Smashing Security16 Heinä 2025

Choo Choo Choose to ignore the vulnerability

In episode 426 of the "Smashing Security" podcast, Graham reveals how you can hijack a train’s brakes from 150 miles away using kit cheaper than a second-hand PlayStation.

Meanwhile, Carole investigates how Grok went berserk, which didn't stop the Department of Defense signing a contract with Elon’s AI chatbot. So who is responsible when your chatbot becomes a bigot?

Plus: Email headaches, SPF rage, and a glowing review for... Taskmaster SuperMax Plus?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

Schoolboy hacks into city's tram system - The Telegraph.
Caboose - Wikipedia.
Neil Smith discusses his findings - Twitter thread.
End-of-Train and Head-of-Train Remote Linking Protocol - CISA.
The Cheap Radio Hack That Disrupted Poland’s Railway System - Wired.
Grok, Elon Musk’s AI Chatbot, Shares Antisemitic Posts on X - The New York Times.
X ordered its Grok chatbot to ‘tell like it is.’ Then the Nazi tirade began - Washington Post.
Hacker uses Elmo's X account to post antisemitic rant and demand release of Epstein files - ABC News.
Elon Musk Announces Sensuous Grok AI Companion - Mashable.
Grok Rolls Out Pornographic Anime Companion, Lands Department of Defense Contract - The Rolling Stone.
Learn DMARC.
TASKMASTER SUPERMAX+.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.
Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(470)

017: Data breaches, zero day exploits, and toenail clippings

Hotel malware has been stealing guests' payment card details... again, should businesses relay delay rolling out vulnerability patches, and Burger King's Whopper TV ad campaign tries to take advantage...

20 Huhti 201730min

016: Wonga wronga!

Spyware companies are filmed plotting to break global sanctions to ship surveillance and spying equipment to dodgy authoritarian regimes, an unsecured database exposed diabetics’ sensitive data, and a...

13 Huhti 201727min

015: Bad vibrations

Don't let an internet-enabled sex toy make your most private moments oh-so-public. Samsung's wannabe-Android-killer is found lacking. And did you hear about the firm that is micro-chipping its employ...

5 Huhti 201726min

014: Protecting webmail - a Smashing Security splinter

What can you do to better protect your online email accounts?In this special "splinter" episode (or should it be a "shard"?) regular hosts Graham Cluley and Carole Theriault discuss with Paul Ducklin ...

30 Maalis 201730min

013: Assault with a deadly tweet

Graham is embarrassed by a Twitter security snafu. How an animated GIF could prove deadly. Social engineering threats against your workforce. And will you be able to do any work on your laptop next ti...

23 Maalis 201733min

012: Eau de Eugene Kaspersky

Androids pre-installed with malware - can the supply chain be trusted? Will WikiLeaks help vendors get zero-days fixed? And what on earth has the Kaspersky marketing department dreamt up this time? Gr...

16 Maalis 201728min

011: WikiLeaks and the CIA

Has the CIA been using a Weeping Angel to spy on you via your Smart TV? Have WhatsApp, Telegram and Signal been compromised? What is the secret of the SATAN ransomware? And can you avoid having your d...

9 Maalis 201733min

010: The dolls must be destroyed

A creepy teddybear leaks two million voicemail messages, Windows 10 pushes you into only installing vetted apps, and Boeing warns 36,000 employees their personal information could have been exposed af...

2 Maalis 201736min