Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Infobip Research Reveals Businesses Scaling AI-Powered Defenses to Counter Surge in Automated Fraud7.7.2026 12:55:00 EEST | Press release
New research from global AI-first cloud communications platform Infobip reveals a growing surge in AI-powered fraud and enterprise defenses. Analyzing billions of interactions globally, Infobip’s 2026 Fraud & Security Report highlights a year of dramatic contrasts. There have been record volumes of blocked fraudulent traffic alongside the rapid scaling of intelligent, AI-powered defenses. The report reveals that while fraudsters are using AI to scale and personalize harmful messaging, leading to a 77% increase in detected threats, businesses are responding in kind. Adoption of AI-powered fraud detection grew by 71% year-on-year, while pattern-based detection increased by 105%, underscoring a shift toward adaptive security. The report demonstrates the impact of AI-first security. Leading UK-based clothing brand NEXT is leveraging Infobip Signals, an AI and machine learning-powered solution designed to combat artificially inflated traffic, helping protect customers against fraud. Raz Raz
Santander Financial Crime Transformation Leader Joins ThetaRay to Drive Enterprise AI Adoption7.7.2026 11:00:00 EEST | Press release
ThetaRay, a leader in AI infrastructure for financial crime compliance, today announced the appointment of Luis Pinedo as Chief Strategic Customers Officer. Previously Pinedo was Group VP of Compliance at Santander Bank, where during his 16-year tenure, he led global Financial Crime Compliance (FCC) transformation initiatives across operating models, processes, and technology platforms. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260707359150/en/ Luis Pinedo joins ThetaRay as Chief Strategic Customers Officer. In his new role, Pinedo will bring key perspectives from tier-one banking operational challenges to ThetaRay’s product development and design. He will lead strategic customer engagement as well as product strategy across ThetaRay’s entire compliance platform, including Transaction Monitoring, Screening, Customer Risk Assessment, and Agentic Investigations. The appointment comes at a critical time in the RegTech indu
Robbyant Unveils LingBot-Depth 2.0 and LingBot-Vision to Redefine Robotic Spatial Perception7.7.2026 10:54:00 EEST | Press release
Robbyant, an embodied AI company within Ant Group, today announced the launch of LingBot-Depth 2.0, a next-generation spatial perception model, alongside its foundational visual model, LingBot-Vision. This release marks a significant leap in robotic spatial perception, empowering robots to accurately understand and navigate the physical world. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260706806935/en/ LingBot-Depth 2.0 reconstructs complete and planar 3D structures in challenging scenarios involving mirrors and glass From "Seeing" to "Seeing Accurately" Building upon the success of LingBot-Depth, which pioneered the Masked Depth Modeling (MDM) technique to resolve depth sensing challenges for transparent and reflective surfaces, LingBot-Depth 2.0 represents a massive scale-up in training data and performance. Trained on 150 million samples, the new model achieves top rankings in 12 out of 16 depth completion benchmarks.
RGI Group Strengthens Its Personal Insurance Capabilities in France Through KAPIA-RGI’s Acquisition of Cegid Assurex Solutions7.7.2026 10:30:00 EEST | Press release
RGI, a leading European provider of digital insurance platforms, announces that KAPIA-RGI, its France-based company specialised in personal insurance solutions, has acquired Cegid Assurex solutions. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260707323665/en/ This transaction marks a major milestone in the Group's development strategy in French speaking markets in Europe and further enhances its ability to support insurers, mutual insurers, provident institutions, brokers and bancassurers in their innovation and digital transformation initiatives. By integrating Cegid Assurex's expertise, talent and solutions, KAPIA-RGI consolidates its position as the reference leader in the Life Insurance, Savings, Retirement, Annuities and Provident markets. This acquisition expands its client base with more than 20 additional customers while accelerating innovation and growth in a market shaped by evolving regulation, automation and a
Bitcoin Suisse Advances Middle East Expansion, Receiving Financial Services Permission in Abu Dhabi7.7.2026 10:15:00 EEST | Press release
Building on its position as Switzerland’s leading crypto financial services provider, Bitcoin Suisse is further accelerating its international expansion. Bitcoin Suisse Group’s subsidiary, BTCS (Middle East) Ltd. (“BTCS ME”) has received Financial Services Permission (FSP) from the Financial Services Regulatory Authority (FSRA) of ADGM, the international financial centre of Abu Dhabi, marking another significant step toward the Group’s international growth strategy becoming a leading global wealth management partner. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260707864200/en/ Ceyda Majcen, Chief Executive Officer and SEO of BTCS ME, leads Bitcoin Suisse Group's expansion in the Middle East and brings extensive, long-standing senior leadership experience across the Group. The FSP marks the completion of a thorough, multi-stage licensing process and enables BTCS ME to deliver a comprehensive suite of regulated digital asse
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom
