Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
FDA Issues Modified Risk Tobacco Product Orders for 20 ZYN Nicotine Pouch Products30.6.2026 19:19:00 EEST | Press release
Philip Morris International Inc. (PMI) (NYSE: PM) today announced that the U.S. Food and Drug Administration (FDA) issued Modified Risk Tobacco Product (MRTP) orders for 20 variants of ZYN nicotine pouch products. These are the first MRTP orders granted for nicotine pouches, allowing PMI U.S. to market the following claim for the authorized ZYN products: “Using ZYN instead of cigarettes puts you at a lower risk of mouth cancer, heart disease, lung cancer, stroke, emphysema, and chronic bronchitis.” “FDA’s decision is an important moment for the more than 45 million legal-age nicotine consumers in America,” saidStacey Kennedy, PMI U.S. CEO. “Today’s news ensures these adultshave access to accurate, science-based information, including FDA-authorized evidence that switching from cigarettes to ZYN reduces the risk of smoking-related diseases like heart disease and lung cancer,” she added. “More broadly, it reinforces the agency’s science-based approach to evaluating products across the co
Caidya Announces Strategic Combination with Simbec-Orion Bridging Early Scientific Insight and Global Clinical Execution30.6.2026 18:00:00 EEST | Press release
Caidya today announced a strategic combination with Simbec-Orion designed to close the divide between early scientific insight and global clinical execution. The combination of Caidya and Simbec-Orion creates a differentiated specialty clinical CRO platform that enables programs to scale, maintaining focus, speed, and accountability. The strategic combination brings together complementary strengths to create a more complete development partner for innovative biopharma companies. With established operations across Europe, the Americas, APAC, and China, the combined organization provides meaningful expertise and execution capabilities in the regions that matter most. Simbec-Orion brings early-phase clinical pharmacology capabilities alongside deep therapeutic expertise for later stage complex oncology and rare disease trials, helping sponsors shape critical decisions early in the development lifecycle. Together, the organizations strengthen their ability to support complex, cross-border
Archer® Proves Purpose-Built AI Beats General-Purpose LLMs on Regulatory Change Management: 95% Verified Accuracy, 80x Faster, 92% Lower Cost30.6.2026 17:13:00 EEST | Press release
For enterprises deploying AI in compliance, a wrong date is a missed deadline. The more dangerous failure is a wrong answer the model returns with high confidence, one that flows silently into a compliance calendar and is only discovered after the window has passed. Archer® today released results showing purpose-built AI beats a general-purpose large language model (LLM) on regulatory work, and it’s not close. This head-to-head test compared Archer’s purpose-built, vertical-specific AI and proprietary data sets against a leading general-purpose LLM, on a core compliance task: determining the publication, effective and comment-close dates of regulatory documents across six jurisdictions. General-purpose models are a genuine breakthrough, and this is no referendum on their quality. The question Archer set out to answer is narrower and more practical: what it takes to make a specific, high-stakes determination reliable, fast and affordable at scale. A vertical, domain-focused process, gro
Altasciences Supports Key Development Milestone for Steel Therapeutics’ Lead Therapeutic Candidate, Fizurex™30.6.2026 17:08:00 EEST | Press release
Altasciences, a leading drug development organization, today announced a significant milestone in the development of Steel Therapeutics, Inc.’s pivotal toxicology study for its lead product candidate, Fizurex™, for the treatment of anal fissures. The successful completion of the study plays a significant role in the advancement of Fizurex™ toward first-in-human trials. The GLP-compliant study demonstrated a favorable safety profile, which has advanced Steel Therapeutics' plans to submit an Investigational New Drug (IND) application for Fizurex™ to the FDA in Q3 2026. Fizurex™, a patent-pending, single-use topical wipe, was designed to provide a standardized, accessible treatment option for a painful and often undertreated medical condition. The product builds on years of use through compounding pharmacy prescriptions and is now advancing toward clinical development and regulatory review. "We are proud to have supported Steel Therapeutics with the generation of the high-quality safety d
Interactive Brokers Expands Access to Korean Equities with Launch of Nextrade ATS30.6.2026 17:00:00 EEST | Press release
Interactive Brokers (Nasdaq: IBKR), an automated global broker, today announced the launch of select Korean equities through Nextrade, South Korea's first Alternative Trading System (ATS). The addition of Nextrade builds on Interactive Brokers' earlier launch of the Korea Exchange (KRX), through which it became the first major US-based broker to provide global investors with direct access to Korean equities. Clients trading on Nextrade benefit from significantly extended trading hours and access to additional liquidity. Interactive Brokers has enabled IB SmartRouting℠ across both the Korea Exchange (KRX) and Nextrade, automatically routing orders to the venue offering the best price. This helps clients achieve best execution while providing greater flexibility and more opportunities to participate in one of Asia's most dynamic equity markets. Korea's equity market ranks among the top global exchanges by market capitalization and is home to world-leading companies such as Samsung Electr
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom