Smashing Security16 Jul 2025

Choo Choo Choose to ignore the vulnerability

In episode 426 of the "Smashing Security" podcast, Graham reveals how you can hijack a train’s brakes from 150 miles away using kit cheaper than a second-hand PlayStation.

Meanwhile, Carole investigates how Grok went berserk, which didn't stop the Department of Defense signing a contract with Elon’s AI chatbot. So who is responsible when your chatbot becomes a bigot?

Plus: Email headaches, SPF rage, and a glowing review for... Taskmaster SuperMax Plus?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

Schoolboy hacks into city's tram system - The Telegraph.
Caboose - Wikipedia.
Neil Smith discusses his findings - Twitter thread.
End-of-Train and Head-of-Train Remote Linking Protocol - CISA.
The Cheap Radio Hack That Disrupted Poland’s Railway System - Wired.
Grok, Elon Musk’s AI Chatbot, Shares Antisemitic Posts on X - The New York Times.
X ordered its Grok chatbot to ‘tell like it is.’ Then the Nazi tirade began - Washington Post.
Hacker uses Elmo's X account to post antisemitic rant and demand release of Epstein files - ABC News.
Elon Musk Announces Sensuous Grok AI Companion - Mashable.
Grok Rolls Out Pornographic Anime Companion, Lands Department of Defense Contract - The Rolling Stone.
Learn DMARC.
TASKMASTER SUPERMAX+.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.
Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Oppdag Premium

Prøv 14 dager gratis

Kjøp Premium

Episoder(463)

094: Rogue browser extensions, Twitter presence, and how to cheat in exams

What's the danger when browser extensions go bad? Is Twitter sharing your online status a boon for stalkers? And which of the show's hosts is going to admit to cheating in their exams?All this and muc...

5 Sep 201852min

093: Abandoned domains and dating app dangers

How do fraudsters exploit abandoned domains to steal your company's secrets? How can you better protect your privacy when looking for love online? And who has the longest arms in the animal kingdom?Al...

29 Aug 201837min

092: Hacky sack hack hack

Is your used car still connected to its old owner? Just how did Apple manage to identify the teenager hacker who stole 90GB of the firm's files? And why on earth would a firm of lawyers start producin...

22 Aug 201851min

091: Sextortion, Las Vegas hotels, and Alex Jones

Just how did sextortionists get (some) of the digits in your phone number? Why are some hackers saying they won't be going to DEF CON in Las Vegas anymore? And should Alex Jones from InfoWars be banne...

15 Aug 201848min

090: Fortnite for Android, and the FCC's DDoS BS

Fortnite players are told they'll have to disable a security setting on Android, the FCC finally admits that it wasn't hit by a DDoS attack, and Verizon's VPN smallprint raises privacy concerns.All th...

8 Aug 201836min

089: Data breaches, ransomware, Bitcoin robberies, and typewriters

Ransomware rears its head again, Dixons Carphone reveals its data breach was almost 1000% worse than they previously thought, a man is accused of stealing five million dollars worth of cryptocurrency ...

1 Aug 201844min

088: PayPal’s Venmo app even makes your drug purchases public

Websites still using HTTP are marked as "not secure" by Chrome, 85,000 Google employees haven't been phished for a year, and if you're buying drugs via PayPal’s Venmo app you should say goodbye to pri...

25 Jul 201842min

087: How Russia hacked the US election

Regardless of whether Donald Trump believes Russia hacked the Democrats in the run-up to the US Presidential election or not, we explain how they did it. And Carole explores some of the creepier thin...

18 Jul 201844min

Reklamefrie Premium-podkaster

Hør populære podkaster som Storefri med Mikkel og Herman, Ida med hjertet i hånden, Krimpodden og mye mye mer

Skap din egen podkastboble

I appen skaper du ditt eget bibliotek med favoritter, og vi gir deg også anbefalinger til podkaster du ikke kan gå glipp av.

Prøv 14 dager gratis

Dersom du er ny Podme-bruker får du 14 dager gratis prøveperiode når du oppretter abonnement

Premium

99 kr/ måned

Tilgang til alle våre Premium-podkaster
Alle podkaster fra VG, Aftenposten, BT og SA
Reklamefritt Premium-innhold
Ingen bindingstid. Avslutt når du ønsker

Prøv 14 dager gratis

Premium

129 kr/ måned

Tilgang til alle Premium-podkaster
Alle podkaster fra VG, Aftenposten, BT og SA
Reklamefritt Premium-innhold
Ingen bindingstid. Avslutt når du ønsker
En Ekstra bruker

Prøv 14 dager gratis

Populært innen Politikk og nyheter

rss-utenrikskomiteen-med-bogen-og-grasvik

Historiene og stemmene du vil høre

Ubegrenset tilgang til alle dine favorittpodkaster og lydbøker

Les mer