Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Riskified Unveils Next-Generation AI Suite at Ascend 2026, Empowering Merchants with Unprecedented Visibility and Control Over Ecommerce Risk6.5.2026 16:00:00 EEST | Press release
Riskified (NYSE: RSKD), a global leader in ecommerce fraud and risk intelligence, today announced a major leap forward in its AI platform capabilities, introducing a powerful suite of control and empowerment tools designed to give merchant fraud teams complete visibility into risk patterns and identity behavior, conversational AI-driven insights, and the ability to surgically tailor their risk strategies. The innovation suite was announced onstage at Ascend 2026, Riskified’s premier global summit series, taking place May 4-6, 2026, at the Conrad New York Downtown in Manhattan, NY. With global ecommerce continuing to expand and losses from AI-driven fraud attacks projected to spike, particularly with the rise of agentic commerce, where AI bots may conduct transactions on behalf of consumers, accurate fraud decisions are fundamental, but are no longer enough. Today, more than ever, sophisticated fraud and risk teams need to understand the why behind every transaction and pattern, and req
Twilio’s Next Generation Platform: An Infrastructure Layer for Every Conversation in the Agentic Era6.5.2026 16:00:00 EEST | Press release
Twilio (NYSE: TWLO), the infrastructure for customer engagement in the AI era, kicked off its user conference, SIGNAL, by unveiling its next generation platform capabilities for the agentic era. Generally available today, Conversation Memory, Conversation Orchestrator, Conversation Intelligence, and Agent Connect combine to turn disparate interactions into continuous, intelligent, and personal conversations across humans, agents, and systems. “The agentic era is here. Agents are joining conversations alongside the people they represent, and modern customer engagement requires an infrastructure that serves both equally,” said Khozema Shipchandler, Chief Executive Officer at Twilio. “Twilio’s new platform is the foundational infrastructure layer that makes every conversation persistent, contextual, and actionable – ensuring interactions feel like part of one continuous relationship." An Infrastructure Layer for Every Conversation Every business runs on conversations. Today, however, busi
Vultr, SUSE & Supermicro Debut Unified Cloud-to-Edge Architecture for Global AI Scaling6.5.2026 15:00:00 EEST | Press release
Vultr, the world's largest privately-held cloud infrastructure company, in collaboration with SUSE and Supermicro, today announces a strategic architectural framework designed to solve the complexities of deploying and operating AI workloads across distributed environments. As AI moves closer to the point of data creation - from manufacturing floors to retail storefronts - organizations face significant challenges in latency, cost and operational consistency. This joint initiative provides a seamless, Cloud-to-Edge pipeline that integrates high-performance hardware, localized cloud infrastructure, and unified Kubernetes management. The partnership addresses the reality that sending all data back to a central cloud is no longer viable for real-time AI. The solution breaks down the infrastructure into three critical layers: The Cloud and Near-Edge - Enterprises can deploy regional Kubernetes-based AI clusters closer to their users by leveraging Vultr’s 33 global cloud data center regions
Waiv Enters Collaboration with Daiichi Sankyo to Deliver AI-Derived Biomarkers for ADC Program6.5.2026 15:00:00 EEST | Press release
Waiv, formerly Owkin Dx, a Paris-based company catalyzing AI precision testing, today announced it has entered a collaboration with Daiichi Sankyo (TSE: 4568) to lead digital pathology biomarker discovery for an antibody-drug conjugate (ADC) program. With deep expertise across diverse pathology and multimodal data, and a global data network spanning academic institutions, hospitals, and laboratories, Waiv has a proven track record delivering AI-powered biomarker solutions across the full drug development lifecycle. Under the collaboration, Waiv will apply its end-to-end computational pathology platform to early phase data. This includes tumor microenvironment (TME) analysis across both hematoxylin and eosin (H&E) and immunohistochemistry (IHC) stained samples, as well as biomarker discovery and outcome prediction capabilities aimed at identifying biomarkers of treatment response ahead of next clinical trial phases. Purpose-built AI approach tackles one of pharma's hardest challenges: b
Elisa Expands PON Deployment with Vecima’s All-PON™ Shelf, Delivering 10G Fiber Services in Estonia6.5.2026 14:30:00 EEST | Press release
Vecima Networks Inc. (TSX: VCM) announced today that leading telecommunications operator Elisa has deployed Vecima’s Entra EXS1610 All-PON™ Shelf for 10G Fiber-to-the-Home (FTTH) services for its subscribers in Estonia. In Estonia’s competitive broadband market, Elisa brings highly innovative solutions to its subscribers. Vecima’s EXS1610 supports multiple deployment use cases, including greenfield, targeted brownfields, rural edge-outs, hybrid fiber-coax (HFC) overbuilds, footprint extensions, and hub collapses. Its compact shelf footprint can help reduce operating costs and allow operators to deploy anywhere – for maximum flexibility, including data centers, remote cabinets, the headend, and multi-dwelling units. The Entra EXS1610 All-PON Shelf features: 16 x PON ports: 10G-EPON, XGS-PON, and Combo XGS-PON & GPON Temperature-hardened for outside plant deployments Multi-vendor optical network terminal (ONT) interoperability Uplink optics: 2 x 100/40G & 2 x 25/10G with broad third-part
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom