CA-BINARLY
Binarly, provider of an industry leading AI-powered firmware and software supply chain security platform, has created and released a free scanning tool to help defenders spot signs of the dangerous XZ backdoor (CVE-2024-3094).
The XZ.fail detection tool was released less than 24 hours after the discovery of a backdoor in the open-source XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. (See CISA advisory).
According to Binarly chief executive Alex Matrosov, the tool includes generic IFUNC implantation detection with close to zero false-positives, showcasing the company’s binary code intelligence engine in action.
“This detection is based on behavioral analysis and can detect any invariants automatically if a similar backdoor is implanted somewhere else,” Matrosov added.
“Such a complex and professionally designed implantation framework is not developed for a one-shot operation. It could already be deployed elsewhere or partially reused in other operations. That’s exactly why we started focusing on more generic detection for this complex backdoor,” Matrosov added.
For those seeking more comprehensive detection and remediation strategies, the Binarly Transparency Platform offers an in-depth solution. With XZ detection capabilities deployed, the platform facilitates easy identification of malicious activities at scale, enabling users to take prompt and effective action to safeguard their software supply chains.
The XZ backdoor came to light on March 29, 2024, when a thread was published on Openwall's oss-security mailing list by Andres Freund, revealing a potential compromise in the open-source code.
For more information read our research article and access the free XZ backdoor scanner at XZ.fail.
About Binarly:
Binarly is a global firmware and software supply chain security company founded in 2021. The company’s flagship Binarly Transparency Platform is an enterprise-class, AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to identify known and unknown vulnerabilities, misconfigurations and signs of malicious code implantation. Binarly’s validated remediation playbooks have significantly reduced the cost and time to respond to security exposures. Based in Los Angeles, California, Binarly brings decades of research and program analysis expertise to build solutions to protect businesses, critical infrastructure, and consumers around the world.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240401230046/en/
About Business Wire
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
DevvStream and Southern Energy Renewables Announce Business Combination Targeting Low-Cost Production of Carbon-Negative SAF and Green Methanol3.12.2025 15:40:00 CET | Press release
Combination integrates carbon-credit origination expertise with U.S.-produced, lower-cost carbon-negative fuels to meet growing global demandSouthern secures a $402 million bond allocation from the Louisiana Community Development Authority in support of its flagship biomass-to-fuel facilitySouthern makes initial PIPE Investment in DevvStream of approximately $2.0 million at $15.58 per share DevvStream Corp. (Nasdaq: DEVS) (“DevvStream”), a leading carbon management and environmental-asset monetization firm, and Southern Energy Renewables Inc. (“Southern”), a U.S.-based producer of low-cost fuels made from biomass, with a flagship Louisiana project that plans to utilize regional wood-waste biomass to deliver green methanol and carbon-negative sustainable aviation fuel (“SAF”) at scale, today announced that they have entered into a definitive agreement to combine under a new U.S.-domiciled, Nasdaq-listed company, following customary closing conditions. The new company plans to help aviat
Rimini Street Launches Rimini Agentic UX™ to Bring Agentic AI Innovation to ERP Processes3.12.2025 15:00:00 CET | Press release
Rimini Agentic UX is being implemented across dozens of client projects, delivering intelligent process automation, AI-driven productivity and enterprise-wide visibility — without requiring expensive upgrades, migrations or budget increases Rimini Street, Inc. (Nasdaq: RMNI), the Software Support and Agentic AI ERP Company™, and the leading third-party support provider for Oracle, SAP and VMware software, today introduced Rimini Agentic UX™, an intelligent, AI-driven user engagement layer that streamlines ERP process execution for efficiency and significant savings, delivering persona- and role-based automation and productivity enhancements without the need for costly ERP Software upgrades or migrations. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20251203473078/en/ Rimini Street Launches Rimini Agentic UX™ to Bring Agentic AI Innovation to ERP Processes Rimini Agentic UX Redefines ERP Process Execution Rimini Agentic UX co
GCL Evolves Into The Rock-It Company, Uniting Leading Logistics Platform of Live Events and Luxury Goods Services Under a New Banner3.12.2025 15:00:00 CET | Press release
Built on the 47-year legacy of Rock-It Cargo and a growing platform across multiple end markets, the evolution marks a new era of growth and acceleration for the company Global Critical Logistics (GCL) announced today its brand evolution into the newly unveiled identity of The Rock-It Company, uniting its diverse portfolio under the iconic and globally recognized name. The announcement arrives as Rock-It delivers some of the world’s most impactful cultural moments this week including the Final Draw of the FIFA World Cup 2026™ in Washington D.C., Art Basel in Miami, The Conference at Rock Lititz and several concerts and automotive events in Abu Dhabi, including the RM Sotheby’s Auction. These marquee events all coincide with a extensive slate of global tours, film productions, broadcast operations, and experiential projects that span multiple continents. Together, these iconic moments contribute to the more than 10,000 mission-critical projects that Rock-It enables each year through its
Pattern Announces Acquisition of ROI Hunter, Connecting Product-Level Advertising and Marketplace Performance for Global Brands3.12.2025 15:00:00 CET | Press release
Pattern Group Inc. (Nasdaq: PTRN), a leader in accelerating brands on global ecommerce marketplaces by leveraging proprietary technology and AI, today announced that it has acquired ROI Hunter a.s., a performance-driven retail media platform for brands and retailers. ROI Hunter integrates product, marketing, and merchandising data into a single source of truth, enabling margin-informed, SKU-level advertising decisions across major walled-garden platforms including Google, Meta, and Snap. The acquisition strengthens Pattern’s position as the world’s leading ecommerce accelerator and expands the company’s AI-driven advertising capabilities across Meta, Google and Snapchat. ROI Hunter brings a defensible, SKU-level data moat anchored in API integrations and more than $1.1B in media managed annually, enabling a uniquely granular view of product-level performance. “We are thrilled to welcome the ROI Hunter team to Pattern,” said Dave Wright, Co-founder and CEO of Pattern. “Their deep techni
Perma-Pipe International Holdings, Inc. Secures $52 Million in Third-Quarter Awards, Expands Global Reach With U.S. Data Centers and Saudi Aramco Projects3.12.2025 14:45:00 CET | Press release
Perma-Pipe International Holdings, Inc. (NASDAQ: PPIH) today announced that it secured $52 million in project awards during the third quarter of 2025, including $30 million previously announced in September. The additional $22 million in new awards includes major data center infrastructure projects in the United States and Saudi Aramco–related projects to be executed from the company’s recently approved Dammam, Saudi Arabia facility. “These awards underscore the accelerating demand we’re seeing across mission-critical infrastructure, especially in the data center sector,” said Marc Huber, Senior Vice President, North America. “Our teams continue to deliver the technical capabilities, responsiveness, and reliability that our customers expect as they scale up.” Adham Sharkawi, Senior Vice President, MENA, added: “Growth in the Kingdom of Saudi Arabia is a strategic priority for Perma-Pipe. The new Saudi Aramco awards demonstrate our strengthened local presence in Dammam and reinforce our
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom