Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Plasma One Launches to Herald a New Era of Stablecoin Banking19.6.2026 15:29:00 EEST | Press release
Plasma has today announced the launch of Plasma One, its flagship financial product designed to make digital dollars usable for everyday spending, sending and earning. Plasma One is designed to make stablecoins feel like money, only better - more accessible, reliable and efficient. For years, stablecoin adoption has been held back by a fragmented system and poor user experience. We have seen wallets in one place, exchanges in another, and costly off-ramps standing between digital dollars and daily life. Plasma One brings that experience together in a single app, giving users a simple way to spend, send and earn with stablecoins from one account with zero fees. Headquartered in London, the city that gave rise to Revolut, Wise and Monzo, Plasma is making a bigger bet, that the next generation of consumer banking will be built on stablecoin rails, not legacy banking infrastructure. Underneath Plasma One is the Plasma Network, Plasma’s own blockchain, purpose-built to move stablecoins inst
IQM Appoints Craig Ciesla, Former Illumina VP, as CTO; Inés de Vega Becomes Chief Scientist19.6.2026 10:00:00 EEST | Press release
IQM Quantum Computers, the global leader in superconducting quantum computers, today announced the appointments of Dr. Craig Ciesla as Chief Technology Officer (CTO) and Dr. Inés de Vega as Chief Scientist, as she transitions from her role as Vice President of Quantum Solutions, deepening IQM´s leadership as the company prepares for its planned Nasdaq listing through a merger with Real Asset Acquisition Corp. (Nasdaq: RAAQ). This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260619693929/en/ From left to right: Dr. Inés de Vega, Chief Scientist, and Dr. Craig Ciesla, Chief Technology Officer. Ciesla, an experienced deep tech executive with more than 25 years delivering products across multiple industries from startups to Fortune 500 companies, will advance IQM's technology strategy and drive its implementation into systems and products. De Vega, meanwhile, will be responsible for ensuring scientific feasibility and system-level
Teijin Receives Approval for Additional Indications of XEOMIN ® for Cervical Dystonia and Blepharospasm in Japan19.6.2026 10:00:00 EEST | Press release
Teijin Pharma Limited, the core company of the Teijin Group’s healthcare business, and Merz Therapeutics GmbH, a leading player in neurology-focused specialty pharma, jointly announced today that Japan’s Ministry of Health, Labour and Welfare (MHLW) has approved the additional indications for XEOMIN® (incobotulinumtoxinA) for the treatment of cervical dystonia and blepharospasm. This approval represents the fourth and fifth indications for XEOMIN® authorized in Japan, alongside its existing approvals for the treatment of upper limb spasticity, lower limb spasticity and chronic sialorrhea. Cervical dystonia is a focal dystonia characterized by involuntary contractions of the neck muscles, resulting in abnormal or repetitive movements and postures.1 Blepharospasm is also a focal dystonia, characterized by excessive involuntary contractions of the muscles surrounding the eye.2 Both conditions significantly impact patients’ quality of life. The approval by MHLW is based on Phase III clinic
Incyte Japan Announces Approval of Minjuvi ® (tafasitamab) in Combination with Lenalidomide for the Treatment of Adults with Relapsed or Refractory Diffuse Large B-Cell Lymphoma (DLBCL)19.6.2026 09:00:00 EEST | Press release
Incyte Biosciences Japan G.K. today announced that Japan’s Ministry of Health, Labour and Welfare (MHLW) has approved Minjuvi® (tafasitamab) in combination with lenalidomide for the treatment of adults with relapsed or refractory diffuse large B-cell lymphoma (DLBCL). “This approval provides a new option for patients in Japan living with relapsed or refractory DLBCL, an aggressive disease with historically limited treatment options,” said Yasuyuki Ishida, General Manager, Incyte Biosciences Japan. “We are committed to helping address critical unmet needs for patients and their families affected by this challenging cancer.” DLBCL is the most common subtype of non-Hodgkin lymphoma and is an aggressive malignancy of B lymphocytes. While many patients respond to initial therapy, outcomes remain poor for those with relapsed or refractory disease, particularly for patients who are not eligible for autologous stem cell transplant.1 The approval is based on results from the MOR208C203 Trial: L
Amazfit Introduces Helio Strap Pro, Bringing Body-Worn Movement Intelligence to HYROX and Hybrid Training18.6.2026 20:07:00 EEST | Press release
Amazfit, a leading global smart wearable brand owned by Zepp Health (NYSE: ZEPP), today announced Helio Strap Pro, a body-worn training system designed to help HYROX and hybrid athletes better understand how their bodies perform under load. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260618031434/en/ Amazfit Introduces Helio Strap Pro, Bringing Body-Worn Movement Intelligence to HYROX and Hybrid Training Building on the screen-free Helio Strap, Helio Strap Pro adds a dedicated waist-mounted motion sensor that captures core-body movement and stability during training. Combined with upper-arm heart-rate sensing and compatible Amazfit smartwatches, the system provides a more complete picture of cardio effort, movement quality and muscle load than wrist-based tracking alone. Helio Strap Pro represents the next evolution of Amazfit's Hybrid Training System, extending performance tracking beyond heart rate to help athletes bett
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom