Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
VerSprite Launches Fork and Knife: AI-Driven Threat Modeling and Adversarial Testing Built for the Speed of Modern Software27.6.2026 00:28:00 EEST | Press release
VerSprite, a global leader in risk-based threat modeling and the firm behind the PASTA (Process for Attack Simulation and Threat Analysis) methodology, today announced the general availability of Fork (www.forktm.com), a continuous application threat modeling platform, alongside Knife, an AI-led, human-on-the-loop adversarial testing platform for web applications and web API endpoints. Together, the two products operationalize a new model for product security—one where applications are securely designed, continuously modeled, and actively tested as part of the build process itself. The launch addresses a problem every security leader knows but few tools have solved: threat modeling is essential, never more so than in an AI-driven era, yet it has remained slow, manual, and anchored to frameworks designed for a different threat landscape. The problem: threat modeling matters more than ever—and most tools are stuck in 2005 For two decades, application threat modeling has leaned heavily on
Venture Global Announces Closing of $1.5 Billion Senior Secured Vessel Financing Facility26.6.2026 23:30:00 EEST | Press release
Venture Global, Inc. (NYSE: VG) announced today that its wholly-owned subsidiary, Venture Global Shipping Holdings, LLC (“VGSH”), has entered into a Credit and Guaranty Agreement providing for a senior secured term loan facility (the “Facility”) in an aggregate principal amount of up to $1,500,000,000. The Facility will mature on June 26, 2032. Deutsche Bank and ING acted as coordinating lead arrangers for the Facility. ING also serves as facility agent and security trustee. VGSH intends to use the net proceeds from the Facility for general corporate purposes, including to reimburse Venture Global LNG, Inc. for payments previously made by it or its affiliates in connection with the acquisition of nine LNG carriers, funding certain reserve accounts, and paying transaction fees and expenses. About Venture Global Venture Global is an American producer and exporter of low-cost U.S. liquefied natural gas (“LNG”) with over 100 MTPA of capacity in production, construction, or development. Ven
Capco Recognized by OpenAI for Innovation and Responsible AI Leadership26.6.2026 21:00:00 EEST | Press release
Global management and technology consultancy Capco, a Wipro company,has been recognized by OpenAI for both AI innovation and responsible AI leadership. Capco received the AI Governance & Risk Excellence Award at the recent OpenAI Partner Summit 2026 in San Francisco, highlighting Capco’s ability to deliver enterprise-grade AI outcomes in highly regulated environments. The award recognizes Capco’s expert advantage when helping financial services and energy organizations to scale AI with confidence, balancing innovation with strong governance to reduce risk, strengthen compliance and improve customer outcomes. This award follows Capco winning the OpenAI Codex Hackathon, where its UK AI Lab competed against more than 30 teams and over 100 participants from across the OpenAI partner ecosystem. Capco's winning entry Sentra – a consulting-led, AI-powered retail banking solution – uses digital twin technology to identify vulnerable customers and recommend explainable next-best actions for fro
Incyte Announces Positive CHMP Opinion for Opzelura ® (ruxolitinib) Cream for the Treatment of Adults with Moderate Atopic Dermatitis26.6.2026 14:30:00 EEST | Press release
Incyte (Nasdaq: INCY) today announced that the Committee for Medicinal Products for Human Use (CHMP) of the European Medicines Agency (EMA) has issued a positive opinion recommending the approval of Opzelura® (ruxolitinib) cream for the treatment of moderate atopic dermatitis (AD) in adult patients for whom topical corticosteroids (TCSs) and topical calcineurin inhibitors (TCIs) are inadequate or inappropriate. “AD is a chronic skin condition that can have a significant impact on daily life. The positive CHMP opinion for Opzelura marks meaningful progress toward bringing the first non-steroidal topical JAK treatment option to adults in Europe with moderate AD for whom standard topical therapies have failed,” said Lee Heeson, Executive Vice President and Head of Incyte International. “If approved by the European Commission, Opzelura could help address an important gap for patients who have limited treatment options when TCSs and TCIs are inadequate or inappropriate.” The positive CHMP o
Datroway ® Recommended for Approval in the EU by CHMP as First-Line Treatment for Patients with Metastatic Triple Negative Breast Cancer Who Are Not Candidates for Immunotherapy26.6.2026 14:00:00 EEST | Press release
Datroway® (datopotamab deruxtecan) has been recommended for approval in the European Union (EU) as monotherapy for the first-line treatment of adult patients with unresectable or metastatic triple negative breast cancer (TNBC) who are not candidates for PD-1/PD-L1 inhibitor therapy. Datroway is a specifically engineered TROP2 directed DXd antibody drug conjugate (ADC) discovered by Daiichi Sankyo (TSE: 4568) and being jointly developed and commercialized by Daiichi Sankyo and AstraZeneca (LSE/STO/NYSE: AZN). The Committee for Medicinal Products for Human Use (CHMP) of the European Medicines Agency (EMA) based its positive opinion on results from the TROPION-Breast02phase 3 trial, which werepresented at the 2025 European Society for Medical Oncology Congress and published in Annals of Oncology. The recommendation will now be reviewed by the European Commission, which has the authority to grant marketing authorizations for medicines in the EU. In TROPION-Breast02, Datroway demonstrated a
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom