Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Bureau Veritas Acquires Lotusworks, Reinforcing Its Position in Data Centers and Entering the Semiconductor Sector; This Establishes a New c.Eur 300 Million Growth Platform6.4.2026 21:00:00 EEST | Press release
Bureau Veritas, a global leader in Testing, Inspection, and Certification services (TIC), announces that it has signed an agreement to acquire Lotusworks, a global leader in mission‑critical assets commissioning and quality assurance and control. This strategic move will uniquely position the Buildings & Infrastructure Product Line to benefit from AI-driven construction investments. Headquartered in Ireland, Lotusworks is a leading provider of commissioning, quality assurance and quality control, calibration, maintenance, and construction management services for mission‑critical facilities for semiconductors manufacturers and data center owners. The Company operates in the United States and Europe, and employs 750 people including highly skilled experts, serving a diversified base of blue‑chip global clients, including hyperscalers and semiconductor manufacturers. Lotusworks’ activity is supported by long‑term frameworks, a strong multi‑year backlog, and recurring technical services in
Svante & Meadow Lake Tribal Council Partnership Agrees to Sell Microsoft 626,000 Tonnes of Carbon Removal Credits6.4.2026 18:00:00 EEST | Press release
Svante Technologies Inc. (Svante) and Meadow Lake Tribal Council (MLTC) announced today that North Star Carbon Solutions LP has entered into an offtake agreement with Microsoft to deliver 626,000 tonnes of durable carbon dioxide removal (CDR) credits to be delivered over 15 years from the North Star bioenergy with carbon capture and storage (BECCS) project in Saskatchewan, Canada. The project is being developed through a partnership between MLTC and Svante and will be co-located at the MLTC Bioenergy Centre in Meadow Lake. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260406630377/en/ As part of the project, a new carbon capture plant will be established at the MLTC Bioenergy Centre, a renewable power generation facility supplied by sustainable waste biomass from the adjacent sawmill owned by MLTC and other local forest product mills. The new plant will be owned by North Star Carbon Solutions LP, a partnership between MLTC
Textron Aviation Names Five 2026 Top Hawk Recipients as Program Enters Its Second Decade of Workforce Impact6.4.2026 18:00:00 EEST | Press release
Textron Aviation Inc., a Textron Inc. (NYSE:TXT) company, today announced Brazos Valley Flight Services, Executive Air Taxi Corporation, Fairmont State University, Sterling Flight Training and Victors Aviation as its 2026 Top Hawk program recipients, continuing a legacy that has placed 55 factory-new Cessna Skyhawks in training environments since the program launched in 2015. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260402481685/en/ Factory-new Cessna Skyhawks (Model 172) to take flight as Textron Aviation names five 2026 Top Hawk recipients—helping train the next generation of pilots Now entering its second decade, Top Hawk is one of the industry’s longest‑running manufacturer‑school partnerships. Designed to support aviation workforce development, the program loans custom‑branded, factory‑new Skyhawks to selected organizations for one year, giving students access to the world’s most popular training aircraft and help
The Spectrum of Global Cinema Unfolds in Jeonju: The 27th JEONJU International Film Festival6.4.2026 16:23:00 EEST | Press release
The 27th JEONJU International Film Festival (JIFF) is set to run from April 29 to May 8 in Jeonju, featuring 237 movies from 54 countries. Jeonju—the most authentic Korean city and a prominent tourist destination in Asia known for its tradition and cuisine—will host this year’s film festival under the slogan “Beyond the Frame.” This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260406890043/en/ The 27th JEONJU International Film Festival will take place from April 29 to May 8 in Jeonju (Image: JEONJU CITY) Opening the 27th edition will be Kent Jones’s “Late Fame,” while the film “The Longest Night: Namtaeryong” directed by Kim Hyun-ji will close the festival. In addition, a special program honors the late Korean actor Ahn Sung-ki, who passed away last year. Titled “Special Focus: Ahn Sung-ki’s Memorable Films Yet Rarely Seen,” it showcases seven of his films to pay tribute to a distinguished acting career defined by ceaseless ar
Enry’s Island Unveils “Enry’s Island Adventures”: Venture Capital Becomes a Videogame and Launches the “Strap” Movement on Kickstarter3.4.2026 10:47:00 EEST | Press release
Enry’s Island SpA (WBAG: EIOS), the world’s first publicly traded Venture Builder, today announced the upcoming Kickstarter launch of Enry’s Island Adventures (EIA), developed by its New York-based portfolio company, Enry’s Island Adventures LLC. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260402548535/en/ The game is designed to make venture capital accessible to new generations, transforming startup creation into an engaging and social gaming experience. After three years of R&D, EIA introduces a "bleisure" model (business + leisure): players learn to launch and manage startups through gameplay that includes real business KPIs, a customizable and evolving personal island, synchronous and asynchronous multiplayer modes, social events, and community-driven seasonal missions. The “VC revolution”: teaching and democratizing through play "I agree with Elon Musk that the best way to teach is through a video game, and this is
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom