Binarly Releases Free Detection Tool for XZ Backdoor
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Université Paris-Saclay and Owkin: A Unique Alliance to Propel University Medical Research to the Top of the European Rankings Through AI20.11.2025 16:17:00 EET | Press release
Université Paris-Saclay and Owkin announce the signing of a memorandum of understanding to explore the potential of K Pro Free - Owkin’s AI co-pilot for biology - for use by Paris-Saclay. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251120130113/en/ K Pro Free will now be available to the entire Université Paris-Saclay community, and in particular teachers, researchers and doctoral students working in the biomedical sciences. The partnership includes workshops, training sessions and events designed to promote the discovery and adoption of K Pro Free, as well as the co-organization of communication and dissemination initiatives around the use of AI in health. In this way, the partnership will promote user training, but also enrich and continuously improve the co-pilot's models through feedback and use cases from the l’Université Paris-Saclay community. This partnership is part of Université Paris-Saclay’s strategy to integr
Frasca Advances Flight Training Technology with New Visual System Powered by Unreal Engine20.11.2025 16:05:00 EET | Press release
Frasca International, Inc., a FlightSafety International company and leader in flight simulation, today announced the launch of VITAL FVS 100, the next evolution of its visual system technology. Building on the proven TruVision Global platform, VITAL FVS 100 was developed using Epic Games’ Unreal Engine and delivers unprecedented realism, scalability, and innovation in pilot training. The Unreal-powered VITAL FVS 100 system introduces major advancements in visual fidelity and training realism, further enhancing the capabilities of Frasca, a leading developer of flight simulators and training devices. The new system includes physically based renderings, advanced lighting effects, and a new volumetric cloud model that creates dynamic, weather-rich environments. Terrain imagery now includes one-meter resolution coverage for the contiguous United States and Hawaii, with expanded global datasets covering European buildings and tree covered regions. Additionally, enhanced particle effects re
GigaOm Radar for Vector Databases v3 Positions Vespa.ai as a Leader and Outperformer20.11.2025 16:00:00 EET | Press release
Vespa.ai, the creator of the AI Search Platform for building and deploying large-scale, real-time AI applications powered by big data, today announced its recognition as a Leader and Outperformer in the GigaOm Radar for Vector Databases v3, marking the company’s third consecutive year being evaluated in GigaOm’s vector database research. Now in its third edition, the report compares 17 leading open source and commercial solutions using GigaOm’s structured evaluation framework. In addition to core table-stakes capabilities, the Radar reviews each vendor’s key features, emerging strengths, and broader business criteria. The shift from Sonar to Radar reflects the technology’s transition into mainstream adoption. GigaOm names Vespa.ai a leader for its ability to manage complex data, optimize results at scale, and support multimodal AI workloads. The report highlights Vespa’s native tensor support, efficient retrieval across sparse and dense vectors, and integrated ranking pipeline for deli
Hitit Empowers Airlines to Optimize Crew Leave Planning with Gurobi20.11.2025 16:00:00 EET | Press release
Gurobi Optimization, LLC, the leader in decision intelligence technology, is proud to be the solver of choice for Hitit, a leading global provider of airline and travel IT solutions. Hitit’s Crane Crew Leave Optimizer—one of the key sub-modules of Hitit’s Crane Crew solution—enables airlines to quickly generate optimal leave schedules for thousands of crew members. Powered by Gurobi’s mathematical optimization solver, the tool significantly reduces planning time while improving both operational efficiency and crew satisfaction. Among the many constraints that airlines must consider are operational requirements, business rules, crew seniority, and personal preferences. As such, manual planning efforts can often lead to inefficiencies, crew dissatisfaction, and compliance risks. After switching to Crane Crew, Hitit’s partner airlines have reported significant improvements. What once took weeks to accomplish can now be completed in as little as seconds, with leave bids submitted via a str
Myonex Appoints Greg Lavin as Chief Executive Officer20.11.2025 16:00:00 EET | Press release
Myonex®, a leading global integrated clinical trial supply solutions and commercial services company, announced today that Greg Lavin, Chief Financial Officer (CFO), will assume the role of Chief Executive Officer (CEO) effective January 1, 2026. A seasoned executive with experience in the pharmaceutical services industry, including senior roles across clinical research organizations, preclinical and laboratory services, and healthcare data analysis, Lavin succeeds James Lovett, who is retiring and will remain on the company’s board of directors to provide strategic guidance. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251120250133/en/ Greg Lavin at Myonex's Headquarters in Horsham, PA During his 6-plus years as CFO of Myonex, Lavin has worked closely with Lovett in driving its transformation from a comparator sourcing supplier to an integrated clinical trial supply and commercial packaging service provider. Prior to join
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom