Cloud Hosting

02 February 2022 | Melanie Mingas

Saudi Telecom is to establish a $1 billion (SAR3.8 billion) connectivity company specialising in data centre hosting as well as international and regional connectivity.

STC will transfer its infrastructure assets inclusive of its data centres, international submarine cables and international points of presence to the new company, which will have an initial valuation of approximately SAR2.1 billion, based on asset values as of December 2021.

On the financial details, STC confirmed the SAR3.8 billion value comprises this SAR2.1 billion asset valuation, alongside a SAR100 million injection of initial capital and SAR1.7 billion in expected additional investments.

A statement from STC read: "These assets and investments will be subject to a detailed evaluation at a later stage in order to determine their final valuation, in addition to determining the final capital needed for the new company upon completion of the necessary regulatory requirements."

The news follows $966 million IPO of Solutions by STC last year, executed to capture the growth opportunities in both the public and private sectors, as well as smart cities and cloud-first policies.

However, there are no plans reported as yet to list this company, in whole or part. It is described as being fully owned by STC and it will "manage and continue to invest" in submarine cables, including new submarine projects. Google's Raman cable and 2Africa both have landings planned in the kingdom.

Although data centres are central to the newco's remit, the details of how many facilities or the investment they could require, have yet to be released.

That said, there has been plenty of data centre news from the kingdom over recent months.

As Capacity reported in July of last year, the Ministry of Communications and Information Technology (MCIT) is calling for $18 billion investment in hyperscale data centres by 2030, to take nation-wide capacity to more than 1.3GW.

Then in October, STC announced multi-million dollar data centre contracts for NEOM following its appointment to deliver an advanced 5G and IoT network for the smart city. Quantum security company Arqit has won a deal to provide security for the same project.

In November, STC said it was planning the "largest cloud-enabled data centre in the region".

The new company aligns with Saudi Arabia's ambitions to create a regional digital hub with high-capacity links to other regions, specifically connecting Asia, Africa and Europe however this is not the only project that will help it achieve this goal.

The next issue of Capacity magazine, out in March, will carry more details on this.

Visit link:
Saudi Telecom plans $1billion hosting and connectivity newco - Capacity Media

Apple and Broadcom won a new trial to recalculate damages arising from a six-year-old legal battle over Wi-Fi patents developed by the California Institute of Technology (Caltech).

The US Court of Appeals for the Federal Circuit on Friday upheld the 2020 verdict that Apple and Broadcom infringed two Caltech patents. But it vacated an infringement finding for a third patent, which will be retried, and also vacated $1.1bn in damages levied against the two companies.

In 2016, Caltech sued Apple and Broadcom, which made Wi-Fi chips used in Apple iPhones at the time. The university accused the two companies of infringing three US patents (7,116,710, 7,421,032 and 7,916,781).

Apple tried to have the patents invalidated but failed. The company was unable to convince the Patent Trial and Appeal Board that Caltech's technology techniques for Wi-Fi error correction was unpatentable and obvious.

When the trial concluded in January 2020, the jury found the companies had violated the patents at issue and imposed a penalty of $837m on Apple and $270m on Broadcom.

Efforts to reduce or undo the damages ended up in appeals court and now the two companies, or at least their attorneys, have been rewarded with further litigation.

In The California Institute of Technology v. Broadcom Limited [PDF], the appeals court concluded that the district court had adopted a legally unsupportable two-tiered damages scheme to penalize the two firms. And the jury's finding that Caltech's '781 patent had been infringed will now be retired.

One of the three judges on the appeals panel would have gone further and invalidated the patents altogether, based in part on an infringement theory presented at trial describing AND gates that generate additional bits for error correction.

"But the record does not support a theory that the branched wires generate additional bits," said Judge Timothy Dyk in his dissenting opinion. "Caltechs experts testified merely that the bits are 'connected to' the AND gates by branched wires, without explaining whether or how that connection generated additional bits."

"Apple and Broadcom presented unrefuted expert testimony that the branched wire connection involves simultaneously sending the same bit not an additional bit to the inputs of AND gates. Caltechs expert did not testify to the contrary, and in fact declined to testify that branching generates additional bits."

Apple did not immediately respond to requests for comment.

"We are pleased that the Federal Circuit has affirmed the validity and infringement of Caltechs patents," said Shayna Chabner, chief communications officer for Caltech, in an emailed statement.

"This is recognition of Caltechs inventions in the field of data communications, which are now widely used in WiFi products because they significantly improve the quality, bandwidth, and range of wireless data transmission. We are confident that the value of the patents will be fully recognized at the damages retrial."

In an unrelated legal battle against patent licensing firm Wi-LAN, Apple also got a reprieve from a $85m infringement verdict. A different three-judge panel gave Apple a new trial.

Apple initiated the legal battle in May 2014 against Wi-LAN, a subsidiary of Quarterhill, in the Southern District of California to obtain a declaratory judgment that iPhones did not infringe the firm's LTE patents.

WiLAN countersued and in 2018 won $145.1m in damages. Apple challenged the award and the district court hearing the case agreed, so there was a new trial and in 2020 the damages were reduced to $85.23m.

Those damages may be reduced further still. In its ruling on Apple, Inc. v. Wi-LAN, Inc. [PDF], the appeals court took issue with Wi-LANs damages expert, David Kennedy, and said his damages testimony should be excluded because "methodological and factual errors in analyzing the comparable license agreements render his opinion untethered to the facts of this case."

"We conclude the district court abused its discretion in denying Apples motion for a new trial on damages," the appeals court said.

Visit link:
Apple, Broadcom allowed to press Ctrl-Z on billion-dollar Wi-Fi patent payout to Caltech - The Register

Some of Britain's favourite pub munch could end up in short supply after KP Snacks, makers of nuts and crisps, suffered a ransomware attack.

A family pack perfectly normal single serving of KP dry roasted peanuts

Kenyon Produce, to give the company its formal name, wrote to small shops around the UK saying it had been infected with ransomware on 28 January, as reported by industry news site Better Retailing.

The letter said:

The company said it didn't know when the attack would be resolved.

Bleeping Computer reported they'd seen leak pages showing that the attackers were the WizardSpider ransomware gang, known for unleashing their signature Conti ransomware in a paralysing attack last year on the Republic of Ireland's state-run health service.

KP was allegedly given five days by the extortionists to pay a ransom. So far the ransom sum demanded is not known. Representatives of KP had not answered phonecalls seeking comment.

John Vestberg, chief exec of Swedish network security firm Clavister, praised KP's "transparency and diligence", saying: "KP reacted in a rapid and considered fashion. Where other companies have previously failed and succumbed to paying huge ransoms, KP brought third party experts on in the earliest stages to help minimise damage and drive a forensic investigation that could be passed over to the relevant authorities."

"This sharing of information is one way that cybercriminals such as these attackers can be tracked down and stopped from causing more destruction in future," he added.

The damage caused to a fast-moving consumer goods (FMCG) firm such as KP Snacks by a ransomware attack is likely to be severe. FMCG logistics, particularly in foodstuffs, are not known for their long lead times. Meanwhile, ransomware attacks can take weeks or months to fully clean up: if the ransom isn't paid, networks need to be rebuilt from scratch before being populated with data from backups.

Over the last two years ransomware gangs have concentrated on the soft underbelly of the West: medical and pharmaceutical companies.

A recent Wired feature on Trickbot revealed that gang's thinking: "fuck clinics in the USA this week" said one criminal in an online chat seen by the magazine.

Originally posted here:
Nothing to scoff at: Crisps and nuts biz KP Snacks smacked in ransomware hack attack - The Register

Cisco has revealed five critical bugs, three of them rated 10/10 on the Common Vulnerability Scoring System, that impact four of its router families aimed at small businesses. And it only has patches available for two of the affected ranges.

The flaws impact the RV160, RV260, RV340 and RV345 products, all of which can be abused with:

If that's not enough to worry about, the boxes can also be made to create DDoS attacks.

The three 10/10-rated flaws are:

Cisco's advisory lists 15 CVEs, another two of which are rated critical: the 9.3/10 CVE-2022-20703 and the 9/10 CVE-2022-20701.

Six of the other vulns have a High rating, meaning they've scored between 7.0 and 8.9 on the CVSS.

Cisco has updated software for the RV340 and RV345 series, but the RV160 and RV260 eagerly await their patches. The networking giant hasn't advised when that code will debut.

That lack of patches is scary, because Cisco admits it's aware that proof-of-concept exploit code is available for several of the vulnerabilities it has disclosed. Perhaps scarier still, given that small businesses often go without tech support many customers may never be notified that these flaws exist, or have the skills to update a router.

On February 2, security firm Tenable ran a Shodan scan looking for the imperiled routers and found "at least 8,400 publicly accessible RV34X devices." Thankfully, the firm says it can't find any exploits for the devices on public repositories.

There's every chance that situation will quickly change for the worse.

Being asked to do ad hoc tech support for friends and family is never fun. Might this triple dose of perfectly critical trouble be the moment to offer counsel?

View post:
Cisco inferno: Networking giant reveals three 10/10 rated critical router bugs - The Register

Wormhole, a protocol for connecting different blockchains, lost about $320m worth of Ether (ETH), thanks to poorly crafted code.

"The wormhole network was exploited for 120k wETH," the DeFi biz said via Twitter on Wednesday.

"wETH" stands for "wrapped Ether," an intermediary token used to transfer Ether across blockchains built for different cryptocurrencies. Wormhole's technology serves as a bridge that links the Solana blockchain to various other "decentralized finance" or DeFi blockchains like Avalanche, Binance Smart Chain, Ethereum, and others.

The loss represents the fourth biggest cryptocurrency hack to date, according to British blackchain analysts Elliptic.

Those organizations behind Wormhole said they would add more ETH in the hours to come to ensure wETH is backed with ETH. And on Thursday, as if by magic, Wormhole proclaimed, "All funds have been restored and Wormhole is back up."

But the firm used the word "restored" when "replaced" would have been more accurate. The stolen funds were not recovered from the thief; rather the looted till was refilled by benefactor Jump Crypto, which last year bought Certus One, the company that developed Wormhole.

"@JumpCryptoHQ believes in a multichain future and that @WormholeCrypto is essential infrastructure," Jump Crypto said via Twitter. "Thats why we replaced 120k ETH to make community members whole and support Wormhole now as it continues to develop."

Wormhole has also offered the thieves that pilfered the digicash a $10m "white hat" reward if the funds are returned. There's no word yet of any movement on that front.

As one anonymous wag put it, "So the slot machine paid out for one lucky winner and the house covered the losses from profits made elsewhere."

The hack appears to have been made possible by a signature verification function in Wormhole's Solana bridge code that didn't actually verify any signatures.

Paradigm security researcher "samczsun," after exploring the pertinent code in a Twitter thread, summarized the attack scenario thus: "Wormhole didn't properly validate all input accounts, which allowed the attacker to spoof guardian signatures and mint 120,000 ETH on Solana, of which they bridged 93,750 (~$250m) back to Ethereum."

Security researcher Matthew Garrett speculates, based on the delay between the pull request with the fix and its merger into the codebase, that the attacker spotted the code change and crafted an exploit before the repairs could be rolled out.

"So what it looks like is that an obfuscated security critical change was published, someone figured out what the vulnerability was, and then exited with all the money before the fix was deployed," Garrett said.

The Register asked Wormhole whether this is accurate but we've not heard back.

View original post here:
$320m in Ether stolen from crypto biz Wormhole - The Register