Accessibility Statement Skip Navigation
  • Back to Global Sites
  • +972-77-2005042
  • Blog
  • Journalists
  • GDPR
  • Send a Release
PR Newswire: news distribution, targeting and monitoring
  • News
  • Products
  • Contact
  • Hamburger menu
  • PR Newswire: news distribution, targeting and monitoring
  • Send a Release
    • Telephone

    • +972-77-2005042 from 8 AM - 11 PM IL

    • Contact
    • Contact

      +972-77-2005042
      from 8 AM - 11 PM IL

  • Request More Information
  • Journalists
  • GDPR
  • Request More Information
  • Journalists
  • GDPR
  • Request More Information
  • Journalists
  • GDPR
  • Request More Information
  • Journalists
  • GDPR

Pentera Adds Granular Testing of Ransomware Families Qilin, Play, and BlackCat to Prevent Breaches


News provided by

Pentera

15 Jul, 2026, 15:00 IDT

Share this article

Share toX

Share this article

Share toX

The three groups rank among the most evasion-capable ransomware operations active today, using techniques designed to evade the controls and detection tools most organizations rely on

BOSTON, July 15, 2026 /PRNewswire/ -- Pentera, the Exposure Validation Company, has expanded its ransomware testing capabilities, enabling organizations to run real attack scenarios based on some of the most dangerous ransomware operations in use today. Ransomware remains the primary driver of cybercrime, present in 48% of all breaches (Verizon 2026 DBIR), with leading groups increasingly difficult to detect as they sidestep traditional security controls.

Qilin, Play, and BlackCat evade detection by blending into legitimate system tools, disabling security controls at the kernel level, and compromising trusted IT vendors to reach multiple victims through a single breach. With Pentera, security teams can validate against each group's specific attack chain, from initial access through encryption.

"Stopping one ransomware family doesn't mean you can stop the next," said Amitai Ratzon, CEO of Pentera. "The groups making headlines today are built to evade the tools defending you. Even when your controls pass a compliance audit, do they hold up against how attackers actually operate? That's what Pentera answers, continuously, in your own environment."

  • Qilin — Climbed from ninth place in 2024 to the world's most active ransomware group in 2025, claiming almost a thousand victims, and opened 2026 still in front with 342 in Q1 alone. Its cross-platform encryption and kernel-level evasion are built to bypass endpoint defenses, leaving teams unable to confirm whether their controls can actually stop execution.
  • Play — Tripled its victim count in about 18 months, to 900 by May 2025, and it is still climbing, with Q1 2026 attacks up 64% over the prior quarter. It recompiles its payload for every target, so no two attacks share a signature, forcing teams to prove their defenses can catch what they have never seen before.
  • BlackCat (ALPHV) — Responsible for over 1,000 breaches and nearly $300M in ransom payments across healthcare, finance, and critical infrastructure. Though law enforcement disrupted its infrastructure in 2024, its codebase and affiliate network resurfaced under successor operations, keeping it an active threat in everything but name.

This expansion builds on Pentera's ever-growing library of ransomware and attack scenarios across internal, external, and cloud environments, giving security teams a continuous view of their exposure and how to reduce risk. Every new ransomware scenario is available to Pentera customers as part of their existing subscription, at no additional cost. Validated findings move directly into Pentera Resolve to prioritize, assign, and confirm remediation without manual handoff. With Pentera, teams measure ransomware readiness over time, close the gaps that matter most, and translate results into clear executive reporting on resilience.

About Pentera:

Pentera is the market leader in AI-powered Security Validation, equipping enterprises with the platform to proactively test all their cybersecurity controls against the latest cyber attacks. Pentera identifies true risk across the entire attack surface and automatically orchestrates remediation workflows to effectively reduce exposure. The company's security validation capabilities are essential for Continuous Threat Exposure Management (CTEM) operations. Thousands of security professionals around the world trust Pentera to close security gaps before threat actors can exploit them.

For more information, visit: pentera.io

SOURCE Pentera

Modal title

Also from this source

Pentera Appoints Yael Ben Arie as Chief Product Officer to Lead Next Phase of AI-powered Exposure Validation

Pentera, the Exposure Validation Company, appointed Yael Ben Arie as Chief Product Officer. The move follows the recent addition of Erez Yalon as VP...

Pentera Introduces MCP Server to Connect AI SecOps Workflows with Offensive Security Validation Capabilities

Pentera, the Exposure Validation Company, today announced the expansion of its AI capabilities with an MCP server that enables organizations to...

More Releases From This Source

Explore

High Tech Security

High Tech Security

Computer Software

Computer Software

Computer Software

Computer Software

Computer & Electronics

Computer & Electronics

News Releases in Similar Topics

Contact PR Newswire

  • +972-77-2005042
    from 8 AM - 11 PM IL

Global Sites

  • APAC
  • APAC - Traditional Chinese
  • Asia
  • Brazil
  • Canada
  • Czech
  • Denmark
  • Finland
  • France
  • Germany

 

  • India
  • Indonesia
  • Israel
  • Italy
  • Mexico
  • Middle East
  • Middle East - Arabic
  • Netherlands
  • Norway
  • Poland

 

  • Portugal
  • Russia
  • Slovakia
  • Spain
  • Sweden
  • United Kingdom
  • United States

Do not sell or share my personal information:

  • Submit via [email protected] 
  • Call Privacy toll-free: 877-297-8921
Global Sites
  • Asia
  • Brazil
  • Canada
  • Csezh
  • Denmark
  • Finland
  • France
  • Germany
  • India
  • Israel
  • Italie
  • Mexico
  • Middle East
  • Netherlands
  • Norway
  • Poland
  • Portugal
  • Russia
  • Slovakia
  • Spain
  • Sweden
  • United Kingdom
  • United States
+972-77-2005042
from 8 AM - 11 PM IL
  • Terms of Use
  • Privacy Policy
  • Information Security Policy
  • Site Map
  • Cookie Settings
Copyright © 2026 Cision US Inc.