CA-BINARLY
1.4.2024 22:40:34 CEST | Business Wire | Press release
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Visa Opens the Door to AI-Driven Shopping for Businesses Worldwide8.4.2026 18:00:00 CEST | Press release
Part of the Visa Intelligent Commerce portfolio, Intelligent Commerce Connect will enable more ways for agents to pay and merchants to accept agentic transactions in a single integrationCurrently in pilot with select partners including Aldar, AWS, Diddo, Highnote, Mesh, Payabli, Sumvin, and rolling out to more partners this year Visa Inc. (NYSE: V) today unveiled Intelligent Commerce Connect, a new solution that makes it easier for businesses to connect to and participate in AI-powered commerce. Intelligent Commerce Connect acts as a network, protocol, and token vault-agnostic ‘on ramp’ to agentic commerce for agent builders, merchants, and enablers. As consumers increasingly rely on AI agents to make purchases, businesses – whether they are building agents, selling to them, or processing transactions – need a simple way to get started. Intelligent Commerce Connect, part of the Visa Intelligent Commerce portfolio, meets that need. Through a single integration via the Visa Acceptance Pl
Sumitomo Corporation, SMBC Aviation Capital, Apollo and Brookfield Complete the Acquisition of Air Lease Corporation8.4.2026 15:13:00 CEST | Press release
Sumitomo Corporation, SMBC Aviation Capital, Apollo-managed funds (“Apollo”) and Brookfield today announced that they have completed the previously announced acquisition of Air Lease Corporation (“Air Lease”) and have renamed the business Sumisho Air Lease Corporation (“Sumisho Air Lease”). This transformational transaction improves the financial position of the business with long term support and aviation expertise from co-investors Sumitomo Corporation, SMBC Aviation Capital, Apollo and Brookfield. Sumisho Air Lease’s strong foundation as an established aircraft lessor, supported by SMBC Aviation Capital’s industry‑leading capabilities as servicer, creates a platform with the scale and financial strength needed to meet the fast‑changing and increasingly complex requirements of airline customers. Sumisho Air Lease will also benefit from the deep expertise and long-standing commitment that both Sumitomo Corporation and SMBC Aviation Capital bring to the global aviation leasing sector.
Sitetracker Launches Scout, an Agentic AI Platform Purpose-Built for Critical Infrastructure8.4.2026 15:00:00 CEST | Press release
Sitetracker, the leading Asset Lifecycle Management platform for critical infrastructure, today announced the launch of Scout, its new Agentic AI platform designed to help infrastructure owners, operators, and contractors gain deep insights and drive automation within their operations. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260408923336/en/ Scout, ready for real work As your AI analyst and agent, Scout is ready to work on day 1. Scout provides clarity when decisions are forming and momentum when action is required. It surfaces risk, synthesizes information, and helps accelerate execution by connecting data and driving action. Scout creates operational intelligence and turns it into action all in a secure environment that protects data sovereignty. “Our customers are looking to create compounding competitive advantages,” said Giuseppe Incitti, Chief Executive Officer of Sitetracker. “Scout delivers by providing easy t
Westinghouse Hosts Annual VVER Fuel Forum with Customers8.4.2026 15:00:00 CEST | Press release
Westinghouse currently has fuel supply contracts with all the European VVER operators Westinghouse and MVM Paks Nuclear Power Plant (NPP) recently co-hosted the VVER Fuel Forum in Budapest to share insights and plans for the continued deployment of VVER-1000 and VVER-440 fuel in operating reactors. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20260408646373/en/ Participants to the VVER Fuel Forum Péter János Horváth, CEO of MVM Paks, welcomed all the participants, highlighting that Hungary is ending two decades of single supplier fuel dependency thanks to the agreement recently signed with Westinghouse to supply the VVER-440 NOVA E-6 fuel design. Six customers presented the progress made and positive outcomes achieved in the past years with the introduction of Westinghouse fuel into mixed cores with resident fuel in their reactors: Energoatom has extensive experience with Westinghouse VVER-440 and VVER-1000 fuel, currently u
Virica Biotech and FUJIFILM Biosciences Collaborate Under the Canada–Japan Co‑Innovation Program to Advance AAV Production Enhancers8.4.2026 15:00:00 CEST | Press release
Efficient production of Adeno-Associated Virus (AAV) vectors at scale for in vivo gene therapies remains a key bottleneck for broad patient access and sustainable manufacturing costs.Virica and FUJIFILM Biosciences will co-develop an off-the-shelf enhancer–media solution to boost AAV yields and process robustness in FUJIFILM Biosciences BalanCD® HEK293 system. Virica Biotech (“Virica”), a cell enhancer company specializing in Viral Sensitizers (VSE™) for viral vector manufacturing, today announced it is receiving advisory services and funding from the National Research Council of Canada Industrial Research Assistance Program (NRC IRAP), under the Canada–Japan Corporate Co-Innovation Program for a collaboration with FUJIFILM Biosciences. The collaboration will focus on optimizing a VSE™ formulation for FUJIFILM Biosciences BalanCD HEK293 media to support academic and commercial AAV producers globally. AAV vectors are a cornerstone of in vivo gene delivery for gene therapies, but they re
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom