High-speed train hacks and homicidal lawnmowers

A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative excuse we've heard all year.

Meanwhile, owners of $4,000 robot lawnmowers are discovering that their gadget can be hijacked over the internet, redirected at journalists who foolishly lie down in front of it, and used to harvest Wi-Fi passwords, email addresses, and GPS coordinates. Change the default password? Sure - until the next firmware update silently resets it back.

Plus - don't miss our featured interview with XBOW's Brendan Dolan-Gavitt about how AI is transforming penetration testing.

All this and more in episode 468 of the "Smashing Security" podcast with cybersecurity expert and keynote speaker Graham Cluley, and special guest Geoff White.

EPISODE LINKS:

• Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom - TechCrunch.
• Man accused of stealing Beyoncé’s unreleased music takes guilty plea - ABC News.
• Shai-Hulud code drop: Open season for supply chain attacks- ReversingLabs.
• Student hacked Taiwan high-speed rail to trigger emergency brakes - BleepingComputer.
• Polish teen derails tram after hacking train network - The Register.
• The Cheap Radio Hack That Disrupted Poland's Railway System - WIRED.
• The man with an army of Yarbo robot lawn mowers - The Verge.
• Ever been run over by a robot? I have - for science! - TikTok.
• RD280UA 28” WQXGA BenQ Programming Monitor with Backlight and Flexible Arm - BenQ.
• Kai Shun DM-0708 combination sharpening stone, grain 300/1000 - Knives and Tools.
• AI-Assisted ICS Attack on a Water Utility - Dragos.
• Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access - Google Cloud Blog.
• Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:

• Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
• XBOW - The autonomous offensive security platform that helps security teams scale. Start a pentest today.
• OPSWAT - Read Benny Czarny's book, "Cybersecurity Upside Down", to rethink how you protect your organization from file-based threats, including those powered by AI.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:

Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy