CA-BINARLY
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Torq Secures $140M Series D at $1.2B Valuation to Lead the AI SOC and Agentic AI Era11.1.2026 17:59:00 CET | Press release
Fueled by Massive Customer Adoption of AI Agents, Torq Scales the World’s First True AI SOC Platform and Accelerates Expansion into the U.S. Federal Market Torq, the established Agentic AI security operations pioneer, today announced it has closed a massive $140 million Series D funding round, propelling its valuation to $1.2 billion and total funding to $332M. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260112510774/en/ Led by Merlin Ventures—a leading cybersecurity fund renowned for its deep access to the U.S. commercial and Public Sector markets—with participation from all existing investors, including Evolution Equity Partners, Notable Capital, Bessemer Venture Partners, Insight Ventures Partners, and Greenfield Partners, this capital injection is a definitive investment in the future of security. Torq is driving the industry’s critical shift: the complete transformation of the Security Operations Center (SOC) through
Andersen udvider sine kompetencer med tilføjelsen af Scimitar9.1.2026 21:44:00 CET | Pressemeddelelse
Andersen Consulting har indgået en samarbejdsaftale med Scimitar, der er et firma med fokus på at accelerere innovation i biovidenskabsbranchen. Scimitar, der har hovedkvarter i USA, et førende konsulenthus inden for strategieksekvering for biovidenskabsbranchen. Virksomheden er specialiseret i design af driftsmodeller, digital transformation og organisatorisk forandring. Scimitar samarbejder med medicinal- og biotech-virksomheder om at accelerere innovation, styrke den driftsmæssige eksekvering og sikre compliance gennem hele produkters livscyklus. Deres praktiske og samarbejdsorienterede tilgang sikrer løsninger, der ikke blot er formålstjenlige, men også skalerbare. "Virksomheder inden for biovidenskabsbranchen befinder sig i en tid med hurtige videnskabelige fremskridt, stigende regulatorisk kompleksitet og et voksende behov for operationel agilitet, samtidig med at de holdes op mod de højeste standarder for patientsikkerhed og dataintegritet," udtaler Ramy Khalil, CEO i Scimitar.
Biocytogen and Acepodia Expand Collaboration Through Option-based Evaluation Framework for First-in-Class Bispecific and Dual-Payload ADCs (BsAD2C)9.1.2026 13:00:00 CET | Press release
Expanded collaboration builds on Acepodia and Biocytogen’s recent co-development efforts to evaluate selected bispecific antibody and dual-payload ADC programs Biocytogen Pharmaceuticals (Beijing) Co., Ltd. (Biocytogen, SSE: 688796; HKEX: 02315) and Acepodia (6976:TT), today announced that the companies have entered into an option and license agreement designed to enable the structured evaluation of bispecific antibody-drug conjugate (BsADC) programs to further advance the development of dual-payload bispecific antibody-drug conjugates (BsAD2Cs). The agreement grants Acepodia an option to obtain an exclusive worldwide license from Biocytogen for two BsADC programs. Under the terms of the agreement, Biocytogen is eligible to receive an upfront option fee and, upon Acepodia’s exercise of the option, additional payments including option exercise fees, development, regulatory, and commercial milestone payments, as well as royalties on future product sales. The financial terms of the agreem
Blockstream Capital Partners Announces Strategic Acquisition of Derivatives Trading Team from Numeus Group, Leveraging Strategic Partnership with Komainu9.1.2026 11:08:00 CET | Press release
Blockstream Capital Partners (“BCP”) today announced that it has entered into a strategic agreement to acquire a division within Numeus Group’s digital asset trading and investment business. The transaction includes the absorption of select Bitcoin focused trading strategies with a focus on yield generation as well as a ten person derivatives trading team led by Chief Investment Officer Deepak Gulati, a specialist in volatility and derivatives markets. Deepak Gulati, appointed Co-Chief Investment Officer of Blockstream Capital Management alongside Rodrigo Rodriguez, previously served as Global Head of Proprietary Trading at JPMorgan, before founding Argentiere Capital, a multibillion-dollar volatility-focused hedge fund. With a thesis that derivatives would drive Bitcoin and digital asset market maturity, he co-founded Numeus Group in 2021 to develop institutional-grade trading, risk management and market-structure capabilities. Komainu, an existing BCP strategic investment, has played
Autel Unveils Strategic Shift at CES 2026: Building the AI-Powered Infrastructure of Future Cities9.1.2026 10:44:00 CET | Press release
At the Consumer Electronics Show (CES), Autel Energy is presenting its latest AI-driven smart hardware and software systems for the future of intelligent urban operations. This year’s showcase highlights Autel’s shift from AI concept validation to scenario-based engineering deployment, emphasizing closed-loop execution across real-world infrastructure. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260101511436/en/ Autel Energy New Product Debut at CES 2026 Focusing on two key domains — Smart Energy and Smart Inspection — the company is unveiling a range of new products. In Smart Energy, Autel is introducing V2G (Vehicle-to-Grid) AC charger for homes and DC charging solution for fleets, strengthening its multi-tier energy touchpoint strategy from households to commercial operations. Live demonstrations at the booth will feature a smart charging robot showcasing automated plug-in capabilities. In Smart Inspection, Autel will
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom