Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Thredd Joins The Visa Agentic Ready Programme, Bringing Agent Network Readiness To Issuers Across Europe, Starting With Zilch15.7.2026 10:00:00 EEST | Press release
Thredd, the AI-first issuer processing platform, today announced it has joined the Visa Agentic Ready programme, enabling issuers across Europe to participate in agent-initiated payments without rebuilding their payments infrastructure. Consumer payments platform Zilch will be among the first issuers on the platform to enable agent-initiated payments for its cardholders. As a processor and enabler, Thredd sits at the trust layer of the payments ecosystem. By joining the programme, Thredd is ready to support Visa and its clients as the market moves into agentic commerce. Agentic commerce introduces a new type of payment initiator: An AI agent acting on a cardholder's behalf. The core payments principles do not change. Cardholder permission, issuer approval, authentication and fraud monitoring all still apply. What changes is how trust is established and enforced at the point an agent transacts. Taking a Zilch customer as an example, a cardholder might ask an AI agent to find a product w
Surgerii Robotics Announces First European Installation of the SHURUI ® Single-Port Surgical System at Vall d'Hebron University Hospital15.7.2026 10:00:00 EEST | Press release
Surgerii Robotics today announced the first European installation of its SHURUI Single-Port (SP) Surgical System at Vall d'Hebron University Hospital in Barcelona, Spain, one of Europe's leading academic medical centers. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260713209503/en/ The first pediatric procedure performed with the SHURUI SP system was a nephroureterectomy on a twelve-year-old boy whose kidney and ureter had become infected and non-functional due to multiple stones. The SHURUI SP system is CE-marked for adult and pediatric use, making it the only CE-marked single-port robotic surgical system currently indicated for pediatric procedures in Europe. The installation marks an important milestone in the international expansion of Surgerii Robotics and the introduction of the technology into a major European reference center. As part of this collaboration, Vall d'Hebron University Hospital has become the first hos
SES, Airbus and Dutch Municipality of Noordwijk to Build Satellite Optical Ground Station for EAGLE-115.7.2026 09:50:00 EEST | Press release
SES, a space solutions company, jointly with Airbus Netherlands B.V. signed a ground lease agreement with the Dutch municipality of Noordwijk for a plot at the NL Space Campus, next to the European Space Agency’s (ESA) technical center ESTeC. The facility will host a dedicated optical ground station (OGS) to communicate with the EAGLE-1 satellite and receive quantum safe keys via laser technology. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260714786947/en/ Breaking the ground of the EAGLE-1 Optical Ground Station, Municipality of Noordwijk, the Netherlands. Pictured left to right: Pim van Strien, Alderman for the Municipality of Noordwijk; Rob Postma, President and Managing Director, Airbus Netherlands; Alan Kuresevic, Managing Director, SES Techcom, SES. The station, to be built by Airbus for SES, will consist of a control room, alongside a dome housing an ultra-precise telescope to track satellites, required for the la
SINOVAC Announces Extension of Deadline to Submit Payment Instructions for Previously Declared Special Cash Dividend15.7.2026 09:00:00 EEST | Press release
Sinovac Biotech Ltd. (NASDAQ: SVA) (“SINOVAC” or the “Company”), a leading provider of biopharmaceutical products in China, today announced that it has extended the deadline for shareholders and nominee brokers to submit payment instructions relating to the Company’s previously declared special cash dividend. The Company previously announced a special cash dividend of US$55.00 per common share, payable to valid holders of the Company’s common shares as of the close of business on May 23, 2025 ET. The Company previously informed shareholders that completed instruction materials were to be submitted prior to December 31, 2025 in order to facilitate receipt of the dividend. The Company previously extended that submission deadline to June 30, 2026, and has now further extended that submission deadline to December 31, 2026. Shareholders and nominee brokers that have not yet submitted their instruction materials are reminded to do so on or before December 31, 2026 in order to facilitate paym
HY10 Selected Among the First Participants for Visa’s Infinite Private Program14.7.2026 22:46:00 EEST | Press release
HY10, the first financial and lifestyle platform built for globally mobile ultra and high-net-worth individuals, today announced it is among the first businesses selected to participate in Visa's Infinite Private program. Unveiled at the Visa Payments Forum (VPF) in Paris, the launch brings together unlimited-spend payment cards, concierge and lifestyle services into a single integrated platform, powered by Visa's trusted global payments network. The announcement comes as more than 2,000 leaders from banks, fintechs and payment providers gather at Visa Payments Forum to explore the future of commerce and premium financial services. HY10's participation underscores its position at the forefront of premium financial experiences for globally mobile entrepreneurs, investors and families. "Private banking hasn't fundamentally evolved for decades," said Erekle Tokhosashvili, Co-Founder of HY10. "The world's wealthiest individuals are still forced to piece together multiple providers for bank
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
