Binarly Releases Free Detection Tool for XZ Backdoor
1.4.2024 23:39:00 EEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
Contact information
media@binarly.io
818.351.9637
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Meiji Seika Pharma: Positive Results from the Phase III Integral-1 Trial of Nacubactam, a Novel β-Lactamase Inhibitor, in Complicated Urinary Tract Infections or Acute Uncomplicated Pyelonephritis ― Published in The Lancet15.5.2026 04:00:00 EEST | Press release
Meiji Seika Pharma Co., Ltd. (headquartered in Tokyo; President and Representative Director: Toshiaki Nagasato) today announced that the results of the Integral-1 study, one of two global Phase III clinical trials evaluating the efficacy and safety of its novel β-lactamase inhibitor nacubactam (development code: OP0595), have been published in The Lancet. The article is entitled “---Efficacy and safety of cefepime–nacubactam and aztreonam–nacubactam compared with imipenem–cilastatin for complicated urinary tract infection or acute uncomplicated pyelonephritis (Integral-1): a double-blind, randomised phase 3 trial” (https://www.thelancet.com/journals/lancet/article/PIIS0140-6736(26)00596-9/fulltext) Integral-1 is a global, double-blind, randomized Phase III trial (jRCT2031230075) in patients with complicated urinary tract infection or acute uncomplicated pyelonephritis that compared the efficacy and safety of nacubactam co-administered with either cefepime or aztreonam versus imipenem-c
Xsolla and Skich Announce Strategic Partnership to Bring Merchant of Record Payments to an Alternative Mobile Game Marketplace14.5.2026 19:00:00 EEST | Press release
Xsolla, a leading global video game commerce company, today announced a strategic partnership with Skich, an alternative mobile game marketplace operating on iOS in the EU under Apple's Digital Markets Act provisions and on Android globally. Under the agreement, Xsolla will serve as Merchant of Record for in-app purchases and paid game sales distributed through the Skich Store. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260514867730/en/ Graphic: Xsolla Skich serves as an alternative to traditional mobile storefronts, offering developers a way to reach players outside platform-controlled distribution channels. The partnership with Xsolla enables Skich to offer a fully compliant payment and commerce layer, with Xsolla managing payment processing, tax collection, refunds, and regulatory compliance on behalf of developers, removing a significant operational and legal barrier for studios looking to distribute through alternat
Boomi Teams up With Gong to Bring Revenue AI to Boomi Agentstudio14.5.2026 19:00:00 EEST | Press release
Boomi, the data activation company for AI, today announced a collaboration withGong, the leader in Revenue AI, to bring revenue signals captured in Gong natively into the Boomi Enterprise Platform. This collaboration enables enterprises to establish an active data foundation designed to transform customer conversations into coordinated, automated actions across systems and functions enterprise-wide with Boomi Agentstudio. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260514443012/en/ Boomi Teams Up with Gong to Bring Revenue AI to Boomi Agentstudio Gong goes beyond capturing deal activity to surface real-time insights into risk, buyer intent, competitive dynamics, and key engagement signals. That intelligence moves from conversation to coordinated action, flowing across CRM, ERP, product, and operational systems with the governance and security that enterprises require. Through this collaboration, these signals can be serve
Boomi and Guru Partner to Deliver AI-Powered Enterprise Knowledge Enriched by Real-Time Data Activation14.5.2026 17:30:00 EEST | Press release
Boomi, the data activation company for AI, and Guru, the AI-powered enterprise knowledge platform, today announced a technology partnership to help organizations unlock the full value of their enterprise data for AI-driven decision-making. Unveiled at Boomi World 2026, the partnership makes Guru a launch partner for Boomi Connect, Boomi’s new managed connector service, and integrates Guru’s knowledge agents with Agentstudio and the Boomi MCP Registry to deliver richer, more accurate, and more actionable insights to knowledge workers and AI agents alike. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260514440755/en/ Guru was selected as a Boomi Connect launch partner because its AI-powered knowledge platform represents one of the highest-value consumption patterns for managed enterprise connectivity. Knowledge agents are only as effective as the data they can access, and Guru’s ability to synthesize insights across enterpris
IQM and Real Asset Acquisition Corp. Announce Public Filing of Form F-4 Registration Statement with the SEC14.5.2026 16:55:00 EEST | Press release
IQM Finland Oy, a global leader in full-stack superconducting quantum computers (“IQM”, “IQM Quantum Computers” or the “Company”), and Real Asset Acquisition Corp. (Nasdaq: RAAQ), a special purpose acquisition company (“RAAQ”), announced today the public filing of a registration statement on Form F-4 (the “Registration Statement”), which includes a preliminary proxy statement, with the U.S. Securities and Exchange Commission (“SEC”) in connection with the proposed Business Combination Agreement announced February 23, 2026. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260514989293/en/ IQM Radiance quantum computer Jan Goetz, Chief Executive Officer and Co-Founder, IQM, said: “This filing is a milestone we have worked hard to reach, and it signals our readiness to operate at a new level. Public markets will give IQM the platform and capital to accelerate everything we are building as we work towards delivering fault-toleranc
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom