Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Amazfit Introduces Helio Strap Pro, Bringing Body-Worn Movement Intelligence to HYROX and Hybrid Training18.6.2026 20:07:00 EEST | Press release
Amazfit, a leading global smart wearable brand owned by Zepp Health (NYSE: ZEPP), today announced Helio Strap Pro, a body-worn training system designed to help HYROX and hybrid athletes better understand how their bodies perform under load. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260618031434/en/ Amazfit Introduces Helio Strap Pro, Bringing Body-Worn Movement Intelligence to HYROX and Hybrid Training Building on the screen-free Helio Strap, Helio Strap Pro adds a dedicated waist-mounted motion sensor that captures core-body movement and stability during training. Combined with upper-arm heart-rate sensing and compatible Amazfit smartwatches, the system provides a more complete picture of cardio effort, movement quality and muscle load than wrist-based tracking alone. Helio Strap Pro represents the next evolution of Amazfit's Hybrid Training System, extending performance tracking beyond heart rate to help athletes bett
HyperLight Announces $80 Million Series C to Accelerate TFLN Deployment for AI Infrastructure18.6.2026 18:30:00 EEST | Press release
HyperLight Corporation (“HyperLight”), a leader in thin-film lithium niobate (TFLN) photonics, today announced the closing of an $80 million Series C financing round led by MediaTek. The round includes participation from UMC Capital, Jabil, Foxconn, EDBI (arm of SG Growth Capital, the investment platform of the Singapore Economic Development Board and Enterprise Singapore), CDIB-TEN Capital, and Qatar Investment Authority (QIA), as well as strategic investors from leading silicon IC and networking companies. Existing investors Summit Partners, The Engine, Foothill Ventures, and Xora Innovation continue to actively support the company’s growth. The financing brings together companies across the AI infrastructure value chain — including silicon ICs, foundry manufacturing, electronics manufacturing services, networking, and global infrastructure investment — reflecting broad ecosystem support for scaling TFLN photonics into production. “This financing is about more than capital — it is ab
TestMu AI Launches Official n8n partner integration, Bringing Real Browser Infrastructure to AI Agent Workflows18.6.2026 16:25:00 EEST | Press release
TestMu AI (formerly LambdaTest), the world's first Full-Stack Agentic AI Quality Engineering platform, today announced the launch of its official TestMu AI Agent partner integration for n8n, one of the fastest-growing workflow automation platforms for AI agents and enterprise automation. Available as an n8n verified and partnered Community Node, the TestMu AI Agent integration enables developers to connect AI agents and automated workflows to TestMu AI's Browser Cloud, providing access to more than 3,000 browser, operating system, and device environments without requiring single line of code as well. As organizations increasingly adopt AI agents for business automation, browser access has emerged as a critical capability. The new integration allows n8n users to equip their workflows with real cloud-hosted browsers capable of interacting with web applications, navigating dynamic websites, and executing browser-based tasks at scale. "AI agents need reliable ways to interact with the web
One NZ Future-Proofs Its Oracle Estate and Accelerates AI Innovation with Rimini Street18.6.2026 16:00:00 EEST | Press release
Rimini Street, Inc. (Nasdaq: RMNI), the Software Support and Agentic AI ERP Company™ and the leading third-party support provider for Oracle, SAP and VMware software, today announced One New Zealand (NZ) is leveraging Rimini Street’s support and interoperability solutions to ensure its critical Oracle systems remain secure, stable and reliable, while enabling the organization to redirect investment and talent toward modernization and AI initiatives. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260618762726/en/ One NZ Future-Proofs Its Oracle Estate and Accelerates AI Innovation with Rimini Street One NZ serves 2 million customers with mobile, broadband and satellite solutions, connecting businesses and communities across 99% of New Zealand. As part of its transformation journey, the telco sought a strategic partner to support and stabilize its complex Oracle estate, including Siebel CRM, Oracle Database and other Oracle ap
i2c Honored for AI-Powered Fraud Detection at The Digital Banker MEA Innovation Awards 202618.6.2026 16:00:00 EEST | Press release
i2c Inc., a global financial technology innovator, today announced it has won the “Best AI-Powered Fraud Detection Solution by a Vendor” award at The Digital Banker Middle East & Africa Innovation Awards 2026. The award recognizes i2c's innovative use of artificial intelligence to help financial institutions and fintechs strengthen fraud prevention, improve authorization performance, and deliver more secure payment experiences. As fraud schemes become increasingly sophisticated and fast-moving, i2c's AI-driven fraud management capabilities enable clients to identify suspicious activity in real time while minimizing friction for legitimate cardholders. Built into i2c's unified banking and payments platform, the company's AI-powered fraud risk management capabilities are embedded directly within its single-platform architecture, enabling real-time risk assessment and intelligent authorization decisioning. By combining advanced technology with a configurable platform architecture, i2c hel
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom