The most successful attacks by hackers typically are not technical. Hackers take advantage of the human element, which is usually caused by laziness or being unaware of a vulnerability. A prime example of this is people not changing their default passwords. Here are two examples of password vulnerabilities you should be aware of.
1 – Hacking a mobile devices (example iPhone):
Your mobile device is a database of your LIFE. Most people don’t want what’s on their mobile devices to become public. Look at all the embarrassing celebrity photos posted in popular magazines such as US today. How do you think those pictures are captured? In many cases, it’s through celebrity mobile devices. If you leave the default password on your voicemail on your mobile device, YOU ARE VULNERABLE to being compromised. Here is the hack and how to fix it.
HACKING A iPhone via Spoofing:
1) Go to spoofcard.com and sign up for the spoofing service
2) Enter the phone number of the target
3) Choose the phone number that will be displayed when you call the target
4) Call and get their voicemail.
5) If they haven’t changed their default password for their voicemail or changed auto access the voicemail, you will access their phone’s records
*Note: Most wireless carriers maintained direct dial numbers to their voice mail management systems. If known these numbers can be used to bypass a call being placed to the mobile device. Resulting in no missed call being registered.
What this means: This is one method of exposing information such as Voicemail, Photo’s, Messages, and browser history.
Fix: Change your default voicemail password. Also change the feature on some voicemails to not auto login into the system. Here is a link to change iPhone Voicemail passwords. http://support.apple.com/kb/ht1687 . Look up your models voicemail password settings and change it from the default.
2 – Hacking a wireless router (example Linksys):
HACK: I find this problem on many networks regardless of size (home to enterprise). Basically connect to a wireless network and look at the IP address provided. Open a web browser and type in the IP with a .1 ending (example 192.168.10.1). Most wireless routers offer a web GUI and default access is usually .1. Open a second screen and Google what the default login is for the device (example admin cisco123).
What does this means: I can own your network. I can see where you browse, what is on your network, etc.
Fix: Change the default password on your wireless network management GUI. You can also change the web GUI interface IP from .1 to something else.
CHANGE YOUR DEFAULT PASSWORDS!!!!
Credits to Aamir Lakhani, Tim Adams and Joseph Muniz. Posting is also HERE