Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
DEFINITIVE Trial Reaches Major Milestone: All Centres Approved and More Than 50% Recruitment Achieved7.5.2026 12:21:00 EEST | Press release
The DEFINITIVE project, a landmark European Union-funded international phase III clinical trial evaluating the use of the HER2DX diagnostic assay to guide personalised treatment in early-stage HER2-positive breast cancer (BC), announces two major operational milestones at the ESMO Breast Cancer 2026 congress. Approvals have been obtained in the 7 participating countries, 33 clinicals sites are now open for patient recruitment. The trial has reached over 50% of its recruitment target, marking a pivotal moment on the path toward to transforming HER2-positive BC treatment. About the DEFINITIVE Project The DEFINITIVE project is a 5-year, prospective, open-label, randomised, two-arm phase III international clinical trial conducted across 44 centres in 7 European member states and associated countries. The trial aims to demonstrate that personalising treatment decisions for patients with early-stage (stage II to IIIA) HER2-positive BC using the HER2DX genomic diagnostic assay can improve pat
The AI Summit London Unveils 10th Anniversary Speaker Line-Up Featuring Global Leaders in Enterprise AI7.5.2026 11:00:00 EEST | Press release
The AI Summit London today unveiled its keynote speaker line-up for the event’s 10th anniversary edition, bringing together senior leaders, technologists and policymakers from across the globe. The 2026 programme will explore the transformative power of artificial intelligence across sectors including government, enterprise, healthcare, finance and AI infrastructure. Speakers from NVIDIA, Amazon Web Services, Virgin Atlantic, AstraZeneca, the Tony Blair Institute for Global Change and JPMorgan Chase will explore AI deployment, governance, infrastructure and customer transformation across major industries. Further, Jim Carter, Director General Commercial and Industry at the Ministry of Defence, Ollie Ilott, Interim Director General, Emerging Technology and AI, UK Government, and Sasha Rubel, Head of AI/Generative AI Policy, EMEA, Amazon Web Services will lead the “AI Sovereignty – Possibility or Pipe Dream for Europe?” panel, debating whether Europe can realistically compete in the glob
MOVIVA ® launch spotlight at ESGE Days 20267.5.2026 10:58:00 EEST | Press release
During its 175th anniversary year, Erbe Elektromedizin GmbH highlights its continued commitment to healthcare innovation with the launch of MOVIVA®, a minimally invasive solution for gastric mucosal ablation (GMA) in endoscopic obesity therapy. MOVIVA® will be the central focus of Erbe’s activities at ESGE Days in Milan, 14–16 May 2026. Physicians can explore the technology in the hands-on area and attend a dedicated symposium. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260507842222/en/ How GMA with MOVIVA® works “Obesity continues to rise worldwide, and many patients still face a gap between lifestyle interventions, pharmacotherapy, and bariatric surgery. Endoscopic approaches are emerging as additional treatment options. With MOVIVA®, we aim to support physicians in bringing this innovative treatment option into clinical practice and expanding access to minimally invasive obesity therapies.” Marcus Felstead, Chief Comm
Resilience Takes Center Stage as Europe’s LEED Community Gathers in Milan for GBCI Europe Circle 20267.5.2026 10:57:00 EEST | Press release
Green Business Certification Inc. Europe (GBCI), is hosting Circle 2026, the annual flagship event of the European LEED community, taking place in Milan from May 6–8 and marking its fifth anniversary. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260506692329/en/ Porta Nuova, Milan - LEED v4.1 Communities: Existing, Gold certification. Photo courtesy of COIMA. At the center of discussions is LEED v5, the latest version of the world’s most widely used green building rating system, as a bridge to EU Taxonomy alignment - a critical priority for the European market, where regulatory pressure and investor demand are accelerating the integration of certification, finance, and ESG reporting. GBCI Europe Impact Report 2026: European Real Estate Shifts from Sustainability to Risk Management As part of the main conference program, Peter Templeton, President and CEO of USGBC and GBCI will present the GBCI Europe Impact Report 2026, ba
Criteo Selects Navan to Modernize Global Travel Management7.5.2026 10:00:00 EEST | Press release
Navan (NASDAQ: NAVN), the global AI-powered business travel and expense platform, today announced that it has been selected by Criteo, the global commerce intelligence platform, to modernize its global travel program. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260507251188/en/ Global commerce intelligence platform delivers high employee satisfaction with Navan Criteo set out to provide its global workforce with an easy-to-use travel booking experience that brought visibility and control to its travel spending. Prioritizing operational excellence and employee experience, Criteo selected Navan because of its extensive inventory, unified travel and payments platform, and global expertise in sustainability reporting. “We wanted to give our teams a travel tool that’s as easy to use as the apps they use in their personal lives,” said Sarah Glickman, Chief Financial Officer at Criteo. “Our goal with Navan was to improve the use
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom