Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
The Empire State Building Presents First-Ever Children’s Birthday Party Package for Celebrations at the Iconic Observatory Experience23.2.2026 16:13:00 EET | Press release
Parents who have looked for the best birthday party idea for their children have had their wish fulfilled. Today, the Empire State Building (ESB) announced the debut of its first-ever ESB Birthday Party Package for kids at the international icon’s Observatory as part of year-long 95th anniversary celebrations. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260223161708/en/ The Empire State Building Presents First-Ever Children’s Birthday Party Package for Celebrations at the Iconic Observatory Experience “From Lego playtime to Percy Jackson readers, children love the Empire State Building and now parents can give an unmatched experience to their children and their friends,” said Anthony E. Malkin, chairman and CEO of Empire State Realty Trust. “This birthday party package tops them all with an escorted visit through our world-famous Observatory, a private party room with a Ghirardelli sundae chef, Empire State Building party
CoolMPS™ 600: Accurate and Affordable Long MPS/NGS Reads on a Mid-Throughput Platform23.2.2026 16:00:00 EET | Press release
Swiss Rockets AG announces that its CoolMPS 600 mid-throughput sequencer with advanced chemistry and novel MPS/NGS read length will become available in Q2 2026. Enabled by its exclusive license of CoolMPS technology, Swiss Rockets AG is developing its first sequencer, CoolMPS 600, through contract R&D with Complete Genomics since August 2025. The platform is utilizing the company’s proprietary antibody-based CoolMPS™ chemistry combined with DNBSEQ™, a real PCR-free DNA nanoarray technology. Separately, Swiss Rockets AG announced that it has entered into a definitive agreement to acquire 100% ownership of Complete Genomics. CoolMPS 600 enables cost-effective extended single-end sequencing to 600 bases (SE600) while maintaining high base accuracy. The system is designed to support advanced whole-genome sequencing (WGS) with improved mapping accuracy across complex genomic regions, including better detection of structural variants. It also enables full length transcriptomes and more infor
Xsolla Co-Sponsors Gamescom Dev Leadership Summit in Lisbon, Bringing Together Gaming Industry Leaders to Shape the Future of Game Development23.2.2026 16:00:00 EET | Press release
Xsolla, a global video game commerce company that helps developers launch, grow, and monetize their games, today announced its co-sponsorship of the Gamescom Dev Leadership Summit Lisbon, taking place February 24-26 at SUD Lisboa in Portugal. The event brings together gaming industry executives, studio founders, and business leaders to explore opportunities and innovations shaping the future of game development. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260223253705/en/ Graphic: Xsolla As part of its sponsorship, Xsolla will host the summit's Wednesday evening networking dinner and co-moderate a strategic roundtable session focused on business models and sustainable growth in the gaming industry. "We're seeing incredible innovation from studios across Europe as they build more direct relationships with their players and explore new ways to grow their businesses," said Berkley Egenes, Chief Marketing & Growth Officer at
Angelini Pharma and Quiver Bioscience Announce Strategic Research Collaboration and Licensing Agreement to Discover and Advance Novel Therapeutics for Genetic Epilepsies23.2.2026 15:08:00 EET | Press release
Angelini Pharma, part of the privately owned Angelini Industries, and Quiver Bioscience (“Quiver”), a discovery technology and therapeutics company advancing programs for the treatment of central nervous system (CNS) disorders, announced today that they have entered into a collaboration and licensing agreement to advance novel therapeutics for genetic epilepsies. The collaboration brings together Quiver’s unique drug discovery capabilities, data assets, and AI models with Angelini Pharma’s established expertise in brain health and epilepsy drug development. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260223465174/en/ Under the terms of the multi-year agreement, Quiver will receive an undisclosed advance payment and support for defined research activities along with additional licensing fees granting Angelini Pharma exclusive access to collaboration-generated data during the research term. Quiver is also eligible to receiv
Armis Achieves U.S. Department of Defense Impact Level 5 Authorization23.2.2026 15:00:00 EET | Press release
Armis, the cyber exposure management & security company, today announced that it has achieved authorization from the U.S. DoD’s Defense Information Systems Agency (DISA) to operate at an Impact Level 5 (IL5). This means that Armis has met strict requirements to manage and secure the DoD’s critical infrastructure, including Controlled Unclassified Information (CUI) systems. “We are committed to helping Federal agencies like the Department of Defense address their toughest cybersecurity challenges,” said Alex Mosher, President and CRO at Armis. “Achieving DISA IL5 authorization is an important milestone for Armis as we continue to support DoD customers in safeguarding critical systems, sensitive data and national security infrastructure from evolving cyber threats.” Armis empowers Federal agencies to build and optimize comprehensive cybersecurity programs with Armis Centrix™, the FedRAMP and DISA IL authorized Cyber Exposure Management Platform. The company previously achieved FedRAMP Mo
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom