Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Notice of Multi-Color First Quarter 2026 Financial Results Conference Call4.6.2026 06:56:00 EEST | Press release
Multi-Color Corporation (“MCC”) First Quarter 2026 Financial Results Conference Call covering MCC’s performance for the quarter ending March 31, 2026. When: Monday, June 8th at 10:00 A.M. EDT Leaders: Hassan Rmaile, President & CEO and Kathleen Phelps, CFO Access: Existing and prospective investors can gain access to the investor data site (“Data Site”) by following the instructions section 2 below. If you previously had access to the investor data site then no action is needed as your access remains in place. Please submit access requests to the email address listed below in section 2 by 5pm ET Friday, June 5th. The live link to the first quarter 2026 financial results call will be posted to the investor data site. Investor Data Site Access Instructions: 1. Data site access Common Unit, Preferred Unit and Warrant holders of Labels Buyer, LLC (“Company”), holders of notes issued by Multi-Color Corporation and MCC Manufacturing, Inc. (collectively, the “Issuers”) and prospective investo
Kyrgyzstan’s National Interbank Processing Center Partners With Alipay+ to Launch International QR Payments4.6.2026 05:00:00 EEST | Press release
With the support of the National Bank of Kyrgyz Republic, Interbank Processing Center (IPC), Kyrgyzstan’s national payment system operator, and Alipay+, Ant International’s unified wallet gateway, have launched international QR payments for users of the ELCARD Mobile app. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260603760762/en/ (L-R) Altymysh Turatbekov, Chairman of the National Interbank Processing Center; Pan Yan, Head of Strategic Partnership for Alipay+, Ant International The launch was officiated by the Chairman of the National Bank of the Kyrgyz Republic. Almaz Baketaev, Chairman of the National Bank of the Kyrgyz Republic, said: “Our colleagues from IPC together with Alipay+ launched this project last year, and today we are bringing it into practice. Our citizens now have access to a payment system covering merchants worldwide. Wherever they are, they can make payments in any currency easily and without any com
Murata Introduces World’s First 2.2μF/100Vdc Soft-Termination Chip MLCC in 0805-inch Size for Automotive Applications4.6.2026 05:00:00 EEST | Press release
Murata Manufacturing Co., Ltd. (TOKYO: 6981) (ISIN: JP3914400001) introduces the GCJ21BD72A225KE02, a soft-termination chip multilayer ceramic capacitor (MLCC) for automotive powertrain and safety equipment. This world's first soft-termination chip MLCC product achieves the highest available capacitance of 2.2μF at 100Vdc in the smallest 0805-inch (2.0×1.25mm) size*. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260603192945/en/ [Murata Manufacturing Co., Ltd.] 2.2µF/100Vdc Soft-Termination Chip MLCC in 0805-inch Size for Automotive Applications As vehicle electrification accelerates and autonomous driving (AD) and advanced driver-assistance systems (ADAS) grow more sophisticated, engineers face increasing pressure to pack more functionality into tighter board spaces. The wider adoption of 48V power systems further demands components that combine high capacitance, high voltage tolerance, and a small footprint. At the same t
Megaport Launches Storage, Unifying Its Automated Infrastructure Platform Alongside Compute and Network Offerings4.6.2026 01:47:00 EEST | Press release
Megaport Limited (ASX: MP1) (“Megaport”), a leading global automated infrastructure platform, today announced the launch of Megaport Storage, expanding its platform to deliver integrated compute, network, and storage services. Megaport Storage integrates high-performance, enterprise cloud storage directly into the Megaport Network and Latitude.sh compute platform, giving enterprises a unified foundation that covers the three key pillars of IT infrastructure: compute, network, and storage. The launch marks a culminating step in Megaport’s evolution, delivering predictable costs, seamless scalability, and direct data access wherever customers operate. “With the launch of Megaport Storage, we’re not just connecting your cloud anymore; we’re providing the foundation for it,” said Michael Reid, CEO of Megaport. “By aligning storage needs directly with workload requirements on our global ecosystem, we’re combining the performance of dedicated infrastructure with the scalability and flexibili
C.H. Robinson Launches World's First AI Technology That Continually Assesses, Improves and Operates Global Supply Chains3.6.2026 19:00:00 EEST | Press release
As the global leader in Lean AI supply chains, C.H. Robinson has built the first AI technology designed to both operate a shipper’s global supply chain and also continuously assess and improve its performance. Now serving the company’s 4PL Managed Solutions customers, a new Lean AI Engineer works in concert with the Lean AI Planner introduced last year to create one connected system that uniquely enhances a supply chain as it runs. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260520874794/en/ The Lean AI Engineer can assess an entire supply chain in 25 to 30 minutes and determine improvements before performance is impacted – compared to supply chain assessments that typically take up to four weeks and look backward at what has happened instead of what should happen. While the Lean AI Engineer delivers intel, the Lean AI Planner manages shipments through hundreds of interconnected AI agents and in turn feeds more data back
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom