On this week's show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire's lawn and ends with Grok happily doxxing real people, mapping out stalking "strategies," and handing out revenge-porn tips.
Then we go inside the Louvre heist, where thieves in hi-vis and a hire van waltzed off with the French crown jewels in broad daylight, exploiting our assumptions about what "looks normal" - the same kind of bias we’re now baking into security AIs.
Plus, Graham chats with Rob Edmondson from CoreView about why misconfigurations and over-privileged accounts can make Microsoft 365 dangerously vulnerable.
All this, and more, in episode 447 of the "Smashing Security" podcast with Graham Cluley, and special guest Jenny Radcliffe.
EPISODE LINKS:
- Khashoggi widow files complaint in France alleging Saudi government infected devices with spyware - The Record.
- US Posts $10 Million Bounty for Iranian Hackers - Security Week.
- Infostealer has entered the chat - Kaspersky.
- Dave Portnoy posts a photo of his lawn (including a manatee-shaped mailbox) - Twitter.
- Elon Musk’s Grok AI Is Doxxing Home Addresses of Everyday People - Futurism.
- Elon Musk’s Grok Is Providing Extremely Detailed and Creepy Instructions for Stalking - Futurism.
- How the Louvre thieves exploited human psychology to avoid suspicion – and what it reveals about AI - The Conversation.
- Outrageous (TV series) - Wikipedia.
- Outrageous trailer - YouTube.
- Man charged with theft after allegedly swallowing Fabergé pendant in jewellery store - The Guardian.
- Free Microsoft 365 Tenant Security Scanner - CoreView.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
SPONSORS:
- Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Horizon3.ai - Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.
- CoreView - Benchmark your Microsoft 365 tenant security against the Center for Internet Security (CIS) controls.
SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!
FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.
THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
ENJOYED THE SHOW?
Make sure to check out our sister podcast, "The AI Fix".
Privacy & Opt-Out: https://redcircle.com/privacy