Binary, an industry-leading, AI-powered firmware and software supply chain security platform provider, has developed and released a free scanning tool to help detect symptoms of the vulnerable XZ vector (CVE-2024-3094).
Diagnostic tool XZ.fail The backdoor was released within 24 hours of discovery in the open source software XZ Utils, which enables lossless data compression on almost all Unix-like operating systems, including Linux. (See CISA Advice)
According to Alex Medrosov, CEO of Binarly, the tool has a generic IFUNC implant detection with almost zero false positives, which shows the company's binary code intelligence engine in action.
“This detection is based on behavioral analysis and can automatically detect any change if a similar backdoor is installed elsewhere,” Matrosov added.
“Such a complex and professionally designed implant concept is not intended to be a one-off operation. It may already be used elsewhere or partially reused in other functions. That's why we focused on the most common detection of this complex backdoor,” Medrosov added.
For those looking for more comprehensive detection and remediation strategies, the Binary Transparency platform offers an in-depth solution. With XZ detection capabilities, the platform makes it easy to detect malicious activity, enabling users to take immediate and effective action to protect their software supply chains.
The XZ backdoor came to light on March 29, 2024, when Andre's friend posted a thread on the Openwall mailing list oss-security, in which he revealed a potential compromise of open source code.
For more information, read our research paper And access the free XZ backdoor scanner XZ.fail to do
About Binarly:
Binary is a global firmware and software supply chain security company founded in 2021. The company's flagship product, Binary Transparency Platform, is an enterprise-class AI-powered solution used by device manufacturers, OEMs, IBVs and product security teams to detect known and unknown vulnerabilities, misconfigurations and signs of malicious code injection. Binarly's proven remediation playbooks have significantly reduced the cost and time to respond to vulnerabilities. Based in Los Angeles, California, Binarly has decades of experience in research and program analysis to develop solutions to protect businesses, critical infrastructure and consumers around the world.
The original text is the official and authorized version in which the original text was published. Translations will be added for better understanding. Only the first published language version is legally valid. So, compare the translations with the original language version of the publication.
See the original version on businesswire.com: https://www.businesswire.com/news/home/20240401039091/de/
[email protected]
818.351.9637
© Business Wire, Inc.
Refusal
This press release is not a document produced by AFP. AFP assumes no responsibility for their content. If you have any questions, please contact the contact persons/offices listed in the text of the press release.
