Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
FPT Achieves SAP® Silver Partner Status in the SAP® PartnerEdge® Program, Expanding SAP Capabilities for European Enterprises30.6.2026 09:00:00 EEST | Press release
FPT announced today that it has achieved SAP silver partner status in the SAP® PartnerEdge® program, recognizing the company's proven customer success, differentiated SAP offerings, and ongoing commitment to SAP certifications. The recognition reflects FPT's growing presence in Europe for SAP technology ecosystems and its experience supporting leading enterprises, including E.ON, RWE, and IONITY, across SAP transformation, application management, and integration initiatives. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260629805729/en/ Through its SAP practice in Europe, FPT provides organizations with comprehensive SAP capabilities designed to support business transformation and maximize the value of their SAP investments, including: End-to-end SAP services spanning consulting, implementation, integration, migration, optimization, application management, and managed services. SAP software licensing and lifecycle support,
Regnology Launches Regnology Risk Hub (RRiH) Ascend to Deliver Governed, AI Powered Intelligence to Balance Sheet and Enterprise Risk Management30.6.2026 09:00:00 EEST | Press release
Regnology, a global leading provider at the intersection of regulatory, risk, finance and supervisory technology, today announced the launch of Regnology Risk Hub (RRiH) Ascend, the next evolution of the Regnology Risk Hub (RRiH), now fully integrated into the Ascend platform. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260629063140/en/ Designed to help financial institutions move from reactive risk monitoring to proactive decision-making, RRiH Ascend leverages the combined expertise of the acquired OneSumX for Risk solution from Wolters Kluwer and Moody’s regulatory reporting & ALM solutions, bringing together comprehensive risk coverage, advanced analytics and governed intelligence in a single, cloud-native platform. The solution delivers integrated, enterprise-wide coverage across asset-liability management (ALM), liquidity management, market and credit risk, profitability, stress testing and prudential risk, providing
In Line With the LEAP | 28 Portfolio Rotation Strategy, Bureau Veritas Signs an Agreement to Sell Its Oil & Petrochemicals and Coal Testing and Inspection Business30.6.2026 08:30:00 EEST | Press release
Bureau Veritas, a global leader in Testing, Inspection, and Certification services (TIC), announces that it has entered exclusive negotiations with Triton Partners regarding the sale of its Oil & Petrochemicals and Coal testing and inspection business. This strategic divestment is in full alignment with the Group’s LEAP | 28 strategy. The proposed transaction would include the Oil & Petrochemicals and Coal testing and inspection activities. In 2025, this business generated approximately EUR 450 million in revenue operating a global network across multiple countries, with a significant footprint of operational sites and employees. This business grew at a lower rate than the Group and is margin dilutive. It is included within Bureau Veritas’ “Optimize value and impact” portfolio and reported under the Agri-Food & Commodities division. The transaction supports the strategic objective to increase exposure to higher growth and margin businesses. A key milestone in LEAP | 28 portfolio rotati
Corient Accelerates European Growth With the Addition of Letus Private Office30.6.2026 08:15:00 EEST | Press release
Corient today announced an agreement to acquire Letus Private Office (“Letus”), an independent multi-family office and wealth advisory firm serving entrepreneurs, founders and other ultra-high-net-worth individuals and families across France and Europe. The acquisition, subject to closing, builds on recent transactions that have made Corient the world’s largest multi-family office and non-bank wealth manager focused on ultra-high-net worth and high-net-worth clients. Paris-based Letus was founded in 2016 and is led by Managing Partners Anice Chlagou, Stephen Lasry and Alexandre Tsouli, and Partner Sacha Levy. It manages and administers approximately €4.1 billion (about US$5 billion). Letus serves ultra-high-net worth clients, primarily entrepreneurs and their families, providing comprehensive, bespoke services that integrate all aspects of wealth management and family office functions, including investment management, wealth and estate planning, financing, legal and tax support, and ph
Hengrui’s Heng Yi ® Approved in China as an Innovative Cyclosporine Ophthalmic Solution for the Treatment of Dry Eye Disease30.6.2026 08:00:00 EEST | Press release
Hengrui Pharma, a global pharmaceutical company focused on scientific and technological innovation, and Novaliq GmbH (“Novaliq”), a biopharmaceutical company focusing on first- and best-in-class ocular therapeutics based on its unique EyeSol® water-free platform technology, announce today that on June 23, 2026, the China National Medical Products Administration (NMPA) has approved Heng Yi® (0.1% cyclosporine ophthalmic solution) for the treatment of patients with dry eye disease, aiming to increase tear secretion in patients with reduced tear production and improve the sign of the disease. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260629052295/en/ Heng Yi Heng Yi® is the first and only water-free 0.1% cyclosporine ophthalmic solution and the second dry eye disease drug product approved in China based on the EyeSol® platform technology, following the approval of Heng Qin® (perfluorohexyloctane ophthalmic solution) in 202
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom