Smashing Security16 Juli 2025

Choo Choo Choose to ignore the vulnerability

In episode 426 of the "Smashing Security" podcast, Graham reveals how you can hijack a train’s brakes from 150 miles away using kit cheaper than a second-hand PlayStation.

Meanwhile, Carole investigates how Grok went berserk, which didn't stop the Department of Defense signing a contract with Elon’s AI chatbot. So who is responsible when your chatbot becomes a bigot?

Plus: Email headaches, SPF rage, and a glowing review for... Taskmaster SuperMax Plus?

All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Warning: This podcast may contain nuts, adult themes, and rude language.

Episode links:

Schoolboy hacks into city's tram system - The Telegraph.
Caboose - Wikipedia.
Neil Smith discusses his findings - Twitter thread.
End-of-Train and Head-of-Train Remote Linking Protocol - CISA.
The Cheap Radio Hack That Disrupted Poland’s Railway System - Wired.
Grok, Elon Musk’s AI Chatbot, Shares Antisemitic Posts on X - The New York Times.
X ordered its Grok chatbot to ‘tell like it is.’ Then the Nazi tirade began - Washington Post.
Hacker uses Elmo's X account to post antisemitic rant and demand release of Epstein files - ABC News.
Elon Musk Announces Sensuous Grok AI Companion - Mashable.
Grok Rolls Out Pornographic Anime Companion, Lands Department of Defense Contract - The Rolling Stone.
Learn DMARC.
TASKMASTER SUPERMAX+.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

Sponsored by:

Adaptive Security - request a custom demo featuring a real CEO deepfake simulation today from adaptivesecurity.com.
Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
Trelica by 1Password - Access Governance for every SaaS app. Discover, manage, and optimize access for any of your SaaS apps - whether managed or unmanaged.

SUPPORT THE SHOW:

Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.

Become a supporter via Patreon or Apple Podcasts for ad-free episodes and our early-release feed!

FOLLOW US:

THANKS:

Theme tune: "Vinyl Memories" by Mikael Manvelyan.

Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(470)

029: Exploits to get your English teeth into

Microsoft gives us a Patch Tuesday shock, malware grows up for the Mac, and your mouse movements might reveal if you're an identity thief. All this and more is discussed in the latest edition of the ...

15 Juni 201738min

024: Reality Winner, Gordon Ramsay and a leaky bucket

Evidence of Russia hacking the US election leaks from the NSA and Reality is not a winner, confidential data is accidentally exposed in the cloud by a defence contractor, and Gordon Ramsay has a few c...

7 Juni 201738min

023: Covfefe

Hackers are blackmailing cosmetic surgery patients, and threatening to release their naked photos. A British Airways IT snafu causes travel chaos for thousands. And Germany is threatening to throw hef...

31 Maj 201740min

022: Walk this way... to defeat biometrics

The Samsung Galaxy S8 claims that its iris recognition technology provides "airtight security", but the Chaos Computer Club knows better and shows how it can be easily bypassed. Australian researchers...

24 Maj 201731min

021: WannaCry - Who's to blame?

The WannaCry ransomware has struck! But before we tackle that subject, and who we should blame for one of the highest profile malware attacks for years, we discuss how HP has been unwittingly capturin...

18 Maj 201735min

020: Phishing for Donald Trump

Gizmodo's attempt to reveal Donald Trump's administration ineptitude when it comes to cybersecurity fails to impress. Mac users are warned that the HandBrake DVD-ripping app has been compromised by ma...

10 Maj 201730min

019: The Love Bug virus

On May 4th 2000, the Love Bug virus (also known as ILOVEYOU or LoveLetter) rapidly spread around the world, clogging up email systems. Computer security veterans Graham Cluley and Carole Theriault are...

3 Maj 201729min

018: Windows is a virus. True or False?

Security firm Webroot drops a clanger when it declared Windows was malicious and borked customers' PCs, millennials are streaming a lot of movies illegally, and blackmailers are targeting members of t...

27 Apr 201730min