Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Burjeel Holdings Prices First MENA Healthcare Sukuk Since 2018, 3.2x Oversubscribed25.6.2026 20:31:00 EEST | Press release
Burjeel Holdings, a leading super-specialty healthcare group in the GCC listed on the Abu Dhabi Securities Exchange, priced its inaugural USD 500 million Regulation S 5-year senior unsecured Sukuk offering due 2031 under its newly established USD 1.5 billion Senior Unsecured Sukuk Programme. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260625449702/en/ Burjeel Holdings’ inaugural Sukuk was priced at a 7.000 % profit rate and a yield of 7.125% (Photo: AETOSWire) The offering attracted significant demand from high-quality international and regional investors, with the orderbook peaking at USD 1.6 billion, representing 3.2x oversubscription. The strength of the orderbook enabled Burjeel to tighten pricing from initial price thoughts in the mid-7% area, with the Sukuk priced at a 7.000% profit rate and a yield of 7.125%, representing the lowest 5-year yield by a GCC-based private non-investment grade corporate issuer since 202
Fossil Fuels Are a Thing of the Past; The Future Is Renewable: The Smarter E Europe Concludes With a Clear Message25.6.2026 20:03:00 EEST | Press release
Packed halls, a vibrant atmosphere and a buzzing vibe – after three days, The smarter E Europe 2026, Europe’s largest alliance of exhibitions for the energy industry, has come to a successful close. The event held at Messe München offered a glimpse of a future-oriented energy world powered by renewables. A strong signal with a clear message went out to the world from the Bavarian capital: The future is renewable. Renewable energies can help ensure a reliable, secure and cost-effective energy supply around the clock, seven days a week. A total of 2,650 exhibitors from 52 countries – many of whom had expanded their booth space compared with the previous year – demonstrated how this can work. More than 66 percent of exhibitors were from outside of Germany. They presented innovative and market-ready products ranging from virtual power plants, smart grid and load control, smart charging solutions, storage technologies and PV hybrid systems to digital platforms transparently and flexibly.The
HeyGen Doubles to $200M ARR in Eight Months on the Rise of Identity-First AI Video25.6.2026 19:02:00 EEST | Press release
HeyGen, the identity-first AI video platform, today announced it has surpassed $200 million in annual recurring revenue, doubling in eight months. The milestone reflects a rapid shift in how individuals, small businesses, and enterprises adopt AI video: as a scalable layer for human communication across languages, formats, and audiences. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260625305891/en/ HeyGen passes $200M in ARR HeyGen's community now spans more than 30 million users in 196 countries and 175+ languages & dialects, from solopreneurs creating professional social videos for the first time to 85% of the Fortune 100 — who together have created more than 118 million videos. That growth has come with rare capital efficiency: HeyGen generates roughly $2.70 in ARR for every dollar of equity capital raised, making it one of the most capital-efficient venture-backed AI companies in the world. "Crossing $200 million in AR
Amazfit Brings Interactive iOS Notifications to Select Smartwatches in Europe25.6.2026 17:50:00 EEST | Press release
Amazfit, a leading global smart wearable brand owned by Zepp Health, today announced its support of iOS Notification Forwarding, a new Beta feature that provides eligible iPhone users in the European Union with a more complete notification experience on select Amazfit smartwatches. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260625552705/en/ Amazfit brings interactive iOS notifications to select smartwatches in Europe, allowing users to interact with supported notifications directly from their watch. The feature goes beyond basic notification alerts, allowing users to interact with supported notifications directly from their watch. Depending on the notification type, users may be able to reply to messages, complete quick actions such as Mark as Read or Call Back, and view supported images from camera, doorbell and other alerts. iOS Notification Forwarding will initially be available on: Amazfit Cheetah 2 Ultra Amazfit Bal
Quorum Software Acquires Streamba to Extend Leadership as the AI Platform for the Energy Value Chain25.6.2026 17:35:00 EEST | Press release
Quorum Software, a global leader in energy software, today announced the acquisition of Streamba, an AI-native supply chain platform purpose-built for energy. This acquisition advances Quorum's position as the AI platform for the energy industry — embedding intelligent, real-time orchestration across upstream, midstream, measurement, SCADA and supply chain. For the first time, energy operators can connect planning, execution and back office in a single, AI-powered system. Quorum has built a comprehensive energy software platform through sustained innovation and strategic acquisitions, spanning planning, production operations, measurement, accounting, hydrocarbon management and logistics. Streamba’s Visibility, Orchestration and Response (VOR) platform adds a centralized operational intelligence layer that unifies data, workflows and cross-functional teams across the supply chain—surfacing what matters, enabling rapid response to disruptions and progressively shifting coordination from
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom