Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Kinaxis Introduces Forward Deployed Engineering to Help Enterprises Turn Decisions into Outcomes2.6.2026 14:01:00 EEST | Press release
Kinaxis® Inc. (TSX:KXS), a global leader in supply chain planning and orchestration, today introduced Forward Deployed Engineering (FDE), a new engagement model designed to help enterprises operationalize AI and translate decisions into measurable business outcomes. FDE reflects the broader Kinaxis vision for operational orchestration, an approach that coordinates signals, decisions, actions and learnings across the business fast enough to change outcomes. The opening keynote at Kinexions, the company’s global customer conference, delivered by CEO Razat Gaurav will be livestreamed globally on June 2 @ 11:30 am EST via LinkedIn Live. This approach combines a unified data foundation with semantic intelligence that understands the relationships, dependencies, and trade-offs that shape enterprise operations. Together, these capabilities help organizations move beyond isolated decision-making to coordinated execution, connecting data, systems, teams, and actions across the enterprise. Tradi
NIQ Launches Product Intelligence to Power AI-Driven Commerce2.6.2026 14:00:00 EEST | Press release
NielsenIQ (NYSE: NIQ) today announced the launch of NIQ Product Intelligence, a new solution designed to help retailers and brands transform fragmented product data into structured, interoperable intelligence that fuels AI-driven commerce. As AI increasingly shapes how consumers discover, evaluate, and purchase products, the quality and completeness of product data have become a defining competitive advantage. In AI-mediated commerce environments, products that lack structured, enriched, and machine-readable data risk becoming invisible to recommendation engines, AI assistants, and autonomous purchasing agents. NIQ Product Intelligence addresses this challenge by creating a unified product intelligence layer that standardizes attributes, resolves product identity across systems, and enriches product data at scale, enabling AI systems to better understand, match, recommend, and surface products across digital and physical commerce channels. For example, a traditional keyword search may
comforte Launches TAMUNIO Assure to Modernize HPE Nonstop Cryptography for the Post-Quantum Era2.6.2026 11:10:00 EEST | Press release
comforte AG, a global leader in data-centric security for HPE Nonstop environments, today announced the launch of TAMUNIO Assure, a purpose-built solution for HPE Nonstop that helps organizations modernize cryptographic security without application rewrites or disruption to mission-critical systems. TAMUNIO Assure helps organizations enhance SSH & SSL/TLS security, centralizing keys, credentials, certificates, and secrets, and automating certificate and key lifecycle management across HPE Nonstop systems. The result is stronger security, more cost-effective operations, and a quantum-safe security posture without rewriting critical applications or introducing high-risk platform changes. The crypto operating model for HPE Nonstop is changing HPE Nonstop systems power some of the world’s most demanding transaction environments, including payment networks and financial infrastructure, where continuous availability is essential. As security and compliance requirements evolve, organizations
NIPPON KINZOKU Launches Sample Supply of “Internally Polished Capillary Tubes” for High-Performance Analytical Instruments2.6.2026 11:01:00 EEST | Press release
NIPPON KINZOKU CO., LTD. (TOKYO: 5491) (Headquarters: Minato-ku, Tokyo) announces the launch of a sample supply system for its "Internally Polished Capillary Tubes." This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260602111592/en/ Cross-section of the tube after polishing These tubes feature significantly enhanced internal smoothness in ultra-small sizes, realized through the development of the company’s proprietary internal polishing technology. We are currently proceeding with the design and construction of manufacturing equipment, aiming for mass production within fiscal year 2027. Background: Rising Demand for "Ultra-Small Diameter x Ultra-Smooth Internal Surfaces" We have previously developed high-precision, small-diameter tubes made of austenitic stainless steel with an internal diameter (ID) of 0.50mm and internal surface roughness of ≤ 0.5μm, which have been highly evaluated across various industries. In recent years,
OPEX ® Honored with Warehouse Automation Solution of the Year Award for First-of-its-Kind Cold Storage Solution2.6.2026 11:00:00 EEST | Press release
OPEX® Corporation, a global leader in Next Generation Automation providing innovative solutions for warehouse, document and mail automation, has been honored by Logistics Matters magazine with the 2026 Warehouse Solution of the Year Award. OPEX was recognized for the company’s first-of-its-kind, multi-temperature zone, multi-deep cold storage solution for automated warehouse fulfillment systems, enabled through a strategic technology partnership with cold chain commerce innovator Peltier. The collaboration introduced advanced, multi-temperature capabilities to OPEX’s industry-leading Perfect Pick® and Infinity® automated storage and retrieval systems (AS/RS) through the addition of the Peltier Tote™. “We’re deeply honored to receive such distinguished recognition by Logistics Matters magazine,” said Monty McVaugh, Head of Product, Warehouse Automation, OPEX. “By integrating Peltier’s tote technology into the existing framework of Perfect Pick and Infinity, OPEX can deliver a flexible,
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom