Data Security Decoded16 Joulu 2025

The Hidden Risk in Your Stack

In this episode of Data Security Decoded, host Caleb Tolin sits down with Hayden Smith, CEO of Hunted Labs, as he breaks down how software supply chain attacks really work, why open source dependencies create unseen exposure, and what modern threat actors are doing to exploit trust at scale. Caleb and Hayden dive deep into real-world attacks, emerging TTPs, AI-powered threat hunting, and what organizations must do today to keep pace. Listeners walk away with a clear picture of the problem—and a practical blueprint for reducing supply chain risk. What You’ll Learn How modern attackers infiltrate open source ecosystems through fake accounts and counterfeit package contributions. Why dependency chains dramatically amplify both exposure and attacker leverage. How to use threat intelligence and threat hunting to proactively evaluate upstream packages before adoption. Where AI-powered code analysis is changing the ability to discover hidden vulnerabilities and suspicious patterns. Why dependency pinning, SBOM discipline, and continuous monitoring now define a strong supply chain posture. Episode Highlights 00:00 — Welcome + Why Software Supply Chain Risk Matters 02:00 — Hayden’s Non-Cyber Passion + Framing Today’s Topic 03:00 — Why Open Source Powers Everything—and Why That Creates Exposure 06:00 — The Real Attack Vector: Contribution as Initial Access 08:00 — Inside the Indonesian “Fake Package” Campaign 10:30 — How to Evaluate Code + Contributor Identity Together 12:00 — Threat Hunting and AI-Enabled Code Interrogation 15:00 — The Challenge of Undisclosed Vulnerabilities in Widely Used Components 16:30 — How Recovery Works When Malware Is Already in Your Stack 19:00 — Continuous Monitoring as the Foundation of Modern Supply Chain Security 22:00 — Pinning, Maintainer Analysis, and Code Interrogation Best Practices 24:00 — Where to Learn More About Hunted Labs Episode Resources Hunted Labs — https://huntedlabs.com Hunted Labs Entercept Hunted Labs “Hunting Ground” research blog Open Source Malware (Paul McCarty)

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(54)

Running the Inverted Offensive Campaign with Adam Karcher

What happens when the adversary’s dwell time is measured in years, but your defense is measured in tickets? Adam Karcher, FBI Supervisory Special Agent, Cyber Division, and a member of the Bureau’s AI...

26 Touko 35min

Protecting the Neglected: Measuring County Cyber Risk with Dr. Ido Sivan Sevilla

Dr. Ido Sivan Sevilla joins host Caleb Tolin⁠⁠⁠ to break down battlefield stories from a massive analysis of over 3,000 local government entities. Dr. Sivan Sevilla, who serves as an Assistant Profess...

19 Touko 26min

The Terrorist Designation: A New Red Line for Ransomware with Cynthia Kaiser

In this episode, host⁠ ⁠Caleb Tolin⁠⁠ explores the battlefield of enterprise defense, which has moved from simple data theft to ultra heinous crimes that put patient outcomes at risk. Guest⁠ ⁠Cynthia ...

5 Touko 29min

The Three-Layer Strategy for Autonomous Agent Governance with Joe Hladik and Amit Malik

The race for AI dominance has created a dangerous imbalance between business velocity and cyber resilience. In this episode, host Caleb Tolin is joined by Joe Hladik, Head of Rubrik Zero Labs, and Sta...

21 Huhti 32min

Detecting Adversary Intent: Analyzing Behavioral Tells in Admin Logs with Allison Wikoff

Adversaries are already logging into your network using your own admin credentials. In this episode, Caleb Tolin sits down with Allison Wikoff to move past the identity clichés and analyze the specifi...

14 Huhti 20min

Downtime in Healthcare is Fatal: Achieving Resilience in Health & Life Sciences

Cybersecurity in healthcare is undergoing a critical shift. What was once viewed as a back-office IT concern is now directly tied to patient safety and clinical outcomes. In this episode of Data Secur...

7 Huhti 25min

AI Takes Over RSAC Conference (Now What?) with Dave Bittner.

In this RSAC Conference recap, Dave Bittner, Host of The CyberWire Daily, joins Data Security Decoded host Caleb Tolin from the guest seat to unpack the biggest theme dominating the conference: artifi...

31 Maalis 16min

Your Backups Are Talking — Are You Listening?

Security teams spend enormous effort chasing the latest threats, yet often overlook one of the most revealing sources of truth already in their environment: backups. In this episode of Data Security D...

17 Maalis 17min