all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Shooting Yourself in the .flags – Jailbreaking the Sonos Era 100

Add to bookmarks
Dec. 4, 2023, 10:25 a.m. | Alex Plaskett

NCC Group Research Blog research.nccgroup.com

Research performed by Ilya Zhuravlev supporting the Exploit Development Group (EDG). The Era 100 is Sonos’s flagship device, released on March 28th 2023 and is a notable step up from the Sonos One. It was also one of the target devices for Pwn2Own Toronto 2023. NCC found multiple security weaknesses within the bootloader of the […]

development device devices exploit exploit development found hardware & embedded systems jailbreaking march ncc pwn2own pwn2own toronto 2023 research security shooting sonos target toronto vulnerability research

Visit resource

More from research.nccgroup.com / NCC Group Research Blog

Sifting through the spines: identifying (potential) Cactus ransomware victims 1 week ago | research.nccgroup.com
access blog cactus cactus ransomware +17
Public Report – Confidential Mode for Hyperdisk – DEK Protection Analysis 2 weeks, 5 days ago | research.nccgroup.com
analysis architecture confidential data +19
Non-Deterministic Nature of Prompt Injection 2 weeks, 5 days ago | research.nccgroup.com
attack easy explained exploiting +10
Technical Advisory – Ollama DNS Rebinding Attack (CVE-2024-28224) 3 weeks, 2 days ago | research.nccgroup.com
access advisory api attack +24
Public Report – Google Privacy Sandbox Aggregation Service and Coordinator 1 month ago | research.nccgroup.com
aggregation companies google google privacy sandbox +16
Android Malware Vultur Expands Its Wingspan 1 month ago | research.nccgroup.com
android android banking malware android malware authors +18
LTair: The LTE Air Interface Tool 1 month, 2 weeks ago | research.nccgroup.com
air attacks blog blog post +14
The Development of a Telco Attack Testing Tool 1 month, 2 weeks ago | research.nccgroup.com
attack blog challenges development +13
Public Report – AWS Nitro System API & Security Claims Italian 1 month, 3 weeks ago | research.nccgroup.com
amazon amazon web services api apis +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs