On this week’s show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire’s lawn and ends with Grok happily doxxing real people, mapping out stalking “strategies,” and handing out revenge-porn tips.
Then we go inside the Louvre heist, where thieves in hi-vis and a hire van waltzed off with the French crown jewels in broad daylight, exploiting our assumptions about what “looks normal” – the same kind of bias we’re now baking into security AIs.
Plus, Graham chats with Rob Edmondson from CoreView about why misconfigurations and over-privileged accounts can make Microsoft 365 dangerously vulnerable.
All this, and more, in episode 447 of the “Smashing Security” podcast with Graham Cluley, and special guest Jenny Radcliffe.
Smashing Security #447:
Grok the stalker, the Louvre heist, and Microsoft 365 mayhem
Host:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Guest:
Jenny Radcliffe:
/ jenny-radcliffe-the-people-hacker
Episode links:
- Khashoggi widow files complaint in France alleging Saudi government infected devices with spyware – The Record.
- US Posts $10 Million Bounty for Iranian Hackers – Security Week.
- Infostealer has entered the chat – Kaspersky.
- Dave Portnoy posts a photo of his lawn (including a manatee-shaped mailbox) – Twitter.
- Elon Musk’s Grok AI Is Doxxing Home Addresses of Everyday People – Futurism.
- Elon Musk’s Grok Is Providing Extremely Detailed and Creepy Instructions for Stalking – Futurism.
- How the Louvre thieves exploited human psychology to avoid suspicion – and what it reveals about AI – The Conversation.
- Outrageous (TV series) – Wikipedia.
- Outrageous trailer – YouTube.
- Man charged with theft after allegedly swallowing Fabergé pendant in jewellery store – The Guardian.
- Free Microsoft 365 Tenant Security Scanner – CoreView.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Horizon3.ai – Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.
- CoreView – Benchmark your Microsoft 365 tenant security against the Center for Internet Security (CIS) controls.
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Join Smashing Security PLUS for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
