Welcome To The Hacker Club 4U

On This Blog Now You can get knowledge about how to to do hacking and also Know how to prevent from hacking and know many tips And tricks of computer and internet


Click Here To Know Many Tricks and Tips Of HACKING facebook,twitter and other accounts and passwords

Hacking Safety And Security

Click Here to know how to protect your computer and inetrnet from hacking and know hacking safety and security tips and tricks

Facebook And Twitter

Click On Picture For TWITTER And Click On This Tittle For FACEBOOK .Hacking And Security Tips Of facebook and twitter.Know how to byepass facebook login and twitter login

Gmail And Yahoo

Click On Above Picture For GMAIL Hacking And Security Tips . And.Click On This Title For YAHOO Hacking and security tips

Cyber security plan proposed by White House

Government workers stand in front of a screen at the Department of Homeland Security  
US officials have said government and private systems are attacked millions of times per day

The White House has proposed legislation to protect the country from cyber attacks by hackers, criminals and spies.
Under the plan, companies that run infrastructure like power plants and financial systems would get incentives to make sure their systems are secure.
The Department of Homeland Security (DHS) would also have the authority to impose its own security on industry.
Similar legislation is already being discussed by Congress.
US officials have said government and private systems are attacked millions of times per day.
Too weak? The plans are designed to counter threats such as foreign nations attempting to steal sensitive data and computer hackers attacking financial institutions.
The White House proposal would empower the DHS to step in and develop security systems for institutions like financial and energy firms, if US officials felt the companies failed to have adequate measures.
An independent organisation would then be brought in to evaluate the security measures.
Some business leaders have said they would prefer a voluntary programme rather than government mandates.
The administration hopes the bill will be passed this year.
But other critics say the plan is too weak and lacks a sense of urgency.
Former senior Homeland Security official Stewart Baker told the Associated Press news agency: "It tells even critical industries on which our lives and society depend that they will have years before anyone from government begins to evaluate their security measures."
Various House and Senate committees have been working on cyber security legislation for the past two years, waiting for the Obama administration to propose its own version.
The two proposals differ in that the House and Senate want the White House cyber co-ordinator to be subject to Senate confirmation, while the White House has rejected that idea.

Hackers tackle secure ID tokens

SecurID token, RSA The SecurID tokens are widely used to grant access to sensitive information

Hackers have stolen data about the security tokens used by millions of people to protect access to bank accounts and corporate networks.
RSA Security told customers about the "extremely sophisticated cyber attack" in an open letter posted online.
The company is providing "immediate remediation" advice to customers to limit the impact of the theft
It also recommended customers take steps, such as hardening password policies, to help protect themselves.
Proof positive In the open letter, written by RSA boss Art Coviello, the company said that the data stolen would not help a "direct" attack on the the SecurID tokens.
It did not disclose exactly what had been purloined and only said that the information "specifically related to RSA's SecurID two-factor authentication products".
RSA's SecurID tokens are used by millions of people alongside passwords to beef up security.
As its name suggests, two-factor authentication involves improving security using two methods of identifying a user. The first factor is usually the traditional login ID and password combination.
The second factor can be a SecurID token that is paired with back-end software that generates a new six digit number every minute.
A token paired with this software generates the same numbers so only the holder will be able to type in the right digits and get access.
RSA said the information stolen could reduce the effectiveness of this two-factor authentication system if a company came under a broader attack by malicious hackers.
This could potentially put a lot of people at risk as RSA claims to have millions of people using its security technology to secure online accounts and access to corporate systems.
RSA recommended that firms monitor social network sites to spot if hackers were trying to capitalise on what they now know about RSA's systems.
This could be because hackers have got information about who has which token and might try to exploit that to trick employees into giving them access.
RSA also recommended reminding users about the dangers of responding to suspicious e-mails, to limit who can access critical infrastructure systems and to reinforce all policies surrounding SecurID token use.
There could be "tremendous repercussions" if criminals piggy-backed on what they know to stealthily get at corporate and other critical systems, said Richard Stiennon, chief research analyst at security firm IT-Harvest.
"You'd never have a sign that you've been breached," he said.

Targeted cyber attacks an 'epidemic'

Gmail homepage, Google 
The attack was aimed at a small number of influential individuals who use Gmail

The targeted attack used by hackers to compromise e-mail accounts of top US officials is reaching 'epidemic' proportions, say security experts.
The scam, known as spear phishing, was used in a bid to get passwords of Gmail accounts so they could be monitored.
Via a small number of customised messages it tries to trick people into visiting a web page that looks genuine so users type in login names.
Such attacks are often aimed at top officials or chief executives.
Such attacks are not new, say security professionals, but they are becoming more commonplace.
"What is happening more and more is the targeting of a couple of high value individuals with the one goal of acquiring valuable information and valuable data," said Dan Kaminsky, chief scientist at security firm DKH.
"The most interesting information is concentrated in the accounts of a few people," he said. "Attackers using information to impersonate the users is at epidemic proportions and why computer security is in the state it is in."
In March, security firm RSA was hit by a sophisticated spear-phishing attack that succeeded despite only two attacking e-mails being sent. The phishing e-mail had the subject line "2011 Recruitment Plan" and contained a booby-trapped spreadsheet.
Total access Google said it uncovered the deception through a combination of cloud based security measures, abuse detections systems and user reports. It also cited work done by a website called contagio dump.
The founder of the site is technologist and researcher Mila Parkour who said the method used in this attack was "far from being new or sophisticated".
SecurID token, RSA The RSA attack involved two e-mails sent to a small group of high-value individuals.
She told the BBC she was first alerted to the problem by one individual back in February. She would not reveal their name or position.
Google said that among those targeted were senior US government officials, military personnel, journalists, Chinese political activists and officials in several Asian countries, predominately South Korea.
"Someone shared the incident with me," she said. "I did a mini research and analysis and posted the findings as I heard it happened to other people in the military and US government. I just wanted them to be aware and be safe."
Ms Parkour said attackers got access to the entire mailboxes of victims.
"I did not read the contents of the mailbox so not sure if anything extra interesting was there," she said. "I hope not."
Chinese connection Cyber attacks originating in China have become common in recent years, said Bruce Schneier, chief security technology officer at telecoms firm BT.
"It's not just the Chinese government," he said. "It's independent actors within China who are working with the tacit approval of the government."
F-35 Lightning, Reuters defence firm Lockheed Martin was also hit by a cyber attack aimed at stealing secrets
China has said repeatedly it does not condone hacking, which remains a popular hobby in the country, with numerous websites offering cheap courses to learn the basics.
In 2010 Google was the victim what it called a "highly sophisticated and targeted attack on our corporate infrastructure originating from China" that it said resulted in the theft of intellectual property.
Last year, US. investigators said there was evidence suggesting a link between the Lanxiang Vocational School in Jinan and the hacking attacks on Google and over 20 other firms. The school denied the report.
Easy access Security experts said spear phishing attacks were easy to perpetrate because of the amount of information people put on the internet about themselves on social networking sites such as Facebook and Twitter.
The mountain of data lets canny hackers piece together enough information to make e-mails they concoct appear convincing and genuine.
In this attack, some Gmail users received a message that looked like it came from a work colleague or was linked to a work project.
On Ms Parkour's site, she shows some of the spoof e-mails indicating how easy it was for people to be hoodwinked.
"It makes sense these bad guys would go that way given the amount of time, effort and investment they have to make in orchestrating an attack," said Dr Hugh Thompson, chief security strategist at People Security who also teaches at Columbia University.
People tend to trust messages that look like they come from people bearing details of where they last met or what they did, he said.
"I can then point you to a site that looks very much like Gmail and you are not going to question that because I already have your trust," he said.
Steve Durbin, head of the Information Security Forum, said phishing attacks were a well-established attack method and e-mail had long been a favourite among criminals keen to winkle out saleable data.
"Whether you are a government official with access to sensitive or secret information, or the average e-mail user, everyone must be on their guard and become more security savvy," he said.
Organisations needed to educate users about the real and potential risks they face.
Mr Kaminsky said some of the fault for such security lapses lay at the feet of the outdated technologies we use.
"Passwords don't work as an authentication technology," said Mr Kaminsky.
"They are too flexible, too transferable and too easy to steal," he said. "However, we are stuck with them for now due to technical limitations and because users find them easy to use."

Sony network attacked again, hackers claim

Man walks past Sony logo 
Sony has faced a torrid few weeks as its networks have become targets for hackers

A hacker group has claimed it has attacked the Sony network and stolen more than one million passwords, email addresses and other information.
Lulz Security said it broke into servers that run SonyPictures.com.
Sony said it was aware of Lulz Security's statement and was investigating, the Associated Press reported.
In April, hackers broke into Sony's PlayStation Network and stole data from more than 77 million accounts.
That attack was considered the biggest in internet history and led to Sony shutting down the PlayStation Network and other services for almost a month.
The company has estimated the data breach will result in a $170m (£104m) hit to its operating profit.
Since then, Sony's networks have become targets for hackers and the company has confirmed at least four other break-ins prior to the claimed attack on Sony Pictures.
Lulz Security claims to be behind one of those attacks: an assault on Sony Music Japan.
The latest alleged attack will come as a blow to the Japanese firm, 24 hours after it announced the PlayStation Network would be fully restored in the US and Europe, and said it had beefed up its security systems.
'Asking for it' In a statement on Thursday, Lulz Security said it had hacked into a database that included unencrypted passwords as well as names, addresses and dates of birth of Sony customers.
"From a single injection, we accessed EVERYTHING," it said. "Why do you put such faith in a company that allows itself to become open to these simple attacks?"
"What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plain text, which means it's just a matter of taking it.
"This is disgraceful and insecure: they were asking for it."
The group also recently claimed responsibility for hacking the website of the PBS network and posting a fake story in protest at a news programme about WikiLeaks.

Google hacks not from inside Chinese schools says China

President Obama
President Obama has said he is "troubled" by the attacks on Google.

The Chinese government has denied that Google Gmail accounts were hacked into from school computers.
Shanghai Jiaotong University and Lanxiang Vocational School were named by US investigators as the likely origins of the hacks.
Foreign Ministry spokesperson Ma Zhaoxu branded the accusation "groundless".
He added that it was "irresponsible" to blame the government for the attacks, which led to Google threatening to pull out of China altogether.
Ma Zhaoxu was speaking at a press briefing.
Meanwhile Google and China are set to resume talks about Google's wish to operate an unfiltered internet search engine in the country according to the Wall Street Journal.
The Journal said that officials from both parties were due to meet again after the Chinese New Year celebrations in mid-February.
At the moment Google is still censoring search results in China, but it said in January that it would stop filtering results even if this action resulted in its Chinese operation being forced to close.

Technical error hits Google China

Google logo outside its Beijing office
Google stopped censoring search results on 22 March

Google has said that a problem that meant that Chinese users of its service were unable to access search results on 30 March was due to a technical error.
Many reports had speculated that the block may have been put in place by the Chinese government.
Earlier this month Google stopped censoring its search results in China in defiance of the government.
The company now redirects Chinese users to the uncensored pages of its Hong Kong website.
A spokesperson for the firm said that "lots of users" had been unable to access the Hong Kong site today.
"This blockage seems to have been triggered by a change on Google's part," the spokesperson said.
The firm said that in the last 24 hours the letters "gs_rfai" started appearing in the URLs of Google searches globally.
"The great firewall was associating these searches with Radio Free Asia, a service that has been inaccessible in China for a long time -hence the blockage," said the spokesperson.
"We are currently looking at how to resolve this issue."
Google first outlined its plans to stop censoring search results on 12 January after it revealed that it had been targeted in a sophisticated cyber attack thought to originate in China.
The attacks - which also affected 20 other companies - were thought to target the e-mail accounts of human rights activists.
After weeks of negotiations, the firm finally stopped censoring results on the 22 March.

Microsoft admits Explorer used in Google China hack

Google HQ in China (AP)
Microsoft is working to patch the vulnerability through a software update

Microsoft has admitted that its Internet Explorer was a weak link in the recent attacks on Google's systems that originated in China.
The firm said in a blog post on Thursday that a vulnerability in the browser could allow hackers to remotely run programs on infected machines.
Following the attack, Google threatened to end its operations in China.
Microsoft has released preliminary guidance to mitigate the problem and is working on a formal software update.
So far, Microsoft "has not seen widespread customer impact, rather only targeted and limited attacks exploiting Internet Explorer 6".
"Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks," said Microsoft's director of security response Mike Reavey in the post.
Security firm McAfee told news agency AFP that the attacks on Google, which targeted Chinese human rights activists worldwide, showed a level of sophistication above that of typical, isolated cyber criminal efforts.
McAfee's vice-president of threat research Dmitri Alperovitch told AFP that although the firm had "no proof that the Chinese are behind this particular attack, I think there are indications though that a nation-state is behind it".
The recent spate of attacks was alleged to have hit more than 30 companies including Google and Adobe, but security firms have since said that such invasions are routine.
Mr Reavey echoed this in the post.
"Unfortunately cyber crime and cyber attacks are daily occurrences in the online world. Obviously, it is unfortunate that our product is being used in the pursuit of criminal activity. We will continue to work with Google, industry leaders and the appropriate authorities to investigate this situation."

Google e-mail accounts compromised by 'Chinese hackers'

Google's logo  
Google said its own security defences were not compromised but that individual users were tricked

Hackers in China have compromised personal e-mail accounts of hundreds of top US officials, military personnel and journalists, Google has said.
The US company said a campaign to obtain passwords originated in Jinan and was aimed at monitoring e-mail.
Google said its security was not breached but indicated individuals' passwords were obtained through fraud.
Chinese political activists and officials in other Asian countries were also targeted, Google said.
"Google detected and has disrupted this campaign to take users' passwords and monitor their emails," the company said on Wednesday.
"We have notified victims and secured their accounts. In addition, we have notified relevant government authorities."
In Washington, the White House said it was investigating the reports but did not believe official US government e-mail accounts had been breached.
The e-mail scam uses a practice known as "spear phishing" in which specific e-mail users are tricked into divulging their login credentials to a web page that resembles Google's Gmail web service (or which appears related to the target's work) but is in fact run by hackers, according to a technical report released by Google.
Having obtained the user's e-mail login and password, the hackers then tell Gmail's service to forward incoming e-mail to another account set up by the hacker.
In Washington, the BBC's Adam Brookes says it is extremely difficult for analysts to determine whether governments or individuals are responsible for such attacks.
But the fact that the victims were people with access to sensitive, even secret information, raises the possibility that this was cyber espionage, not cyber crime, our correspondent says.

Recommend us on Google!


Twitter Delicious Facebook Digg Stumbleupon Favorites More