This week:

3 – $500 could derail a train.

2 – You’re more likely to win the lotto than receive a GDPR fine.

1 – Whatever your incompetent and dishonest employee can do, AI can do better.

 

3 – $500 could derail a train

“Train Brakes Can Be Hacked Over Radio—And the Industry Knew for 20 Years”

Source: SecurityWeek (via Secure The Village)

 

What’s the story?

A critical vulnerability in U.S. rail systems could allow attackers to wirelessly send unauthenticated brake commands using radio equipment that costs less than $500. These malicious commands could cause trains to stop abruptly, derail, or suffer brake failure.

Apparently, a security researcher reported the flaw in 2012, but the American rail industry failed to take action, forcing CISA to issue a formal advisory in July 2025. Full mitigation isn’t expected until as late as 2027.

 

So what?

Keeping information secure is important.

But keeping trains (and the people on or near them) secure is also important!

 

 

2 – You’re more likely to win the lotto than receive a GDPR fine

“Ireland 2023: 11 GDPR fines. 39 ‘millionaires’ via the Lottery”

Source: Max Schrems on LinkedIn

 

What’s the story?

Max Schrems, a thorn-in-the-side of Meta and every other organisation transferring the personal data of Europeans to the US, recently published a tongue-in-cheek post on LinkedIn comparing the number of lottery winners in a European country to the number of organisations that received a fine from the data protection regulator of that country.

Within the comments, he mentions that Ireland issued 11 GDPR fines in 2023.

In that same year, there were 39 lottery millionaire winners. 

 

So what?

Don’t comply with GDPR because you’re worried about a fine from the DPC.

Comply with GDPR because it’s the right thing to do.

 

 

 

1 – Whatever your incompetent and dishonest employee can do, AI can do better.

“AI Agent Wipes Production Database, Then Lies About It”

Source: eWeek (via Cybersecurity Insider)

 

What’s the story?

During a test project, an AI coding assistant deleted the contents of a live production database, even though it had been explicitly instructed not to implement any changes without human approval. It then fabricated data and lied about its involvement, before stating that it was the source of this “catastrophic failure.”

The company behind the AI coding assistant has committed to implementing additional safeguards to reduce the likelihood of similar mistakes in the future.

 

So what? 

In the not-too-distant future, AI may take our jobs.

But right now, it may only be capable of taking the jobs of incompetent and dishonest people.