Monitor the dark web your supply chain with Rivanorth Oko 🛡️ 👁️ ✓ Dark web monitoring ✓ Dark web data removal ✓ Third-party risk scoring based on dark web footprint ✓ Ready to action alerts, no need for dedicated analysts See what attackers see before they strike

OSINT challenge. I may or may not have started a YouTube channel 🙈 Challenge reward -> swag

I don't know how to say this... (DEFCON Singapore)

In the last blog post of the year, we take a closer look at the Global Ransomware Group. How it operates, and the tactics it has used in the second half of 2025. buff.ly/SDcazgv

Just 4 days into the month and there appears to be a concentration of ransomware attacks in the global manufacturing sector. Threat actors like Akira, Qilin and many others have targeted over 19 manufacturing companies in just 4 days. That's more than healthcare, energy, and legal services combined. With most companies not paying ransoms (which is good but...) that means a large amount of data, including third-party data, will soon be circulating the dark web. @rivanorthSec Oko has sent out sector-specific alerts to increase vigilance and is actively monitoring third-party exposure.

Sophisticated threat actors advertise stolen access using metadata (industry, revenue, location) rather than company names. This is why Rivanorth Oko analyses metadata from thousands of dark web listings to identify when compromised access is sold. buff.ly/eQINdP2

The latest on a series of real estate cyberattacks by Radar. The data was supposed to be leaked on the 13th of November, but instead the deadline got extended to the 20th of December. A few days after that, the listings were completely removed. buff.ly/fkMCTUo

Supply chain security is becoming one of the hottest topics in cyber. The ASD's recommendations are solid, but they tend to be point-in-time, one-off checks, usually conducted only once a year. They rely heavily on trust in vendor statements, without any real way to verify them or ensure ongoing security. That’s why I built @rivanorthSec Oko. With @rivanorthSec Oko, we are bringing offensive security into the space. This gives organisations continuous, 24/7 visibility into their third parties from an attacker’s perspective, by monitoring the same places real attackers use, such as the dark web. This approach provides early warning signs, breach detection, and detailed analysis, enabling a third-party risk assessment that is more accurate than ever before. No more blind trust in compliance reports; now you can see an accurate, always up-to-date view of your third-party security posture. Comment "free trial" below if you don't trust your weakest link and want to give @rivanorthSec Oko a try.

After monitoring the threat actor's dark web leak site, Rivanorth observed that Scattered LAPSUS$ Hunters has removed Telstra as a victim. No data was published contrary to their initial claims of releasing 100GB of data if the ransom wasn't paid. rivanorth.com/blog/telstra-b…

Update: Telstra did not get hacked. Interesting turn of events and I think there is a lot to be learned from this about how threats are changing. What happened? The threat actor initially claimed to have hacked Telstra and stolen 100GB of data, threatening to release it all on the 13th (today) if the ransom wasn't paid. However, after reviewing the group's website today, I found that the threat actor has removed Telstra as a victim and no data was published contrary to initial claims made by the group. I believe there is often a lot of coverage on the initial headline news but then not much is done to follow up on the outcome of an alleged hack. In my opinion, this situation highlights the panic these threats can potentially create, even when they don't materialise. Credit where credit is due, Telstra did well in standing firm and communicating clearly. For those that have to defend against these threats, we cannot disregard these alerts but on our dark web and third party security platform @rivanorthSec Oko, initial alerts that are not backed by actual findings always get listed as low risk first. Only if confirmed does the risk get adjusted depending on what is found. Nothing is perfect but it's crucial to balance early warnings and unnecessary overreactions. At least, these are my two cents on how modern threats are evolving. Feel free to disagree 🙂

The latest on the alleged Telstra hack. We investigated the facts currently known and we found some inconsistencies in the claims made by the hacker group. We'll keep on updating the article as new information emerges. rivanorth.com/blog/telstra-b…

The threat actor "Scattered LAPSUS$ Hunters" claims to have hacked Telstra and stolen 100GB of data. This could potentially be one of Australia's major data breaches. I have reviewed the threat actor's claims and so far there is only a small sample of data released. Telstra is denying the cyber attack according to an AFR article. I guess time will tell as the whole 100GB of data is to be released on the 13th (next Monday) if the ransom isn't paid. I'll be tracking this closely. As soon as the full dataset is released, @rivanorthSec Oko will map out every third party risk and supply chain impact, so you'll know exactly where you stand.

Malware kits on the dark web lower the barrier for cyberattacks. Many malware kits are offered as subscription services, providing regular updates to bypass patched vulnerabilities and incentivise wider distribution. Learn more 👉 rivanorth.com/blog/what-are-…

Weak passwords are one of the easiest ways for cybercriminals to breach your systems. In fact, poor password hygiene remains a leading cause of credential theft, data breaches, and account takeovers. rivanorth.com/blog/strengthe…

We’re excited to announce that we've been accepted into @nvidia's Inception program! Being part of this accelerator will significantly boost the AI capabilities of our Dark Web Monitoring solution, Oko, enabling us to deliver even more powerful protection. #NVIDIAInception

Cybercriminals are constantly looking for ways to break into online accounts, and one of their favourite tactics is credential stuffing. Hackers use stolen username and password combinations from previous data breaches to try and log into accounts. rivanorth.com/blog/what-is-c…

Cybercriminals are constantly targeting businesses, leaking sensitive data, and selling it on the dark web. If your business information is compromised, it can lead to financial loss, reputational damage, and regulatory penalties. Identifying if your data is on the dark web is crucial for taking proactive security measures. Here’s how you can check and respond effectively. rivanorth.com/blog/how-to-id…

Yesterday, as part of our monthly internal hackathon at @rivanorthSec, we started playing with N8n automation. I had high hopes but it was a bit limited, especially the Python script functionality. Was hoping for more than just a tool for some sales and email automation. What has everyone else built on top of N8n?

Has your business data been exposed on the dark web? Discovering that your business data has been exposed on the dark web can be alarming for any organisation. Acting swiftly and strategically is critical to mitigate risks and protect your business. Discover practical steps to respond and protect your organisation. Read our guide: rivanorth.com/blog/what-to-d… #Cybersecurity #DarkWebMonitoring #ThreatIntelligence

Thanks to everyone who took the time to apply for a position at @rivanorthSec following this post. We are currently approaching the end of financial year here in Australia and it's crazy busy but I'll make sure to get back to each and everyone of you that has applied. I know job hunting can be very hard and frustrating. I'll try to reciprocate the time you have put into the application with replying to everyone with feedback, hopefully there will be some value in it for you. Thanks to all of you for your interest 🙏