Smashing Security16 Juli 2025

Choo Choo Choose to ignore the vulnerability

In episode 426 of the "Smashing Security" podcast, Graham reveals how you can hijack a train’s brakes from 150 miles away using kit cheaper than a second-hand PlayStation.

Meanwhile, Carole investigates how Grok went berserk, which didn't stop the Department of Defense signing a contract with Elon’s AI chatbot. So who is responsible when your chatbot becomes a bigot?

Plus: Email headaches, SPF rage, and a glowing review for... Taskmaster SuperMax Plus?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

Schoolboy hacks into city's tram system - The Telegraph.
Caboose - Wikipedia.
Neil Smith discusses his findings - Twitter thread.
End-of-Train and Head-of-Train Remote Linking Protocol - CISA.
The Cheap Radio Hack That Disrupted Poland’s Railway System - Wired.
Grok, Elon Musk’s AI Chatbot, Shares Antisemitic Posts on X - The New York Times.
X ordered its Grok chatbot to ‘tell like it is.’ Then the Nazi tirade began - Washington Post.
Hacker uses Elmo's X account to post antisemitic rant and demand release of Epstein files - ABC News.
Elon Musk Announces Sensuous Grok AI Companion - Mashable.
Grok Rolls Out Pornographic Anime Companion, Lands Department of Defense Contract - The Rolling Stone.
Learn DMARC.
TASKMASTER SUPERMAX+.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.
Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Upptäck Premium

Prova 14 dagar kostnadsfritt

Skaffa Premium

Avsnitt(463)

070: Facebook and Cambridge Diabolica

It’s not fair to describe what happened at Facebook and Cambridge Analytica as a data breach - it’s much worse than that. An autonomous Uber vehicle kills a pedestrian. And sextortion continues to b...

21 Mars 201840min

069: Cryptomining, China, and Bob Ross

How come Apple's Mac App Store authorised a buggy app that mined for cryptocurrency in the background? How can a Mosquito attack steal data from an air-gapped computer? And is China keeping score on i...

14 Mars 201842min

068: Malware from outer space!

If aliens did contact us would it be safe to open the email? Why would MoviePass track film lovers after they leave the cinema? Would you know how to get around Malaysia when your car rental website ...

7 Mars 201844min

067: Cyber stalking and gun control

Incognito mode on your browser not as private as you think, consumer spyware companies get hacked, Graham is accused of "multitasking" in his hotel room, and Carole champions the students of Parkland,...

1 Mars 201835min

066: Passwords, pirates, and postcards

Flight simulators packed with password-grabbing malware, Facebook fighting Russian trolls, and how vulnerability researchers fear being sued.All this and much much more is discussed in the latest edit...

21 Feb 201839min

065: Cryptominomania, Poppy, and your Amazon Alexa

Cryptomining goes nuclear, YouTube for Kids gets scary, and TV ads have been given the green light to mess with your Amazon Alexa.All this and much much more is discussed in the latest edition of the...

15 Feb 201849min

064: So just a "teeny tiny" security issue then?

A Namecheap vulnerability allows strangers to make subdomains for your website, Troy Hunt examines password length, and ex-Google and Facebook employees are fighting to protect kids from social media ...

7 Feb 201843min

063: Carole's back!

Fitness trackers breaching your privacy, how anyone can create convincing celebrity porn, and how ransomware authors are getting ripped off by scammers.All this and much much more is discussed in the ...

1 Feb 201845min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Premium

99 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill

Prova 14 dagar gratis

Premium

129 kr/ månad

Tillgång till alla Premium-poddar
Reklamfritt premium-innehåll
Avsluta när du vill
Ett extra konto

Prova 14 dagar gratis

Populärt inom Politik & nyheter

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium