Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Motive Powers Latin America’s Next Wave of Mobile Innovation1.6.2026 18:00:00 EEST | Press release
Motive, a global leader in entitlement and connected device & service management, joined operators and industry leaders at M360 LATAM in Mexico City, showcasing live deployments across the region's most consequential use cases: Satellite Direct-to-Device connectivity for unreachable geographies, end-to-end eSIM provisioning and visibility at scale, and SIM-based silent authentication replacing fraud-exposed SMS OTP. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260531906729/en/ Across landmark deployments with multiple Claro, Vivo, and Entel operations, Motive’s Entitlement Server (Motive ES) has moved from infrastructure component to regional growth engine. These deployments are citing measurable commercial growth, enabling streamlined eSIM provisioning, improved device onboarding experiences, and new revenue opportunities tied to digital services and secure identity. Powered by Motive ES, Entel Chile became the first mobi
Interactive Brokers Integrates AI into Client Portfolios – Informed by Agentic Technology, Controlled by the Client1.6.2026 17:00:00 EEST | Press release
Interactive Brokers (Nasdaq: IBKR), an automated global broker, today announced agentic trading through direct integration with Claude, one of the world's leading AI platforms. Available through the AI platform’s certified connector marketplace, the integration lets clients manage their accounts and access more than 170 global markets. "Interactive Brokers has used technology for over four decades to help investors make more informed decisions and interact more efficiently with markets," said Milan Galik, Chief Executive Officer of Interactive Brokers. "Investors are increasingly using artificial intelligence to research markets, analyze information and generate ideas. We believe the next logical step is to allow clients to securely connect AI tools directly to their brokerage accounts — whether they want a simple conversational interface, deeper portfolio analysis or the ability to develop and execute sophisticated trading strategies.” Clients can link their existing IBKR account thro
AIM Expands Life Sciences Supply Chain Capabilities and Hires New Partner, Thomas Ebel1.6.2026 16:01:00 EEST | Press release
AIM today announced the appointment of veteran pharma supply chain expert Thomas Ebel as Partner, effective June 15. Mr. Ebel brings more than 25 years of supply chain consulting experience at leading firms including CAMELOT, McKinsey, and Accenture, and will anchor a broader initiative to expand AIM’s end-to-end supply chain capabilities. According to Richard de Bakker, Statutory Director and Founder at AIM, the firm is significantly expanding its capabilities around “end-to-end” supply chain needs. “AIM is well known as a leader in supply chain development for launch, as well as optimization of existing supply chains — supporting clients in getting their finished products to patients,” said Mr. de Bakker. “We are now adding new capabilities in supply chain diagnostics and strategy, end-to-end planning optimization, supply reliability, and working capital optimization, among others. Combined with AIM’s established supply chain expertise, this expanded offering gives clients true ‘end-
Seoul Semiconductor's World-First 'HV Opto-Semiconductor' Powers Up Global Top 4 Automakers1.6.2026 16:00:00 EEST | Press release
Seoul Semiconductor Co., Ltd. (KOSDAQ: 046890), a global opto-semiconductor technology company, announced that its world's first High Voltage (HV) opto-semiconductor technology has entered mass production with four of the world's top automotive brands across the Americas, Europe, and Asia, with plans to expand supply to 10 models by the end of the year. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260601232986/en/ Comparison: Conventional 3V LED vs. Seoul Semiconductor 12V 'HV Opto-Semiconductor' (Figure: Seoul Semiconductor) The technology combines micro-scaled opto-semiconductor chips capable of 12V single-chip operation — as opposed to conventional 3V LEDs — with a high-voltage (HV) driver technology. This enables a reduction of more than 10% in the number of driver-related components used in hybrid and electric vehicles, while lowering power consumption by approximately 10%, contributing to cost reduction and simplific
Oscilloquartz delivers assured timing for mission-critical harsh environments with ruggedSync ™ Series OSA 55101.6.2026 15:00:00 EEST | Press release
Oscilloquartz today launched its ruggedSync™ Series OSA 5510, a ruggedized timing and synchronization platform engineered for defense and other harsh, mission-critical environments. Designed for deployment in tactical communications networks, mobile command centers (MCCs), aviation systems and other highly demanding operational environments, the OSA 5510 combines PTP grandmaster and NTP server functionality with synchronization assurance and resilient holdover in a compact MIL-qualified platform. Multi-band GNSS support, encrypted and authenticated timing options and environmental protection enable operation in contested and GNSS-denied environments where trusted synchronization must be maintained. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260601763766/en/ Oscilloquartz’s ruggedSync™ Series OSA 5510 delivers resilient, high-precision timing for mission-critical defense networks. “Our new ruggedSync™ Series OSA 5510 exte
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom