” where value flows in and losses flow out. The ROC controls the “loss exposure” portion of that flow. It does that using both sentient and or artificially intelligent means of risk analysis. That analysis in turn automates actions (or enables workflows) for remediation, mitigation and risk transfer. Remediation and mitigation are controlled within the attack surface domain.

Alongside these technology elements, there are other controls that you would implement, like cyber insurance to transfer potential risk response outside the business, which is within the broader risk surface domain. This combination of security measures and cyber insurance for response is where you can take practical, proactive steps as a defender and invest in capabilities for controlling loss.

Are you ready to ROC?

The ROC is not your SOC. They work together but at different levels of your overarching risk surface. The SOC exclusively operates on event data within the attack surface domain. And the ROC? It continuously orchestrates the remediation, mitigation and or transfer of cybersecurity risk that may exceed business tolerance.

The interesting news is that enterprises are already feeling their way towards this concept of the ROC as they try to implement more effective risk controls. The challenge is that implementing a ROC is still at the early stages of development, where DIY approaches are still nascent and partial compared to what companies actually need. Assembling ROC will depend on collaboration between those within companies - CISOs, CFOs and compliance in particular - but also between peers and vendors.

According to the Risk Management Association, cybersecurity risk is the number one issue that companies face in the coming years. The rise of cyber risk quantification continues to help in this process, yet many of these projects will fail because they do not get the right support or deliver effective risk data that the business can use. To overcome this challenge, ROC deployments ensure that risk data can be used to control and respond to risk as part of that wider business approach. Where the SOC should deliver insight for security operations, the ROC should deliver risk operations that cover the whole business.

We've featured the best encryption software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Razer Blue Screen: one-minute review

The Razer Blue Screen is a premium and convenient solution for those wanting a pro-grade green screen that's easy to set up and provides marvellous results. Think of it as a competitor to Elgato's similarly-specced solution, with the key (pun intended) difference being its colour.

The reason for this being a blue screen is because, according to Razer, it's easier to key out than the classic green - a statement that I found accurate in my testing. In addition, it's also more in line with what the professionals use in the name of giving your content more of a pro-grade appearance with the right care and attention.

The Blue Screen can extend up to 94-inches, or 2.38 metres, in height, making it suitable for head, or even full body, shots. In addition, it features quality fixtures and fittings with a sturdy metal frame and seam-free polyester material. While expensive, it remains one of the best green screens we've tested.

(Image credit: Future) Razer Blue Screen: Price and availability

• $149.99 / £159.99
• Sold only via Razer directly
• Available in the UK & US

The Razer Blue Screen clocks in at £159.99 / $149.99 and has been around since October 2022 as a more premium option for those looking for a simple pull-up blue screen for keying out backgrounds in a professional manner.

Other peripheral brands have leaned into the green screen space in the past, with the likes of Elgato's Green Screen offering a similarly priced package with a pull-up screen designed for streamers.

The key difference between the pair of these screens is color. A blue screen is arguably closer to what's used in some professional environments and is generally better in low light conditions than a green screen.

Otherwise, the premium price tag attached to Razer's option will also buy you some entire kits from the likes of Neewer that include a green sheet held up with its included stands, as well as a pair of soft-box lights, bulbs, umbrellas, and more. You do have to have a fair amount of space for a full kit like that, whereas the Blue Screen pulls up and down and thus can be stowed away easily.

(Image credit: Future) Razer Blue Screen: Specs Razer Blue Screen: Design and features

• Wonderfully easy to set up
• Tall enough for head and full-body shots
• High-quality polyester fabric

The Razer Blue Screen is a sleek and modern entry into what can often be quite a clunky enterprise. Setting up a green screen isn't the easiest if you're using one of those kits that's simply a piece of green fabric that needs to be clipped to a surface or attached to a stand.

With this in mind, Razer's choice makes it all easy, simply pulling up out of its enclosure to a height of 94 inches, or 2.38 meters. To erect it, you push against a tab on the top side, and pull up. The screen is on runners, so it almost pulls up itself with minimal effort required.

It's a stable setup, too, with the entire stand comprised of thick metal, and a pair of fold-out plastic legs that prevent the Blue Screen from falling over. In addition, the pull-up portion is reinforced with cross-braces on the reverse side that keep it straight and true.

In addition, as with the Elgato Green Screen and other similar pull-up options, Razer's Blue Screen is easily stowable in a cupboard or the corner of a room as it slides down to nothing into its base. It's a lot easier than dealing with a full-size kit, that's for sure.

The screen itself is made of polyester and is both seamless and wrinkle-free out of the box. Being totally smooth means it's easier to key out in the editing stage for a more professional look to your content.

(Image credit: Future) Razer Blue Screen: Performance

• Fantastic keying results
• Works well in low-light conditions
• Simple set-up is brilliant

The Razer Blue Screen is, in one word, convenient. Other green screens I've tested in the past have come in the form of sheetings with additional stands, which can take more than a few minutes to set up.

With Razer's choice, it's as easy as pulling it up in a matter of seconds, sitting down in a chair, recording some content, and then booting up the software to key the background out.

The mere fact it's blue made keying out easier in lower light conditions, especially when I only have space for a single key light off to the left of my desk. Once I had balanced the correct color to key out in my software, the Razer Blue Screen produced wonderfully clean and smooth results on Windows or MacOS.

With this in mind, as a literal piece of pull-up fabric, compatibility isn't an issue with the Blue Screen. It'll work with whatever software and operating system you're using for keying the background out, such as Final Cut Pro on macOS or DaVinci Resolve on Windows, as I used in my testing.

(Image credit: Future) Should I buy the Razer Blue Screen? Buy it if...

You want a convenient setup
The Razer Blue Screen excels on the simple fact of convenience. Being a pull-up means there's no faffing around with stands or sheeting.

You want solid construction
The metal base and cross-reinforced plastic braces on the Blue Screen provide a reliable and sturdy finish, and you won't have to worry about it falling over.

Don't buy it if...

You want a more affordable choice
The quality and convenience of the Blue Screen come at quite a price, and if you want a more wallet-friendly choice, then there are plenty of other options available.

Also consider...

Still not sold on the Razer Blue Screen? Here's how it compares to two similar products.

Elgato Green Screen
This is a great alternative because it offers a similarly convenient solution from a trusted brand in the streaming / content creation space with the benefit of a pull-up stand. It is also slightly shorter if you don't need a 94-inch screen.

Stay tuned for our full review of the Elgato Green Screen in the future.

Neewer Green Screen Kit
This is a great alternative because it offers the complete package for a more professional, and permanent, backdrop with stands, different color screens, and soft-box lights. It also offers an even larger area for capturing even more.

Stay tuned for our full review of the Neewer Green Screen Kit in the future.

How I tested the Razer Blue Screen

• Used and tested for more than one week
• Tested it with Windows and macOS editing software
• Evaluated against other green screens

I used the Razer Blue Screen for a week as a screen for recording test film that was captured in OBS as if I was streaming for keying the blue screen out. I also recorded test footage that was edited in both DaVinci Resolve on Windows and Final Cut Pro on macOS to best utilize the blue screen.

Throughout my period testing the blue screen, I compared it against the Elgato Green Screen and Neewer Green Screen Kit, as well as a similar full-size kit I had purchased myself prior to the review.

Read more about how we test

First reviewed January 2025.