Many IT teams are overwhelmed with alerts, shifting attacker behavior, and constant noise. The challenge is not access to more information. It is knowing which patterns actually matter and how today’s activity is shaping the risks ahead.
In this on-demand webinar, Livia Tibirna, Cyber Threat Intelligence Analyst at Sekoia, breaks down real attacker behavior observed over the past year and explains how these methods are continuing to evolve. She analyzes activity from state-aligned groups, ransomware operators, cybercrime networks, and hacktivist campaigns to give IT leaders a clear view of what is happening now and what is likely to persist.
Following Livia’s briefing, the Defendify team walks through how organizations are using Email Threat Defense and Managed Detection and Response to identify and contain these threats earlier, without adding more tools or increasing staff workload.
This session is designed for IT teams that want clarity, not speculation, and practical direction they can apply right away.
What You Will Learn
Attacker Behaviors That Continue to Shape Risk
A focused overview of trends based on real-world activity, including:
- State-aligned intrusion sets
- Ransomware and extortion operators
- Cybercrime-as-a-service groups
- Hacktivist activity that masks deeper intrusion attempts
How Attackers Are Breaking In
Common techniques gaining traction, including:
- Phishing kits designed to bypass multi-factor authentication
- Session hijacking and identity-based attacks
- QR code phishing
- Compromises that begin on unmanaged or personal devices
- Ransomware groups shifting toward data theft and extortion
What IT Teams Should Prioritize Moving Forward
Practical guidance for defenders, including:
- Behaviors that deserve deeper investigation
- User groups that need stronger sign-in protections
- Cloud activity patterns that signal elevated risk
- Steps that reduce account takeover attempts
