Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
The Bolivarian Republic of Venezuela Announces the Initiation of a Comprehensive Public Debt Restructuring Process13.5.2026 23:08:00 EEST | Press release
The Bolivarian Republic of Venezuela announces today its decision to initiate a comprehensive restructuring of its external public debt obligations. CONTEXT & RATIONALE Over the past decade, Venezuela's economy has been severely impacted by external shocks – from the end of the commodity super-cycle to foreign sanctions and COVID-19 – resulting in a sharp economic contraction, a protracted default since 2017, and a ballooning of public sector liabilities. The country nonetheless possesses a strong economic potential, including unique hydrocarbon and mineral endowments. A recovery is underway, and Venezuela is committed to accelerating it through a comprehensive reform agenda in support of growth, fiscal sustainability, monetary stabilization, and enhanced governance. Restoring public debt sustainability is central to this agenda: the current debt overhang constrains external financing, limits public investment capacity, and prevents full re-engagement with the international financial s
Boomi Announces Intent to Acquire Lunar.dev to Deliver Governed Agent Connectivity Across the Enterprise13.5.2026 22:00:00 EEST | Press release
Boomi, the data activation company for AI, today announced it has signed a letter of intent to acquire Lunar.dev, an innovator in AI and MCP gateway. The proposed acquisition is expected to enrich the Boomi Enterprise Platform and Boomi Connect with advanced capabilities to govern and scale AI usage across enterprise systems. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260513850557/en/ Boomi Announces Intent to Acquire Lunar.dev to Deliver Governed Agent Connectivity Across the Enterprise As organizations move from AI experimentation to production, controlling how agents and AI applications interact with LLMs at scale has become critical. Lunar.dev addresses this need with an AI gateway that delivers granular, policy-driven control over AI interactions, with the visibility, security, and performance required for enterprise environments. These capabilities enable organizations to move from pilot to production with confiden
BeOne Medicines’ BEQALZI ™ (sonrotoclax) Approved by U.S. FDA as First and Only BCL2 Inhibitor for R/R Mantle Cell Lymphoma13.5.2026 20:27:00 EEST | Press release
BeOne Medicines Ltd. (“BeOne”) (Nasdaq: ONC; HKEX: 06160; SSE: 688235), a global oncology company, today announced that the U.S. Food and Drug Administration (FDA) has granted accelerated approval to BEQALZI™(bee-KAHL-zee; sonrotoclax), a foundational, next-generation BCL2 inhibitor, for the treatment of adult patients with relapsed or refractory (R/R) mantle cell lymphoma (MCL), after at least two lines of systemic therapy, including a Bruton’s tyrosine kinase (BTK) inhibitor. BEQALZI was designed to enhance BCL2 inhibition—with greater potency, selectivity, and a pharmacologic profile with potential to improve efficacy, tolerability, and convenience over others in the class. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260513542161/en/ BeOne Medicines' flagship U.S. biologics manufacturing and clinical R&D facility at the Princeton West Innovation Campus in Hopewell, N.J. Michael Wang, M.D., Global Principal Investigator
Boomi Unveils Innovations That Power the Agentic Enterprise13.5.2026 17:30:00 EEST | Press release
Boomi, the data activation company for AI, today announced a major expansion of the Boomi Enterprise Platform at Boomi World 2026, introducing new capabilities across orchestrated agentic workflows, agentic engineering, governed agent connectivity, grounded agent context, and localized agent infrastructure. Together, these innovations are designed to power the agentic enterprise — where agents and humans work together to drive action and operationalize AI at scale. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260513996223/en/ Boomi Unveils Innovations That Power the Agentic Enterprise The enterprise has reached a defining moment as AI becomes the primary interface for work and MCP emerges as the new standard. While the shift toward a headless, agentic enterprise is inevitable, this vision is colliding with skyrocketing cloud costs and trapped data. For many, layering agents onto a fragmented landscape only magnifies govern
Boomi and Couchbase Partner to Power Enterprise AI Agents with Trusted Recollection, Connectivity, and Governance13.5.2026 17:30:00 EEST | Press release
Boomi, the data activation company for AI, and Couchbase, Inc., the operational data platform for AI, today announced a partnership through which the two companies are collaborating closely to accelerate AI pilots to production. The companies will co-engineer solutions that give customers a production-ready foundation for agentic AI, combining Boomi's connectivity, runtime, and governance for AI agents with Couchbase's scalable recollection and vector capabilities. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260513350337/en/ Enterprises deploying AI agents today face a common challenge: while agents perform well in pilots, they struggle to scale due to inconsistent access to trusted context, recollection, and real-time business data. Lack of governance, auditability, and operational control drives up compute costs while diminishing productivity and revenue. “2026 is the year organizations move from AI experimentation to a
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom