Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Laserfiche Expands AI Data Capture with Auto-Classification to Transform Data into Business Intelligence28.1.2026 17:00:00 EET | Press release
Laserfiche — the leading SaaS provider of intelligent content management — today announced major enhancements to its AI-powered data extraction tool, Smart Fields. The update introduces automated document classification and tagging, allowing organizations to move from unstructured content to informed decisions in seconds. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260128228490/en/ Using natural language prompts instead of rigid, ruled-based OCR, Smart Fields can now identify document type — such as invoices, taxpayer identification forms, or student transcripts — and automatically apply the correct metadata template using AI. Users can also use Smart Fields to automatically add informational and security tags to files that meet certain criteria, defined using a natural language prompt. Users can capture key details, route documents, and apply the proper metadata tags instantly and at scale. “Success in today’s AI-driven
Andersen Consulting Adds Collaborating Firm HaystackID28.1.2026 16:30:00 EET | Press release
Andersen Consulting strengthens its cybersecurity and technology capabilities through a Collaboration Agreement with HaystackID, a U.S.-based provider of eDiscovery, legal data, and cyber discovery services. Founded in 2011, HaystackID works closely with law firms, corporations, and governmental agencies to manage complex, data-intensive legal matters, including civil litigation, regulatory inquiries, and internal investigations. The firm delivers end-to-end litigation support through cyber discovery, digital forensics, managed review, compliance, and information governance services, enabling clients to identify, analyze, and defensibly produce critical data. Leveraging proprietary AI-driven platforms and expert-led review teams, HaystackID supports clients across North America and Europe, including Fortune 100 companies. “As legal and regulatory environments become more data-driven and time-sensitive, we continue to evolve our litigation support capabilities, from advanced analytics a
Intersolar Africa 2026 to Position Nairobi as East Africa’s Key Hub for Solar and Energy Storage28.1.2026 16:20:00 EET | Press release
East Africa is emerging as one of the world’s most dynamic regions for solar power and battery storage. On 3–4 February 2026, Intersolar Africa will take place at the Sarit Expo Centre in Nairobi, expanding from the successful Intersolar Summit Africa in 2025 into a full international exhibition and conference. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260128955267/en/ Intersolar Africa will take place on February 3-4 in Nairobi. East Africa’s Energy Market and Opportunities Rapid population growth, industrialization, and rising electricity demand are putting pressure on power systems across East Africa. Limited generation capacity, grid instability, and high electricity costs constrain economic growth. Solar photovoltaics combined with energy storage have emerged as the most cost-effective and scalable solution to expand capacity, stabilize supply, and strengthen long-term energy security for businesses and communities
Reply and the University of Milan Launch Experimental Research on Biological Computing Based on Cortical Labs’ CL1 Platform28.1.2026 16:10:00 EET | Press release
Reply [EXM, STAR: REY] today announced the start of a collaboration with the Department of Pathophysiology and Transplantation of the University of Milan, together with the “Centro Dino Ferrari” of the University of Milan - Ospedale Policlinico, for a new research and experimental initiative in the field of biological computing. The project aims to explore innovative approaches to learning and information processing through the integration of biological systems and digital technologies. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260128715625/en/ This initiative represents the starting point of an advanced research programme aimed at exploring new computational paradigms. At the core of the initiative is the CL1 biological computer developed by Cortical Labs, an Australian biotechnology company. Unlike conventional silicon-based computing architectures, this technology leverages the processing capabilities of living human
Geoprofessionals Spend a Quarter of Their Time Managing Data and Are Increasingly Turning to AI, Reveals New Seequent Survey28.1.2026 16:00:00 EET | Press release
Seequent, the Bentley Subsurface company, says mining and civil geoprofessionals turning to AI still struggle to unlock value from increasingly complex, multisource datasets, according to its 7th Geoprofessionals Data Management Report. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260128879634/en/ Geoprofessionals spend a quarter of their time managing data and are increasingly turning to AI, reveals new Seequent survey. The global report, based on a survey of more than 1,000 geoprofessionals worldwide, highlights teams grappling with complex datasets across multiple software platforms, unmanaged historical data, and significant time spent on routine data administration. Angela Harvey, Chief Customer Officer, Seequent, said: ‘According to the report findings, geoprofessionals on average spend over a quarter of their time on data management. They are actively seeking to harness the information it contains for competitive ad
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom