Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Merrithew ® Expands Global Mindful Movement Leadership with Acquisition of the GYROTONIC ® Organization11.6.2026 18:30:00 EEST | Press release
Merrithew®, a global leader in mindful movement education and equipment and creator of internationally recognized programs including STOTT PILATES®, ZEN•GA®, Halo® Training and Total Barre®, today announced the acquisition of the GYROTONIC® organization, creator of the globally respected GYROTONIC® and GYROKINESIS® methods. Founded by Juliu Horvath, the GYROTONIC® and GYROKINESIS® methods are internationally recognized for their distinctive approach to movement, combining fluidity, strength, mobility, coordination, and rehabilitation through specialized equipment and movement sequences. Practiced in studios and wellness centers worldwide, the methods have cultivated a deeply loyal global community of instructors, trainers, therapists, and movement professionals. The acquisition marks a significant milestone in Merrithew International Inc.’s growth strategy and reflects Merrithew’s commitment to growing the rapidly expanding global mindful movement category. The addition of the GYROTONI
GigaDevice Expands Optical Communication Portfolio with New GD32E512 and GD32E252 Series MCUs for Optical Modules11.6.2026 17:00:00 EEST | Press release
GigaDevice, a leading semiconductor company specializing in Flash memory, 32-bit microcontrollers (MCUs), sensors, and analog products, has introduced the new GD32E512 and GD32E252 series MCUs specifically designed for optical module applications. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260611850679/en/ Empowering Optical Interconnect Innovation, GigaDevice Unveils Dedicated MCUs for Optical Modules. As a leading supplier of MCUs for optical module applications, GigaDevice has maintained a strong focus on the optical communication market, continuously aligning its product development with evolving industry requirements and next-generation optical interconnect technologies. Leveraging years of expertise in optical module control solutions, GigaDevice has established a strong position in the market through continuous innovation and close collaboration with industry partners. To further support the advancement of high-sp
Saudi Arabia at the Center of the Global Water Industry as IDWS 2026 Reshapes the Future of Water11.6.2026 16:47:00 EEST | Press release
In an increasingly resource-constrained world, water has become critical to both economic growth and national security, driving demand for global leadership in sustainability, innovation, and water solutions. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260611388456/en/ Saudi Arabia at the Center of the Global Water Industry as IDWS 2026 Reshapes the Future of Water (Graphic: AETOSWire) The Saudi Water Authority has announced the return of the Innovation Driven Water Sustainability Conference (IDWS), taking place from 7 to 9 December 2026 at The Ritz-Carlton, Jeddah, as the Kingdom consolidates its position at the center of the global water conversation. As home to one of the world’s most advanced and rapidly evolving water management ecosystems, Saudi Arabia currently operates more than 500 water production facilities across the Kingdom with total water production capacity exceeding 16.2 million cubic meters per day. The
Andersen Consulting Strengthens Digital Transformation and Cybersecurity Offerings with HeadMind Partners11.6.2026 16:30:00 EEST | Press release
Andersen Consulting enters into a Collaboration Agreement with HeadMind Partners, a leading European consultancy specializing in cybersecurity, digital transformation, and AI, strengthening the organization’s platform. With its unique combination of 25 years’ business experience, technology and data expertise, HeadMind Partners enables its clients, large companies from both private and public sectors, to strengthen their digital and cyber resilience, enhance their operational efficiency, and build robust and sovereign AI solutions. Headquartered in Paris and operating in France and Belgium to date, the company draws on multidisciplinary teams of 500 cybersecurity experts, 70 AI engineers and 400 digital transformation specialists to provide value-creating and seamless cybersecurity, AI and digital transformation solutions. HeadMind Partners serves a diverse and renowned client portfolio across financial services, industry, energy, luxury and the public sector. “Collaborating with Ander
Xsolla to Meet With Mobile Game Developers and Publishers at Pocket Gamer Connects Barcelona 202611.6.2026 16:00:00 EEST | Press release
Xsolla, a leading global video game commerce company, today announced its participation in Pocket Gamer Connects (PGC) Barcelona 2026, taking place June 15-16 at the Hyatt Regency Barcelona in Barcelona, Spain. Xsolla will be on the ground for meetings with mobile game developers, publishers, and strategic partners, bringing its direct-to-consumer commerce infrastructure to one of the most deal-focused events in the European games calendar. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260611487209/en/ Graphic: Xsolla Now in its second year, PGC Barcelona has quickly established itself as a destination conference for mobile game businesses, drawing more than 1,000 attendees from over 47 countries and facilitating thousands of structured business meetings through its dedicated matchmaking platform. Barcelona itself has become one of Europe's most significant gaming cities, home to studios including Scopely, King, Rovio, Band
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom