British hacker Stephen Tomkinson has found two Blu-Ray-borne attacks.
His first exploit relies on a poor Java implementation in a product called PowerDVD from CyberLink. PowerDVD plays DVDs on PCs and creates menus using Java, but the way Oracle's code has been used allows naughty folk to circumvent Windows security controls.
Today at MWC 2015, we played with the ZTE Grand S3. ZTE's new flagship device lets users unlock their phones by looking at the front-facing camera. The cutting edge solution, called Eyeprint ID, works by scanning unique vein patterns in the human eye. See how it works in our brief hands-on video.
Swipe down from the top of the lock screen to bring up the eye scanner. You'll need to place the phone in front of your face so that both eyes appear in the box. It takes about 5 seconds from swiping down on the screen to unlock the Grand S3.
Thousands of Seagate Network Attached Storage (NAS) devices are defenseless against a zero-day remote code execution (RCE) vulnerability. Back in October, security researcher OJ Reeves attempted to responsibly disclose the hole in Seagate’s Business Storage 2-Bay NAS products, which ironically use a tagline of “deadlines happen. Be ready.” But Seagate still hasn’t issued a firmware fix, so Reeves has now publicly disclosed the bug.
Encrypted communications provider Silent Circle has raised approximately $50 million in a funding round aimed at pushing the company forward in the enterprise market.
Announced on Thursday, Silent Circle said "strong demand" from enterprise customers seeking to keep communication private through the Blackphone product range led the firm to launch a private, common equity round in order to grow and cater for new clients.
“None of the claims of what comsec works is to be taken saltless: Tor, OTR, ZTRP are lures.” —Cryptome , Dec. 30, 2014