Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
GIGABYTE Unveils “Future Landing” at COMPUTEX 2026 as Implementation Becomes Critical to Scaling AI12.5.2026 04:00:00 EEST | Press release
GIGABYTE Technology, a global leader in high-performance computing, is taking its most comprehensive end-to-end portfolio for AI infrastructure to COMPUTEX 2026 under the theme "Future Landing." As AI transitions from training into large-scale inference and real-world operation, GIGABYTE addresses the industry's most pressing challenge: not whether AI can be built, but how quickly and reliably it can be deployed, operated, and sustained at scale. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260505299592/en/ GIGABYTE Unveils “Future Landing” at COMPUTEX 2026 as Implementation Becomes Critical to Scaling AI At COMPUTEX, GIGABYTE organizes its showcase around three states that define the lifecycle of production AI infrastructure. Ready: integrated systems that have been fully built, simulated, validated, and prepared for deployment. Deployable: modular clusters engineered for rapid implementation across diverse environments.
INNIO Group Announces Filing of Registration Statement for Proposed Initial Public Offering11.5.2026 22:49:00 EEST | Press release
INNIO Group ("INNIO"), a leading global distributed energy solutions provider, today announces that it has publicly filed a registration statement on Form S-1 with the U.S. Securities and Exchange Commission ("SEC") relating to a proposed initial public offering of its common shares. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260511389675/en/ INNIO Group Announces Filing of Registration Statement for Proposed Initial Public Offering The timing of the offering, number of shares to be offered and the price range for the proposed offering have not yet been determined. INNIO has applied to list its common shares on the Nasdaq Global Select Market under the ticker symbol "INIO." Goldman Sachs & Co. LLC, J.P. Morgan and Morgan Stanley are acting as joint lead book-running managers for the proposed offering. BofA Securities, Barclays and Citigroup are acting as book-running managers for the proposed offering. Baird, BNP Paribas
Only 7% of Companies Achieve Full Compliance as Global Expansion Increases Legal Complexity11.5.2026 16:00:00 EEST | Press release
As businesses accelerate their global expansion in 2026, compliance fails to keep pace. In fact, only 7% of organizations report full compliance across their global entities, according to a new study by CSC, the leading provider of global business administration and compliance solutions. CSC surveyed 350 general counsel (GCs) and senior legal professionals across Europe, North America, and Asia Pacific to examine how their teams navigate international expansion, regulatory pressure, and the increasing adoption of artificial intelligence (AI).¹ The findings appear in CSC’s latest report, General Counsel Barometer 2026: From Complexity to Control. Most organizations report partial compliance, with over half (53%) estimating they are 50–75% compliant, and a further 35% placing themselves between 76%–99%. This leaves just 7% of organizations reporting full compliance across all global entities. GCs also report low confidence in addressing ongoing demands amid global expansion. More than tw
IFF Opens Vanilla Innovation Center in Madagascar11.5.2026 15:15:00 EEST | Press release
IFF (NYSE: IFF)—a global leader in flavors, fragrances, food ingredients, health & bioscience—today announced the opening of its Vanilla Innovation Center in Madagascar, reinforcing vanilla as a strategic and priority tonality for IFF and strengthening its ability to innovate at origin. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260508110162/en/ IFF's Vanilla Innovation Center in Madagascar “The opening of the center marks an important step in how we approach vanilla innovation,” said Adam Jańczuk, Ph.D., senior vice president, research, creation and design, Taste, IFF. “By strengthening our presence at origin, we connect science, creativity and sustainability more closely, responding to climate changes, safeguarding quality and creating value across the supply chain.” Located in Toamasina, Madagascar’s principal seaport, near vanilla growing areas and post‑harvest processing activities, the 650‑square‑meter center bring
ARIS Recognised as a Leader in Gartner ® Magic Quadrant™ for Process Intelligence Platforms, Believes This Reinforces Its Role in Enabling Enterprise AI at Scale11.5.2026 15:00:00 EEST | Press release
ARIS, the process context foundation platform for enterprise AI deployment, today announced its recognition as a Leader in the Gartner® Magic Quadrant™ for Process Intelligence Platforms. This is the fourth consecutive year that ARIS has been recognized as a Leader in the report and the company believes it underscores a continued commitment to innovation and growth as enterprises focus on turning AI ambition into measurable business outcomes. While technology has advanced rapidly, companies are struggling to operationalise AI across complex operating models. ARIS sees this recognition by Gartner as a reflection of its strength in delivering a single unified platform for process intelligence, providing the context layer on which G2000 organisations can successfully deploy and scale agentic AI. “AI is moving from experimentation to execution – but many enterprises are finding it difficult to scale,” said Guillaume Bacuvier, CEO of ARIS. “The reason is simple: AI lacks the context it need
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom