Smashing Security podcast #447: Grok the stalker, the Louvre heist, and Microsoft 365 mayhem
On this week’s show we learn that AI really can be a stalker’s best friend, as we explore a strange tale that starts with a manatee-shaped mailbox on a millionaire’s lawn and ends with Grok happily doxxing real people, mapping out stalking “strategies,” and handing out revenge-porn tips.
Then we go inside the Louvre heist, where thieves in hi-vis and a hire van waltzed off with the French crown jewels in broad daylight, exploiting our assumptions about what “looks normal” – the same kind of bias we’re now baking into security AIs.
Plus, Graham chats with Rob Edmondson from CoreView about why misconfigurations and over-privileged accounts can make Microsoft 365 dangerously vulnerable.
All this, and more, in episode 447 of the “Smashing Security” podcast with Graham Cluley, and special guest Jenny Radcliffe.
Host:
Graham Cluley:
@grahamcluley.com
@[email protected]
/ grahamcluley
Guest:
Jenny Radcliffe:
/ jenny-radcliffe-the-people-hacker
Episode links:
Sponsored by:
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Horizon3.ai – Get an autonomous pentest demo and see your network the way attackers do. Visit Horizon3.ai.
- CoreView – Benchmark your Microsoft 365 tenant security against the Center for Internet Security (CIS) controls.
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Join Smashing Security PLUS for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
About Author
