[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"left-rail-focus-en":3,"$f07J4FumdusTWgDuKhg4TYMNSG11gc0MpthXv962cLyw":209,"right-rail-creators-en-guest":280,"right-rail-reading-en":427},{"data":4,"links":56,"meta":60},[5],{"ulid":6,"type":7,"title":8,"content":9,"content_html":10,"slug":11,"slug_plain":11,"canonical_url":12,"social_links":13,"creator_focuses":17,"creator_focus_codes":21,"creator_focus_labels":25,"texts":26,"media":32,"related":50,"user":51,"likes_count":42,"is_liked":41,"subscribers_count":42,"is_subscribed":41,"created_at":55,"updated_at":55},"01KK7JP5SNY8N5FR848EJADYA4","creator","Lionfield","Lionfield is an Italian content creator and music duo formed by childhood friends Matteo Salvatori and Emiliano Santoro. Based on their shared passion for Italian culture, cuisine, and music, they produce humorous and educational videos that highlight traditional Italian food practices, often reacting to unconventional or incorrect ways of cooking classic dishes.\n\nThe duo gained prominence on platforms like YouTube and TikTok, where they mix musical performances with comedy sketches centered around pasta, pizza, and other staples of Italian cuisine. Their content frequently focuses on \"protecting\" Italian food traditions, using exaggerated reactions and catchphrases to entertain while reinforcing authentic cooking methods.\n\nIn addition to short-form reactions, Lionfield creates original music and themed videos, such as their song and video about making pasta al dente. They often incorporate practical cooking tips—like properly timing pasta and avoiding common myths—into their lyrics and scripts, making their content both engaging and informative.\n\n- Italian duo: Matteo Salvatori and Emiliano Santoro  \n- Known for: comedic reactions to food \"torture\" and Italian cooking fails  \n- Platforms: YouTube, TikTok, and other social media  \n- Focus: Italian cuisine, music, and cultural commentary","\u003Cp>Lionfield is an Italian content creator and music duo formed by childhood friends Matteo Salvatori and Emiliano Santoro. Based on their shared passion for Italian culture, cuisine, and music, they produce humorous and educational videos that highlight traditional Italian food practices, often reacting to unconventional or incorrect ways of cooking classic dishes.\u003C\u002Fp>\n\u003Cp>The duo gained prominence on platforms like YouTube and TikTok, where they mix musical performances with comedy sketches centered around pasta, pizza, and other staples of Italian cuisine. Their content frequently focuses on "protecting" Italian food traditions, using exaggerated reactions and catchphrases to entertain while reinforcing authentic cooking methods.\u003C\u002Fp>\n\u003Cp>In addition to short-form reactions, Lionfield creates original music and themed videos, such as their song and video about making pasta al dente. They often incorporate practical cooking tips—like properly timing pasta and avoiding common myths—into their lyrics and scripts, making their content both engaging and informative.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Italian duo: Matteo Salvatori and Emiliano Santoro\u003C\u002Fli>\n\u003Cli>Known for: comedic reactions to food "torture" and Italian cooking fails\u003C\u002Fli>\n\u003Cli>Platforms: YouTube, TikTok, and other social media\u003C\u002Fli>\n\u003Cli>Focus: Italian cuisine, music, and cultural commentary\u003C\u002Fli>\n\u003C\u002Ful>\n","lionfield","lionfield\u002F01KK7JP5SNY8N5FR848EJADYA4",[14],{"network":15,"url":16},"youtube","https:\u002F\u002Fwww.youtube.com\u002F@Lionfield",[18,19,20],"Food","Music","Comedy",[22,23,24],"food","music","comedy",{"food":18,"music":19,"comedy":20},[27,30],{"type":28,"text":8,"locale":29},"title","en",{"type":31,"text":9,"locale":29},"content",[33],{"id":34,"ulid":35,"post_id":36,"type":37,"path":38,"url":39,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":44,"size":45,"width":46,"height":46,"duration":43,"hash":47,"variant_base_url":48,"metadata":43,"created_at":49,"updated_at":49},109,"01KK7JP6GQS30VJEEH0DQJ7MVX",58,"image","posts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7JP6GQS30VJEEH0DQJ7MVX.jpg","https:\u002F\u002Fapi.influrs.com\u002Fstorage\u002Fposts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7JP6GQS30VJEEH0DQJ7MVX.jpg","public",false,0,null,"image\u002Fjpeg",123453,900,"83ed7b705c91b38e340000031a71ae236b3840503ecc1d41b3cc35f7c82e0389","https:\u002F\u002Fapi.influrs.com\u002Fmedia","2026-03-08T20:37:16.000000Z",[],{"ulid":52,"name":53,"avatar":54},"01KJ37Q0G1X6KJN6AKDK65MDZ5","Sqa17ll","https:\u002F\u002Flh3.googleusercontent.com\u002Fa\u002FACg8ocKaRvWO1Gfwoph3v77vSGL2hZ4dGqPnnY8mN2HHnO9S1BKnnw=s96-c","2026-03-08T20:37:13.000000Z",{"first":57,"last":58,"prev":43,"next":59},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=1","http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=22","http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=2",{"current_page":61,"from":61,"last_page":62,"links":63,"path":114,"per_page":61,"to":61,"total":62,"focus_area_options":115},1,22,[64,66,69,72,76,80,84,88,92,96,100,104,106,110,112],{"url":43,"label":65,"page":43,"active":41},"pagination.previous",{"url":57,"label":67,"page":61,"active":68},"1",true,{"url":59,"label":70,"page":71,"active":41},"2",2,{"url":73,"label":74,"page":75,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=3","3",3,{"url":77,"label":78,"page":79,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=4","4",4,{"url":81,"label":82,"page":83,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=5","5",5,{"url":85,"label":86,"page":87,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=6","6",6,{"url":89,"label":90,"page":91,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=7","7",7,{"url":93,"label":94,"page":95,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=8","8",8,{"url":97,"label":98,"page":99,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=9","9",9,{"url":101,"label":102,"page":103,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=10","10",10,{"url":43,"label":105,"active":41},"...",{"url":107,"label":108,"page":109,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=21","21",21,{"url":58,"label":111,"page":62,"active":41},"22",{"url":59,"label":113,"page":71,"active":41},"pagination.next","http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts",[116,119,122,125,126,129,132,135,138,141,144,147,150,153,156,159,162,165,168,169,172,175,178,181,184,187,190,193,196,199,200,203,206],{"code":117,"label":118},"art","Art",{"code":120,"label":121},"animals","Animals",{"code":123,"label":124},"books","Books",{"code":24,"label":20},{"code":127,"label":128},"design","Design",{"code":130,"label":131},"film","Film",{"code":133,"label":134},"fitness","Fitness",{"code":136,"label":137},"gaming","Gaming",{"code":139,"label":140},"health","Health",{"code":142,"label":143},"history","History",{"code":145,"label":146},"nature","Nature",{"code":148,"label":149},"news","News",{"code":151,"label":152},"politics","Politics",{"code":154,"label":155},"science","Science",{"code":157,"label":158},"sports","Sports",{"code":160,"label":161},"military","Military",{"code":163,"label":164},"space","Space",{"code":166,"label":167},"journalist","Journalist",{"code":23,"label":19},{"code":170,"label":171},"actor","Actor",{"code":173,"label":174},"comedian","Comedian",{"code":176,"label":177},"tech","Tech",{"code":179,"label":180},"ai","AI",{"code":182,"label":183},"business","Business",{"code":185,"label":186},"finance","Finance",{"code":188,"label":189},"investing","Investing",{"code":191,"label":192},"crypto","Crypto",{"code":194,"label":195},"beauty","Beauty",{"code":197,"label":198},"fashion","Fashion",{"code":22,"label":18},{"code":201,"label":202},"travel","Travel",{"code":204,"label":205},"home","Home",{"code":207,"label":208},"automotive","Automotive",{"data":210},{"ulid":211,"type":212,"title":213,"content":214,"content_html":215,"slug":216,"slug_plain":216,"canonical_url":217,"alternate_paths":218,"social_links":242,"creator_focuses":243,"creator_focus_codes":244,"creator_focus_labels":245,"texts":246,"media":249,"related":268,"user":279,"likes_count":42,"is_liked":41,"subscribers_count":42,"is_subscribed":41,"created_at":257,"updated_at":257},"01KK2S8962MEGC6T37CG27H0PN","post","How a Fake Branch Office Took Over the Network: Inside UAT-8616’s SD‑WAN Hack","## SD‑WAN in Plain Terms: Why This Hack Matters\n\nIn the video, Ed Woodruff from Low Level TV walks through what he calls the most advanced hack he’s covered: a real‑world compromise of Cisco SD‑WAN systems by the threat actor UAT‑8616, also known as Salt Typhoon.\n\nTo set the stage, he first explains SD‑WAN at a high level:\n\n- **Old model:** Companies with many branches historically relied on private leased lines (T1\u002FT3) and later MPLS (Multi‑Protocol Label Switching) to connect branch A to branch B over private, unencrypted networks.\n- **SD‑WAN upgrade:** Software‑Defined Wide Area Networks let branches communicate over **any transport** (internet, private links, etc.) while centrally defining how traffic is routed. It’s more flexible and can use encryption and policy‑based routing.\n\nBecause SD‑WAN frequently sits at the edge of critical infrastructure—like water and power utilities—the security of its controllers and management planes is crucial. That’s exactly what UAT‑8616 targeted.\n\n## Who Is UAT‑8616 \u002F Salt Typhoon?\n\nEd bases the story on public reporting from Cisco Talos about a Chinese threat actor:\n\n- **UAT‑8616**, also called **Salt Typhoon**, has been observed exploiting **zero‑day vulnerabilities** in edge and network devices.\n- Their targets include critical infrastructure sectors in the US and worldwide, especially **operational technology (OT)** environments like:\n  - Water utilities\n  - Power companies\n  - Other industrial and infrastructure networks\n\nIn this campaign, they abused weaknesses in Cisco Catalyst SD‑WAN systems to gain deep, persistent access to enterprise networks.\n\n## Step 1: Faking a Branch via SD‑WAN Peering\n\nSD‑WAN controllers manage many branches. When a **new branch joins**, it has to **peer** with the controller and prove it belongs to the organization. Typically this uses:\n\n- Public\u002Fprivate key exchanges, or\n- Pre‑shared symmetric keys\n\nThe idea: a new branch says, “I’m part of the company; here’s proof,” and the controller accepts it into the management\u002Fcontrol plane.\n\nAccording to the Cisco Talos reporting Ed cites:\n\n- UAT‑8616 exploited a **vulnerability in the SD‑WAN peering mechanism**.\n- Details are **not public**—there is no proof‑of‑concept, and the exact cryptographic or protocol bug isn’t known.\n\nWhat is known from the Talos write‑up, as described in the video:\n\n- The attackers were able to **create a fake branch** in the SD‑WAN fabric.\n- This fake node appeared like any other legitimate branch on the network map.\n- From there, they could:\n  - Advertise IP routes\n  - Inject and receive network traffic\n  - Join the **management\u002Fcontrol plane** with **limited privileges**\n\nSo the first win for the attackers was **quietly becoming just another branch**—with enough access to reach the controllers, but not yet root.\n\n## Step 2: Firmware Downgrade to Revive an Old CVE\n\nOnce inside the SD‑WAN network as a low‑privilege participant, UAT‑8616 moved to privilege escalation. Ed highlights a particularly clever part: they executed a **firmware downgrade attack**.\n\nWhy downgrade?\n\n- Software is (in theory) **more secure over time** as vulnerabilities are found and patched.\n- Older firmware often still contains **known, documented bugs**—like CVEs from prior years.\n\nIn this case, Ed points to:\n\n- **CVE‑2022‑20755** – a vulnerability in the **CLI (command‑line interface)** of Cisco SD‑WAN software.\n  - Only accessible to an **authenticated local user**.\n  - Allows escalation to **root**.\n\nFrom the story as he tells it:\n\n1. The attackers, acting as a fake branch, gained low‑privilege management plane access.\n2. They **downgraded** targeted SD‑WAN systems (vCenters \u002F controllers) to a firmware version that still contained CVE‑2022‑20755.\n3. With that older image running, they could **trigger the old bug** to escalate to root.\n\nEd notes this is a textbook reason many vendors try to **block firmware downgrades**:\n\n- If an attacker already has some access, the ability to roll back to vulnerable code effectively hands them an older, weaker security baseline to exploit.\n\n## Step 3: Path Traversal and Vshell Abuse to Reach Root\n\nTo explain the escalation path, Ed dives into an example of a classic **path traversal** vulnerability, then connects it to how the Cisco bug worked.\n\n### What is a path traversal?\n\nHe sketches a simplified scenario:\n\n- A web tool takes a **user‑supplied path** and serves a file from `\u002Fvar\u002Fwww\u002Fuploads\u002F\u003Cuser_path>`.\n- If the code doesn’t sanitize the input, the user can supply `..\u002F..\u002F..\u002F..\u002Fetc\u002Fpasswd` instead of a harmless filename.\n- The system then opens `\u002Fetc\u002Fpasswd`, a sensitive file, even though that was never intended.\n\nThis is the essence of a path traversal: using sequences like `..\u002F` to **walk up the directory tree** and access files outside the allowed area.\n\n### How this mapped to the Cisco SD‑WAN exploit\n\nAccording to the vulnerability description Ed summarizes:\n\n- The vulnerable component was **Vshell**, the SD‑WAN CLI environment.\n- When a user logs in, Vshell generates a **config file** using a filesystem path plus the **username**.\n- If the username isn’t sanitized, an attacker can embed traversal strings in it.\n\nThe attack chain he describes from the research:\n\n1. **Crafted username**\n   - The attacker sets a username like `.temp\u002F..\u002Ffoo\u002F..\u002Fexternal` (placeholder example) that includes traversal sequences.\n   - This tricks Vshell into reading a file located **outside** the intended directory.\n\n2. **Leak a sensitive IPC secret**\n   - Using this technique, the attacker reads `confd_ipc_secret` (a secret used for **inter‑process communication** between components on the system).\n   - With that secret, they can **sign IPC requests** as if they were a trusted process.\n\n3. **Run Vshell as root**\n   - The exploit script shown in the write‑up (as Ed recounts) uses the leaked secret to request that a command run as UID 0 \u002F GID 0 (root).\n   - Example flow:\n     - Run: `python temp\u002Fexploit.py 123` to leak `confd_ipc_secret`.\n     - Then use that secret to invoke Vshell or other commands **as root**.\n\nSo the escalation sequence is:\n\n- Fake branch → low‑privilege CLI access → path traversal in Vshell → leak IPC secret → signed IPC calls as root → **full system compromise**.\n\n## Detection, Mitigation, and Why This Is So Dangerous\n\nEd closes with practical takeaways for anyone operating similar environments, based on Cisco Talos guidance.\n\n### What defenders should look for\n\nHe mentions several indicators and patterns:\n\n- **Suspicious SD‑WAN peers**\n  - Check logs for **new control connections** and peers.\n  - Especially flag peers:\n    - Coming from **public IP addresses** that aren’t in your expected list\n    - With geolocation or ownership that doesn’t match your organization\n\n- **Signs of privilege escalation via traversal usernames**\n  - Look for login attempts or CLI sessions involving **crafted usernames** containing traversal sequences like `..\u002F`.\n  - These can hint at attempts to trigger the Vshell path traversal \u002F configuration bug.\n\n- **Standard persistence artifacts** (general good practice)\n  - Unrecognized SSH keys in `authorized_keys`\n  - Suspicious entries in `known_hosts`\n  - Changes to `sshd_config` or other security‑sensitive configs\n\n### Mitigation steps\n\nWithin the bounds of what he describes:\n\n- **Upgrade firmware** on affected Cisco SD‑WAN systems to patched versions that fix:\n  - The peering\u002Fauthentication bypass vulnerability, and\n  - CVE‑2022‑20755 and related privilege escalation issues.\n- Review whether your devices allow **firmware downgrades** and how that’s controlled.\n- Improve monitoring of control‑plane events and peering relationships.\n\nEd stresses that if you manage one of these networks, the baseline action is straightforward: **update your firmware** and comb through logs for anomalous peers or crafted usernames.\n\n## Would Rust Have Saved the Day?\n\nEd addresses a common question in his audience: could this attack have been prevented if the software was written in Rust instead of C\u002FC++?\n\nHe’s cautious and keeps the answer tied to what’s publicly known:\n\n- The **peering\u002Fauthentication bug**:\n  - If it’s a **cryptographic design or implementation error** (e.g., hard‑coded keys, missing signatures, bad hash usage, logic errors in a state machine), **Rust would not inherently fix that**.\n  - Rust addresses memory safety, not flawed crypto designs or logic.\n\n- The **Vshell path traversal \u002F IPC abuse**:\n  - If any part hinges on **memory corruption during parsing**, Rust could help.\n  - But if the core problem is **input validation and path handling logic**, that’s still up to the programmer, even in Rust.\n\nHe also notes a practical constraint:\n\n- Many carrier‑grade routers and SD‑WAN systems run on **real‑time operating systems (RTOS)** with tight performance and scheduling requirements.\n- **Real‑time Rust** is still a developing area. Projects like **Embassy** and **Arctic** exist, but it’s not yet a universally solved or mature space for all vendors.\n\nSo in this example, Rust isn’t a silver bullet; the problems appear to be **design and logic** rather than purely memory safety.\n\n## Final Summary\n\nIn this Low Level TV episode, Ed Woodruff unpacks a sophisticated real‑world attack against Cisco SD‑WAN systems by the threat actor UAT‑8616 (Salt Typhoon). The campaign combined:\n\n- A **peering\u002Fauthentication flaw** that let the attackers create a **fake branch** in a company’s SD‑WAN fabric.\n- A **firmware downgrade** to resurrect **CVE‑2022‑20755**, a known CLI privilege‑escalation bug.\n- A **path traversal** in Vshell to leak an **IPC secret** and ultimately execute commands as **root**.\n\nThe result: a low‑privilege foothold as a bogus branch was turned into full control of SD‑WAN controllers, with potential impact across every branch of a target organization.\n\nEd’s key takeaways are to keep SD‑WAN firmware updated, monitor for unexpected peers and crafted usernames, and recognize that while safer languages like Rust help with memory safety, they don’t automatically solve cryptographic or logic‑level design flaws. The attack chain he describes shows how layered weaknesses—peering, downgrade capability, and CLI bugs—can combine into one of the most advanced practical hacks seen against wide‑area network infrastructure.","\u003Ch2>SD‑WAN in Plain Terms: Why This Hack Matters\u003C\u002Fh2>\n\u003Cp>In the video, Ed Woodruff from Low Level TV walks through what he calls the most advanced hack he’s covered: a real‑world compromise of Cisco SD‑WAN systems by the threat actor UAT‑8616, also known as Salt Typhoon.\u003C\u002Fp>\n\u003Cp>To set the stage, he first explains SD‑WAN at a high level:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Old model:\u003C\u002Fstrong> Companies with many branches historically relied on private leased lines (T1\u002FT3) and later MPLS (Multi‑Protocol Label Switching) to connect branch A to branch B over private, unencrypted networks.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SD‑WAN upgrade:\u003C\u002Fstrong> Software‑Defined Wide Area Networks let branches communicate over \u003Cstrong>any transport\u003C\u002Fstrong> (internet, private links, etc.) while centrally defining how traffic is routed. It’s more flexible and can use encryption and policy‑based routing.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Because SD‑WAN frequently sits at the edge of critical infrastructure—like water and power utilities—the security of its controllers and management planes is crucial. That’s exactly what UAT‑8616 targeted.\u003C\u002Fp>\n\u003Ch2>Who Is UAT‑8616 \u002F Salt Typhoon?\u003C\u002Fh2>\n\u003Cp>Ed bases the story on public reporting from Cisco Talos about a Chinese threat actor:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>UAT‑8616\u003C\u002Fstrong>, also called \u003Cstrong>Salt Typhoon\u003C\u002Fstrong>, has been observed exploiting \u003Cstrong>zero‑day vulnerabilities\u003C\u002Fstrong> in edge and network devices.\u003C\u002Fli>\n\u003Cli>Their targets include critical infrastructure sectors in the US and worldwide, especially \u003Cstrong>operational technology (OT)\u003C\u002Fstrong> environments like:\n\u003Cul>\n\u003Cli>Water utilities\u003C\u002Fli>\n\u003Cli>Power companies\u003C\u002Fli>\n\u003Cli>Other industrial and infrastructure networks\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In this campaign, they abused weaknesses in Cisco Catalyst SD‑WAN systems to gain deep, persistent access to enterprise networks.\u003C\u002Fp>\n\u003Ch2>Step 1: Faking a Branch via SD‑WAN Peering\u003C\u002Fh2>\n\u003Cp>SD‑WAN controllers manage many branches. When a \u003Cstrong>new branch joins\u003C\u002Fstrong>, it has to \u003Cstrong>peer\u003C\u002Fstrong> with the controller and prove it belongs to the organization. Typically this uses:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Public\u002Fprivate key exchanges, or\u003C\u002Fli>\n\u003Cli>Pre‑shared symmetric keys\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The idea: a new branch says, “I’m part of the company; here’s proof,” and the controller accepts it into the management\u002Fcontrol plane.\u003C\u002Fp>\n\u003Cp>According to the Cisco Talos reporting Ed cites:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>UAT‑8616 exploited a \u003Cstrong>vulnerability in the SD‑WAN peering mechanism\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Details are \u003Cstrong>not public\u003C\u002Fstrong>—there is no proof‑of‑concept, and the exact cryptographic or protocol bug isn’t known.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>What is known from the Talos write‑up, as described in the video:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The attackers were able to \u003Cstrong>create a fake branch\u003C\u002Fstrong> in the SD‑WAN fabric.\u003C\u002Fli>\n\u003Cli>This fake node appeared like any other legitimate branch on the network map.\u003C\u002Fli>\n\u003Cli>From there, they could:\n\u003Cul>\n\u003Cli>Advertise IP routes\u003C\u002Fli>\n\u003Cli>Inject and receive network traffic\u003C\u002Fli>\n\u003Cli>Join the \u003Cstrong>management\u002Fcontrol plane\u003C\u002Fstrong> with \u003Cstrong>limited privileges\u003C\u002Fstrong>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>So the first win for the attackers was \u003Cstrong>quietly becoming just another branch\u003C\u002Fstrong>—with enough access to reach the controllers, but not yet root.\u003C\u002Fp>\n\u003Ch2>Step 2: Firmware Downgrade to Revive an Old CVE\u003C\u002Fh2>\n\u003Cp>Once inside the SD‑WAN network as a low‑privilege participant, UAT‑8616 moved to privilege escalation. Ed highlights a particularly clever part: they executed a \u003Cstrong>firmware downgrade attack\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>Why downgrade?\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Software is (in theory) \u003Cstrong>more secure over time\u003C\u002Fstrong> as vulnerabilities are found and patched.\u003C\u002Fli>\n\u003Cli>Older firmware often still contains \u003Cstrong>known, documented bugs\u003C\u002Fstrong>—like CVEs from prior years.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>In this case, Ed points to:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>CVE‑2022‑20755\u003C\u002Fstrong> – a vulnerability in the \u003Cstrong>CLI (command‑line interface)\u003C\u002Fstrong> of Cisco SD‑WAN software.\n\u003Cul>\n\u003Cli>Only accessible to an \u003Cstrong>authenticated local user\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Allows escalation to \u003Cstrong>root\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>From the story as he tells it:\u003C\u002Fp>\n\u003Col>\n\u003Cli>The attackers, acting as a fake branch, gained low‑privilege management plane access.\u003C\u002Fli>\n\u003Cli>They \u003Cstrong>downgraded\u003C\u002Fstrong> targeted SD‑WAN systems (vCenters \u002F controllers) to a firmware version that still contained CVE‑2022‑20755.\u003C\u002Fli>\n\u003Cli>With that older image running, they could \u003Cstrong>trigger the old bug\u003C\u002Fstrong> to escalate to root.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Ed notes this is a textbook reason many vendors try to \u003Cstrong>block firmware downgrades\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If an attacker already has some access, the ability to roll back to vulnerable code effectively hands them an older, weaker security baseline to exploit.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch2>Step 3: Path Traversal and Vshell Abuse to Reach Root\u003C\u002Fh2>\n\u003Cp>To explain the escalation path, Ed dives into an example of a classic \u003Cstrong>path traversal\u003C\u002Fstrong> vulnerability, then connects it to how the Cisco bug worked.\u003C\u002Fp>\n\u003Ch3>What is a path traversal?\u003C\u002Fh3>\n\u003Cp>He sketches a simplified scenario:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A web tool takes a \u003Cstrong>user‑supplied path\u003C\u002Fstrong> and serves a file from \u003Ccode>\u002Fvar\u002Fwww\u002Fuploads\u002F<user_path>\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>If the code doesn’t sanitize the input, the user can supply \u003Ccode>..\u002F..\u002F..\u002F..\u002Fetc\u002Fpasswd\u003C\u002Fcode> instead of a harmless filename.\u003C\u002Fli>\n\u003Cli>The system then opens \u003Ccode>\u002Fetc\u002Fpasswd\u003C\u002Fcode>, a sensitive file, even though that was never intended.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>This is the essence of a path traversal: using sequences like \u003Ccode>..\u002F\u003C\u002Fcode> to \u003Cstrong>walk up the directory tree\u003C\u002Fstrong> and access files outside the allowed area.\u003C\u002Fp>\n\u003Ch3>How this mapped to the Cisco SD‑WAN exploit\u003C\u002Fh3>\n\u003Cp>According to the vulnerability description Ed summarizes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The vulnerable component was \u003Cstrong>Vshell\u003C\u002Fstrong>, the SD‑WAN CLI environment.\u003C\u002Fli>\n\u003Cli>When a user logs in, Vshell generates a \u003Cstrong>config file\u003C\u002Fstrong> using a filesystem path plus the \u003Cstrong>username\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>If the username isn’t sanitized, an attacker can embed traversal strings in it.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The attack chain he describes from the research:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Crafted username\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The attacker sets a username like \u003Ccode>.temp\u002F..\u002Ffoo\u002F..\u002Fexternal\u003C\u002Fcode> (placeholder example) that includes traversal sequences.\u003C\u002Fli>\n\u003Cli>This tricks Vshell into reading a file located \u003Cstrong>outside\u003C\u002Fstrong> the intended directory.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Leak a sensitive IPC secret\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Using this technique, the attacker reads \u003Ccode>confd_ipc_secret\u003C\u002Fcode> (a secret used for \u003Cstrong>inter‑process communication\u003C\u002Fstrong> between components on the system).\u003C\u002Fli>\n\u003Cli>With that secret, they can \u003Cstrong>sign IPC requests\u003C\u002Fstrong> as if they were a trusted process.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Run Vshell as root\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The exploit script shown in the write‑up (as Ed recounts) uses the leaked secret to request that a command run as UID 0 \u002F GID 0 (root).\u003C\u002Fli>\n\u003Cli>Example flow:\n\u003Cul>\n\u003Cli>Run: \u003Ccode>python temp\u002Fexploit.py 123\u003C\u002Fcode> to leak \u003Ccode>confd_ipc_secret\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>Then use that secret to invoke Vshell or other commands \u003Cstrong>as root\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>So the escalation sequence is:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Fake branch → low‑privilege CLI access → path traversal in Vshell → leak IPC secret → signed IPC calls as root → \u003Cstrong>full system compromise\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch2>Detection, Mitigation, and Why This Is So Dangerous\u003C\u002Fh2>\n\u003Cp>Ed closes with practical takeaways for anyone operating similar environments, based on Cisco Talos guidance.\u003C\u002Fp>\n\u003Ch3>What defenders should look for\u003C\u002Fh3>\n\u003Cp>He mentions several indicators and patterns:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Suspicious SD‑WAN peers\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Check logs for \u003Cstrong>new control connections\u003C\u002Fstrong> and peers.\u003C\u002Fli>\n\u003Cli>Especially flag peers:\n\u003Cul>\n\u003Cli>Coming from \u003Cstrong>public IP addresses\u003C\u002Fstrong> that aren’t in your expected list\u003C\u002Fli>\n\u003Cli>With geolocation or ownership that doesn’t match your organization\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Signs of privilege escalation via traversal usernames\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Look for login attempts or CLI sessions involving \u003Cstrong>crafted usernames\u003C\u002Fstrong> containing traversal sequences like \u003Ccode>..\u002F\u003C\u002Fcode>.\u003C\u002Fli>\n\u003Cli>These can hint at attempts to trigger the Vshell path traversal \u002F configuration bug.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Standard persistence artifacts\u003C\u002Fstrong> (general good practice)\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Unrecognized SSH keys in \u003Ccode>authorized_keys\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Suspicious entries in \u003Ccode>known_hosts\u003C\u002Fcode>\u003C\u002Fli>\n\u003Cli>Changes to \u003Ccode>sshd_config\u003C\u002Fcode> or other security‑sensitive configs\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Mitigation steps\u003C\u002Fh3>\n\u003Cp>Within the bounds of what he describes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Upgrade firmware\u003C\u002Fstrong> on affected Cisco SD‑WAN systems to patched versions that fix:\n\u003Cul>\n\u003Cli>The peering\u002Fauthentication bypass vulnerability, and\u003C\u002Fli>\n\u003Cli>CVE‑2022‑20755 and related privilege escalation issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>Review whether your devices allow \u003Cstrong>firmware downgrades\u003C\u002Fstrong> and how that’s controlled.\u003C\u002Fli>\n\u003Cli>Improve monitoring of control‑plane events and peering relationships.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Ed stresses that if you manage one of these networks, the baseline action is straightforward: \u003Cstrong>update your firmware\u003C\u002Fstrong> and comb through logs for anomalous peers or crafted usernames.\u003C\u002Fp>\n\u003Ch2>Would Rust Have Saved the Day?\u003C\u002Fh2>\n\u003Cp>Ed addresses a common question in his audience: could this attack have been prevented if the software was written in Rust instead of C\u002FC++?\u003C\u002Fp>\n\u003Cp>He’s cautious and keeps the answer tied to what’s publicly known:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>The \u003Cstrong>peering\u002Fauthentication bug\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If it’s a \u003Cstrong>cryptographic design or implementation error\u003C\u002Fstrong> (e.g., hard‑coded keys, missing signatures, bad hash usage, logic errors in a state machine), \u003Cstrong>Rust would not inherently fix that\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>Rust addresses memory safety, not flawed crypto designs or logic.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>The \u003Cstrong>Vshell path traversal \u002F IPC abuse\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>If any part hinges on \u003Cstrong>memory corruption during parsing\u003C\u002Fstrong>, Rust could help.\u003C\u002Fli>\n\u003Cli>But if the core problem is \u003Cstrong>input validation and path handling logic\u003C\u002Fstrong>, that’s still up to the programmer, even in Rust.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>He also notes a practical constraint:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Many carrier‑grade routers and SD‑WAN systems run on \u003Cstrong>real‑time operating systems (RTOS)\u003C\u002Fstrong> with tight performance and scheduling requirements.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real‑time Rust\u003C\u002Fstrong> is still a developing area. Projects like \u003Cstrong>Embassy\u003C\u002Fstrong> and \u003Cstrong>Arctic\u003C\u002Fstrong> exist, but it’s not yet a universally solved or mature space for all vendors.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>So in this example, Rust isn’t a silver bullet; the problems appear to be \u003Cstrong>design and logic\u003C\u002Fstrong> rather than purely memory safety.\u003C\u002Fp>\n\u003Ch2>Final Summary\u003C\u002Fh2>\n\u003Cp>In this Low Level TV episode, Ed Woodruff unpacks a sophisticated real‑world attack against Cisco SD‑WAN systems by the threat actor UAT‑8616 (Salt Typhoon). The campaign combined:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>A \u003Cstrong>peering\u002Fauthentication flaw\u003C\u002Fstrong> that let the attackers create a \u003Cstrong>fake branch\u003C\u002Fstrong> in a company’s SD‑WAN fabric.\u003C\u002Fli>\n\u003Cli>A \u003Cstrong>firmware downgrade\u003C\u002Fstrong> to resurrect \u003Cstrong>CVE‑2022‑20755\u003C\u002Fstrong>, a known CLI privilege‑escalation bug.\u003C\u002Fli>\n\u003Cli>A \u003Cstrong>path traversal\u003C\u002Fstrong> in Vshell to leak an \u003Cstrong>IPC secret\u003C\u002Fstrong> and ultimately execute commands as \u003Cstrong>root\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The result: a low‑privilege foothold as a bogus branch was turned into full control of SD‑WAN controllers, with potential impact across every branch of a target organization.\u003C\u002Fp>\n\u003Cp>Ed’s key takeaways are to keep SD‑WAN firmware updated, monitor for unexpected peers and crafted usernames, and recognize that while safer languages like Rust help with memory safety, they don’t automatically solve cryptographic or logic‑level design flaws. The attack chain he describes shows how layered weaknesses—peering, downgrade capability, and CLI bugs—can combine into one of the most advanced practical hacks seen against wide‑area network infrastructure.\u003C\u002Fp>\n","how-a-fake-branch-office-took-over-the-network-inside-uat-8616s-sdwan-hack","how-a-fake-branch-office-took-over-the-network-inside-uat-8616s-sdwan-hack\u002F01KK2S8962MEGC6T37CG27H0PN",{"en":219,"cs":220,"hi":221,"es":222,"zh-CN":223,"pt":224,"bn":225,"ru":226,"ja":227,"de":228,"vi":229,"tr":230,"ko":231,"fr":232,"it":233,"th":234,"id":235,"el":236,"pl":237,"uk":238,"sv":239,"nl":240,"ar":241},"\u002Fen\u002Fposts\u002Fhow-a-fake-branch-office-took-over-the-network-inside-uat-8616s-sdwan-hack\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fcs\u002Fposts\u002Fjak-se-falesna-pobocka-zmocnila-site-podrobny-pohled-na-hackersky-utok-na-system-uat-8616-a-jeho-sd-wan\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fhi\u002Fposts\u002Feka-nakal-shakha-karayalya-na-natavaraka-para-kasa-kabza-kaya-yaeta-8616-ka-esada-dablyaeena-haka-ka-athara-ka-kahana\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fes\u002Fposts\u002Fcomo-una-sucursal-falsa-se-hizo-con-el-control-de-la-red-el-ataque-a-la-red-sd-wan-del-grupo-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fzh-CN\u002Fposts\u002Fuat-8616-sd-wan\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fpt\u002Fposts\u002Fcomo-uma-suposta-filial-fraudulenta-assumiu-o-controle-da-rede-os-bastidores-do-ataque-cibernetico-a-uat-8616-que-explorou-a-tecnologia-sd-wan\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fbn\u002Fposts\u002Fekti-nkl-sakha-ofis-keevabe-netoozarker-nizntrn-nil-iueti-8616-er-esdi-dbliueen-hzakingyer-vetrer-glp\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fru\u002Fposts\u002Fkak-poddelnoe-otdelenie-zaxvatilo-kontrol-nad-setiu-podrobnosti-vzloma-sd-wan-osushhestvlennogo-gruppirovkoi-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fja\u002Fposts\u002Fuat-8616sd-wan\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fde\u002Fposts\u002Fwie-eine-gefalschte-zweigstelle-das-netzwerk-ubernahm-ein-blick-hinter-die-kulissen-des-sd-wan-hacks-von-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fvi\u002Fposts\u002Fcach-mot-chi-nhanh-gia-mao-chiem-quyen-kiem-soat-mang-he-lo-ve-vu-tan-cong-sd-wan-cua-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Ftr\u002Fposts\u002Fsahte-bir-sube-nasil-agin-kontrolunu-ele-gecirdi-uat-8616nin-sd-wan-saldirisinin-ic-yuzu\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fko\u002Fposts\u002Fuat-8616-sd-wan\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Ffr\u002Fposts\u002Fcomment-une-fausse-succursale-a-pris-le-controle-du-reseau-les-dessous-du-piratage-du-sd-wan-de-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fit\u002Fposts\u002Fcome-una-filiale-fittizia-ha-preso-il-controllo-della-rete-dietro-le-quinte-dellattacco-sd-wan-di-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fth\u002Fposts\u002Fsd-wan-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fid\u002Fposts\u002Fbagaimana-kantor-cabang-palsu-mengambil-alih-jaringan-mengungkap-peretasan-sd-wan-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fel\u002Fposts\u002Fpws-ena-pseutiko-ipokatastima-katafere-na-apoktisei-ton-eleghkho-toy-diktyoy-mia-matia-stin-epithesi-sd-wan-tis-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fpl\u002Fposts\u002Fjak-falszywa-filia-przejela-kontrole-nad-siecia-kulisy-ataku-na-siec-sd-wan-przeprowadzonego-przez-grupe-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fuk\u002Fposts\u002Fiak-fiktivne-viddilennia-zaxopilo-kontrol-nad-merezeiu-detali-zlomu-sd-wan-organizaciyi-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fsv\u002Fposts\u002Fhur-ett-falskt-filialkontor-tog-over-natverket-en-inblick-i-uat-8616s-sd-wan-attack\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Fnl\u002Fposts\u002Fhoe-een-neppe-vestiging-het-netwerk-overnam-een-kijkje-achter-de-schermen-van-de-sd-wan-hack-van-uat-8616\u002F01KK2S8962MEGC6T37CG27H0PN","\u002Far\u002Fposts\u002Fkyf-astolt-fraa-ohmy-aal-alshbk-nthr-mn-aldakhl-aal-akhtrak-shbk-uat-8616-bastkhdam-tkny-sd-wan\u002F01KK2S8962MEGC6T37CG27H0PN",[],[],[],[],[247,248],{"type":28,"text":213,"locale":29},{"type":31,"text":214,"locale":29},[250,258],{"id":251,"ulid":252,"post_id":253,"type":254,"path":255,"url":256,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":43,"size":43,"width":43,"height":43,"duration":43,"hash":43,"metadata":43,"created_at":257,"updated_at":257},90,"01KK2S89NPJACZ18ZP8GNFKFGA",48,"embed","https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=k1NUNnqoGZg","https:\u002F\u002Fwww.youtube-nocookie.com\u002Fembed\u002Fk1NUNnqoGZg","2026-03-06T23:55:46.000000Z",{"id":259,"ulid":260,"post_id":253,"type":37,"path":261,"url":262,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":44,"size":263,"width":264,"height":265,"duration":43,"hash":266,"variant_base_url":48,"metadata":43,"created_at":267,"updated_at":267},91,"01KK2S89QEWSATV8WYBQFP2NK4","posts\u002Fmedia\u002F2026\u002F03\u002F06\u002F01KK2S89QEWSATV8WYBQFP2NK4.jpg","https:\u002F\u002Fapi.influrs.com\u002Fstorage\u002Fposts\u002Fmedia\u002F2026\u002F03\u002F06\u002F01KK2S89QEWSATV8WYBQFP2NK4.jpg",107929,1280,720,"1066addeefc2fc05ff9fdc70443c23200e4d8de5159c3cb2890e41002340cdb1","2026-03-06T23:55:48.000000Z",[269],{"ulid":270,"title":271,"content":272,"content_html":273,"slug":274,"slug_plain":274,"canonical_url":275,"texts":276,"type":7},"01KK2S7JPE06QZ0QTNJ9GX0PPA","Ed Woodruff","Ed Woodruff is an American content creator and security practitioner best known for the YouTube channel **Low Level** (also branded as Low Level TV). With a background in hacking and over a decade of experience in the security industry, he focuses on making complex technical subjects accessible to a broad audience interested in systems, networks, and software internals.\n\nHis videos cover topics such as computer architecture, embedded systems, operating systems, and computer security, often explaining real-world vulnerabilities, exploit techniques, and defensive concepts. He is known for detailed, technically grounded walkthroughs of incidents like SD‑WAN vulnerabilities and threat actor campaigns, frequently referencing public threat intelligence reporting.\n\nBeyond vulnerability explainers, Woodruff produces educational content on programming and low-level concepts, aiming to bridge the gap between theory and practice. His teaching style emphasizes practical understanding of how systems actually behave under the hood, appealing to both aspiring security professionals and experienced engineers.\n\nTypical topics on his channel include:\n- Network security, protocol design, and exploitation\n- Firmware, embedded systems, and hardware-adjacent topics\n- Operating system internals and low-level programming\n- Breakdowns of public incident reports and threat intelligence","\u003Cp>Ed Woodruff is an American content creator and security practitioner best known for the YouTube channel \u003Cstrong>Low Level\u003C\u002Fstrong> (also branded as Low Level TV). With a background in hacking and over a decade of experience in the security industry, he focuses on making complex technical subjects accessible to a broad audience interested in systems, networks, and software internals.\u003C\u002Fp>\n\u003Cp>His videos cover topics such as computer architecture, embedded systems, operating systems, and computer security, often explaining real-world vulnerabilities, exploit techniques, and defensive concepts. He is known for detailed, technically grounded walkthroughs of incidents like SD‑WAN vulnerabilities and threat actor campaigns, frequently referencing public threat intelligence reporting.\u003C\u002Fp>\n\u003Cp>Beyond vulnerability explainers, Woodruff produces educational content on programming and low-level concepts, aiming to bridge the gap between theory and practice. His teaching style emphasizes practical understanding of how systems actually behave under the hood, appealing to both aspiring security professionals and experienced engineers.\u003C\u002Fp>\n\u003Cp>Typical topics on his channel include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Network security, protocol design, and exploitation\u003C\u002Fli>\n\u003Cli>Firmware, embedded systems, and hardware-adjacent topics\u003C\u002Fli>\n\u003Cli>Operating system internals and low-level programming\u003C\u002Fli>\n\u003Cli>Breakdowns of public incident reports and threat intelligence\u003C\u002Fli>\n\u003C\u002Ful>\n","ed-woodruff","ed-woodruff\u002F01KK2S7JPE06QZ0QTNJ9GX0PPA",[277,278],{"type":28,"text":271,"locale":29},{"type":31,"text":272,"locale":29},{"ulid":52,"name":53,"avatar":54},{"data":281,"links":382,"meta":383},[282,295,324,353],{"ulid":6,"type":7,"title":8,"content":9,"content_html":10,"slug":11,"slug_plain":11,"canonical_url":12,"social_links":283,"creator_focuses":285,"creator_focus_codes":286,"creator_focus_labels":287,"texts":288,"media":291,"related":293,"user":294,"likes_count":42,"is_liked":41,"subscribers_count":42,"is_subscribed":41,"created_at":55,"updated_at":55},[284],{"network":15,"url":16},[18,19,20],[22,23,24],{"food":18,"music":19,"comedy":20},[289,290],{"type":28,"text":8,"locale":29},{"type":31,"text":9,"locale":29},[292],{"id":34,"ulid":35,"post_id":36,"type":37,"path":38,"url":39,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":44,"size":45,"width":46,"height":46,"duration":43,"hash":47,"variant_base_url":48,"metadata":43,"created_at":49,"updated_at":49},[],{"ulid":52,"name":53,"avatar":54},{"ulid":296,"type":7,"title":297,"content":298,"content_html":299,"slug":300,"slug_plain":300,"canonical_url":301,"social_links":302,"creator_focuses":305,"creator_focus_codes":306,"creator_focus_labels":307,"texts":308,"media":311,"related":321,"user":322,"likes_count":42,"is_liked":41,"subscribers_count":42,"is_subscribed":41,"created_at":323,"updated_at":323},"01KK7HY9TW5YEZQDT6T5SNJYXR","Rick Astley","Rick Astley is an English singer, songwriter, and musician best known for his 1987 hit single \"Never Gonna Give You Up.\" Born on 6 February 1966 in Warrington, Cheshire, England, he first gained attention in the late 1980s with a series of chart-topping pop singles characterized by his deep, soulful voice.\n\n\"Never Gonna Give You Up\" became his signature song, reaching number one in multiple countries and remaining closely associated with his public image. The track later found renewed cultural prominence in the mid-2000s through the \"Rickrolling\" internet meme, which unexpectedly linked users to the song’s music video and introduced Astley's work to a new generation.\n\nBeyond this signature hit, Astley has continued to record and perform, releasing albums and touring internationally. His catalog spans upbeat dance-pop, soulful ballads, and more mature pop material, reflecting a career that has evolved well beyond his initial late-1980s breakthrough.","\u003Cp>Rick Astley is an English singer, songwriter, and musician best known for his 1987 hit single "Never Gonna Give You Up." Born on 6 February 1966 in Warrington, Cheshire, England, he first gained attention in the late 1980s with a series of chart-topping pop singles characterized by his deep, soulful voice.\u003C\u002Fp>\n\u003Cp>"Never Gonna Give You Up" became his signature song, reaching number one in multiple countries and remaining closely associated with his public image. The track later found renewed cultural prominence in the mid-2000s through the "Rickrolling" internet meme, which unexpectedly linked users to the song’s music video and introduced Astley's work to a new generation.\u003C\u002Fp>\n\u003Cp>Beyond this signature hit, Astley has continued to record and perform, releasing albums and touring internationally. His catalog spans upbeat dance-pop, soulful ballads, and more mature pop material, reflecting a career that has evolved well beyond his initial late-1980s breakthrough.\u003C\u002Fp>\n","rick-astley","rick-astley\u002F01KK7HY9TW5YEZQDT6T5SNJYXR",[303],{"network":15,"url":304},"https:\u002F\u002Fwww.youtube.com\u002F@RickAstleyYT",[19,118,20],[23,117,24],{"music":19,"art":118,"comedy":20},[309,310],{"type":28,"text":297,"locale":29},{"type":31,"text":298,"locale":29},[312],{"id":313,"ulid":314,"post_id":315,"type":37,"path":316,"url":317,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":44,"size":318,"width":46,"height":46,"duration":43,"hash":319,"variant_base_url":48,"metadata":43,"created_at":320,"updated_at":320},100,"01KK7HYAQFR4585ASBZFWW9QDE",54,"posts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7HYAQFR4585ASBZFWW9QDE.jpg","https:\u002F\u002Fapi.influrs.com\u002Fstorage\u002Fposts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7HYAQFR4585ASBZFWW9QDE.jpg",126833,"8a29662d54c2d171d5a22e695561866e8854a660283c34c0c3eb476067af4f5b","2026-03-08T20:24:14.000000Z",[],{"ulid":52,"name":53,"avatar":54},"2026-03-08T20:24:11.000000Z",{"ulid":325,"type":7,"title":326,"content":327,"content_html":328,"slug":329,"slug_plain":329,"canonical_url":330,"social_links":331,"creator_focuses":334,"creator_focus_codes":335,"creator_focus_labels":336,"texts":337,"media":340,"related":350,"user":351,"likes_count":42,"is_liked":41,"subscribers_count":42,"is_subscribed":41,"created_at":352,"updated_at":352},"01KK7HD82AZQCAKPPV88V3BGBT","Matthew Armstrong","Mat Armstrong is a British YouTuber and automotive content creator known for rebuilding and modifying damaged performance and luxury cars. Based in Leicester, United Kingdom, he previously competed as a professional BMX rider before focusing full-time on his online automotive projects.\n\nOn his YouTube channel, Armstrong documents in detail the process of purchasing, diagnosing, repairing, and upgrading heavily damaged vehicles, often working with specialist engineers and machine shops. His content emphasizes problem-solving, mechanical learning, and transparency about costs, risks, and setbacks involved in complex rebuilds.\n\nArmstrong has attracted particular attention for tackling ambitious projects involving high-end supercars, including attempts to restore vehicles that manufacturers are unwilling to support with parts. Through these builds, he highlights the technical, financial, and regulatory challenges of returning such cars to the road while engaging an audience interested in engineering and car culture.\n\nSelected themes on his channel include:\n- Rebuilding written-off and salvaged performance cars\n- Collaborating with machinists, fabricators, and other specialists\n- Exploring the limits of what can be achieved outside a factory workshop\n- Sharing the learning process behind advanced mechanical repairs","\u003Cp>Mat Armstrong is a British YouTuber and automotive content creator known for rebuilding and modifying damaged performance and luxury cars. Based in Leicester, United Kingdom, he previously competed as a professional BMX rider before focusing full-time on his online automotive projects.\u003C\u002Fp>\n\u003Cp>On his YouTube channel, Armstrong documents in detail the process of purchasing, diagnosing, repairing, and upgrading heavily damaged vehicles, often working with specialist engineers and machine shops. His content emphasizes problem-solving, mechanical learning, and transparency about costs, risks, and setbacks involved in complex rebuilds.\u003C\u002Fp>\n\u003Cp>Armstrong has attracted particular attention for tackling ambitious projects involving high-end supercars, including attempts to restore vehicles that manufacturers are unwilling to support with parts. Through these builds, he highlights the technical, financial, and regulatory challenges of returning such cars to the road while engaging an audience interested in engineering and car culture.\u003C\u002Fp>\n\u003Cp>Selected themes on his channel include:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Rebuilding written-off and salvaged performance cars\u003C\u002Fli>\n\u003Cli>Collaborating with machinists, fabricators, and other specialists\u003C\u002Fli>\n\u003Cli>Exploring the limits of what can be achieved outside a factory workshop\u003C\u002Fli>\n\u003Cli>Sharing the learning process behind advanced mechanical repairs\u003C\u002Fli>\n\u003C\u002Ful>\n","matthew-armstrong","matthew-armstrong\u002F01KK7HD82AZQCAKPPV88V3BGBT",[332],{"network":15,"url":333},"https:\u002F\u002Fwww.youtube.com\u002F@MatArmstrongbmx",[208,177,128,183,186],[207,176,127,182,185],{"automotive":208,"tech":177,"design":128,"business":183,"finance":186},[338,339],{"type":28,"text":326,"locale":29},{"type":31,"text":327,"locale":29},[341],{"id":342,"ulid":343,"post_id":344,"type":37,"path":345,"url":346,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":44,"size":347,"width":46,"height":46,"duration":43,"hash":348,"variant_base_url":48,"metadata":43,"created_at":349,"updated_at":349},95,"01KK7HD8TB296AV2PD1CRPT8K8",51,"posts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7HD8TB296AV2PD1CRPT8K8.jpg","https:\u002F\u002Fapi.influrs.com\u002Fstorage\u002Fposts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7HD8TB296AV2PD1CRPT8K8.jpg",230197,"15a56b7171fa2c5fbe1a2b63a81f127acb4305d9a76d766ca0fec43e5587689c","2026-03-08T20:14:54.000000Z",[],{"ulid":52,"name":53,"avatar":54},"2026-03-08T20:14:52.000000Z",{"ulid":354,"type":7,"title":355,"content":356,"content_html":357,"slug":358,"slug_plain":358,"canonical_url":359,"social_links":360,"creator_focuses":363,"creator_focus_codes":364,"creator_focus_labels":365,"texts":366,"media":369,"related":379,"user":380,"likes_count":42,"is_liked":41,"subscribers_count":42,"is_subscribed":41,"created_at":381,"updated_at":381},"01KK6Q37TBKZN767A2BNKZQN0J","Abraham Flores","Abraham Flores, conocido en línea como ElAbrahaham, es un creador de contenido y streamer mexicano centrado principalmente en videojuegos y contenido humorístico. Ha construido una comunidad muy activa en español, a la que se refiere con apodos como “simiecitos” y “simiecitas”, y suele interactuar de forma cercana durante sus transmisiones en vivo.\n\nEn YouTube publica videos y directos de títulos como Roblox, Free Fire, Fortnite y Poppy Playtime, además de subir shorts y clips de sus momentos más virales. Complementa este contenido con transmisiones en otras plataformas, donde realiza colaboraciones con otros creadores y participa en tendencias y retos populares dentro de la comunidad gaming.\n\nFlores ha diversificado su presencia con varios canales dedicados a distintos juegos, manteniendo una alta frecuencia de publicación. Su estilo se caracteriza por un humor expresivo, referencias constantes a su propia comunidad y una dinámica de agradecimientos a sus suscriptores y seguidores, lo que refuerza el sentido de pertenencia entre quienes lo siguen.","\u003Cp>Abraham Flores, conocido en línea como ElAbrahaham, es un creador de contenido y streamer mexicano centrado principalmente en videojuegos y contenido humorístico. Ha construido una comunidad muy activa en español, a la que se refiere con apodos como “simiecitos” y “simiecitas”, y suele interactuar de forma cercana durante sus transmisiones en vivo.\u003C\u002Fp>\n\u003Cp>En YouTube publica videos y directos de títulos como Roblox, Free Fire, Fortnite y Poppy Playtime, además de subir shorts y clips de sus momentos más virales. Complementa este contenido con transmisiones en otras plataformas, donde realiza colaboraciones con otros creadores y participa en tendencias y retos populares dentro de la comunidad gaming.\u003C\u002Fp>\n\u003Cp>Flores ha diversificado su presencia con varios canales dedicados a distintos juegos, manteniendo una alta frecuencia de publicación. Su estilo se caracteriza por un humor expresivo, referencias constantes a su propia comunidad y una dinámica de agradecimientos a sus suscriptores y seguidores, lo que refuerza el sentido de pertenencia entre quienes lo siguen.\u003C\u002Fp>\n","abraham-flores","abraham-flores\u002F01KK6Q37TBKZN767A2BNKZQN0J",[361],{"network":15,"url":362},"https:\u002F\u002Fwww.youtube.com\u002F@ElAbrahaham",[137,20],[136,24],{"gaming":137,"comedy":20},[367,368],{"type":28,"text":355,"locale":29},{"type":31,"text":356,"locale":29},[370],{"id":371,"ulid":372,"post_id":373,"type":37,"path":374,"url":375,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":44,"size":376,"width":46,"height":46,"duration":43,"hash":377,"variant_base_url":48,"metadata":43,"created_at":378,"updated_at":378},92,"01KK6Q38DYD0XC4CY66VQ4S6JZ",49,"posts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK6Q38DYD0XC4CY66VQ4S6JZ.jpg","https:\u002F\u002Fapi.influrs.com\u002Fstorage\u002Fposts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK6Q38DYD0XC4CY66VQ4S6JZ.jpg",113338,"7edbd200ae3a805bffc9331c83f9ffff1492940c34ee3f0275ed80f53dbaa05c","2026-03-08T12:35:04.000000Z",[],{"ulid":52,"name":53,"avatar":54},"2026-03-08T12:35:01.000000Z",{"first":57,"last":85,"prev":43,"next":59},{"current_page":61,"from":61,"last_page":87,"links":384,"path":114,"per_page":79,"to":79,"total":62,"focus_area_options":393},[385,386,387,388,389,390,391,392],{"url":43,"label":65,"page":43,"active":41},{"url":57,"label":67,"page":61,"active":68},{"url":59,"label":70,"page":71,"active":41},{"url":73,"label":74,"page":75,"active":41},{"url":77,"label":78,"page":79,"active":41},{"url":81,"label":82,"page":83,"active":41},{"url":85,"label":86,"page":87,"active":41},{"url":59,"label":113,"page":71,"active":41},[394,395,396,397,398,399,400,401,402,403,404,405,406,407,408,409,410,411,412,413,414,415,416,417,418,419,420,421,422,423,424,425,426],{"code":117,"label":118},{"code":120,"label":121},{"code":123,"label":124},{"code":24,"label":20},{"code":127,"label":128},{"code":130,"label":131},{"code":133,"label":134},{"code":136,"label":137},{"code":139,"label":140},{"code":142,"label":143},{"code":145,"label":146},{"code":148,"label":149},{"code":151,"label":152},{"code":154,"label":155},{"code":157,"label":158},{"code":160,"label":161},{"code":163,"label":164},{"code":166,"label":167},{"code":23,"label":19},{"code":170,"label":171},{"code":173,"label":174},{"code":176,"label":177},{"code":179,"label":180},{"code":182,"label":183},{"code":185,"label":186},{"code":188,"label":189},{"code":191,"label":192},{"code":194,"label":195},{"code":197,"label":198},{"code":22,"label":18},{"code":201,"label":202},{"code":204,"label":205},{"code":207,"label":208},{"data":428,"links":511,"meta":513},[429,465,498],{"ulid":430,"type":212,"title":431,"content":432,"content_html":433,"slug":434,"slug_plain":434,"canonical_url":435,"social_links":436,"creator_focuses":437,"creator_focus_codes":438,"creator_focus_labels":439,"texts":440,"media":443,"related":459,"user":464,"likes_count":61,"is_liked":41,"subscribers_count":42,"is_subscribed":41,"created_at":450,"updated_at":450},"01KK7SASWHAEVR4WJ84GGNDA2K","How To Make Pasta Al Dente - Lionfield (OFFICIAL VIDEO) lyrics","Take your pasta and put it in a boiling pot\nIt doesn't matter which shape you got\nLong or short, I really don't care\nBut if you pick spaghetti, don't you dare to break them in\nWe will call the police soon\n\nCheck your clock and stir every now and then\nDon't pour the olive oil in the water because it's a scam\nAnd when it's almost ready, take your food, a spoon\nTaste a piece or two\nPlease don't let it overcook\n\nPasta must be al dente\nAs long as you remember to take it out the water on time\nWater on time\n\nOnce I heard that some people from all over the world\nThrow their spaghetti on the wall and if they stick they think it's ready\nGod forgives them but I don't\nAnyway, if you check the box you find the cooking time\nWhile it's so damn wrong\nThe secret is to taste it over and over until it's almost ready\nOtherwise, you're going to make it awful\n\nIt must be al dente\nAs long as you remember to take it out the water on time\nIt must be al dente\nAs long as you remember to take it out the water on time\nApproved","\u003Cp>Take your pasta and put it in a boiling pot\nIt doesn't matter which shape you got\nLong or short, I really don't care\nBut if you pick spaghetti, don't you dare to break them in\nWe will call the police soon\u003C\u002Fp>\n\u003Cp>Check your clock and stir every now and then\nDon't pour the olive oil in the water because it's a scam\nAnd when it's almost ready, take your food, a spoon\nTaste a piece or two\nPlease don't let it overcook\u003C\u002Fp>\n\u003Cp>Pasta must be al dente\nAs long as you remember to take it out the water on time\nWater on time\u003C\u002Fp>\n\u003Cp>Once I heard that some people from all over the world\nThrow their spaghetti on the wall and if they stick they think it's ready\nGod forgives them but I don't\nAnyway, if you check the box you find the cooking time\nWhile it's so damn wrong\nThe secret is to taste it over and over until it's almost ready\nOtherwise, you're going to make it awful\u003C\u002Fp>\n\u003Cp>It must be al dente\nAs long as you remember to take it out the water on time\nIt must be al dente\nAs long as you remember to take it out the water on time\nApproved\u003C\u002Fp>\n","how-to-make-pasta-al-dente-lionfield-official-video-lyrics","how-to-make-pasta-al-dente-lionfield-official-video-lyrics\u002F01KK7SASWHAEVR4WJ84GGNDA2K",[],[],[],[],[441,442],{"type":28,"text":431,"locale":29},{"type":31,"text":432,"locale":29},[444,451],{"id":445,"ulid":446,"post_id":447,"type":254,"path":448,"url":449,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":43,"size":43,"width":43,"height":43,"duration":43,"hash":43,"metadata":43,"created_at":450,"updated_at":450},118,"01KK7SATB75PAP9CW5WP0CQXFC",63,"https:\u002F\u002Fwww.youtube.com\u002Fwatch?v=qcuQ3jJF9pw","https:\u002F\u002Fwww.youtube-nocookie.com\u002Fembed\u002FqcuQ3jJF9pw","2026-03-08T22:33:21.000000Z",{"id":452,"ulid":453,"post_id":447,"type":37,"path":454,"url":455,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":44,"size":456,"width":264,"height":265,"duration":43,"hash":457,"variant_base_url":48,"metadata":43,"created_at":458,"updated_at":458},119,"01KK7SATCSRM06W765EYBJNB2P","posts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7SATCSRM06W765EYBJNB2P.jpg","https:\u002F\u002Fapi.influrs.com\u002Fstorage\u002Fposts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7SATCSRM06W765EYBJNB2P.jpg",262033,"ab29054219fe8e9372789c7768683aa28f30875c7d0b24c02edd5bc9ae3762d5","2026-03-08T22:33:23.000000Z",[460],{"ulid":6,"title":8,"content":9,"content_html":10,"slug":11,"slug_plain":11,"canonical_url":12,"texts":461,"type":7},[462,463],{"type":28,"text":8,"locale":29},{"type":31,"text":9,"locale":29},{"ulid":52,"name":53,"avatar":54},{"ulid":466,"type":212,"title":467,"content":468,"content_html":469,"slug":470,"slug_plain":470,"canonical_url":471,"social_links":472,"creator_focuses":473,"creator_focus_codes":474,"creator_focus_labels":475,"texts":476,"media":479,"related":491,"user":496,"likes_count":42,"is_liked":41,"subscribers_count":42,"is_subscribed":41,"created_at":497,"updated_at":497},"01KK7S4R8N7FP309E9BC1VGFND","How Lionfield Teaches You To Make Perfect Pasta Al Dente (Without Throwing It at the Wall)","## Who Are Lionfield and What Is This Pasta Song?\n\nLionfield, the Italian duo of Matteo Salvatori and Emiliano Santoro, are known online as comedic \"pasta protectors\" who defend Italian food traditions. In their official video **\"How To Make Pasta Al Dente\"**, they turn a how‑to guide into a full song, mixing serious cooking advice with playful warnings about what *not* to do.\n\nThe lyrics walk through the steps of cooking pasta al dente while poking fun at common mistakes, especially those made outside Italy. Beneath the comedy, though, they give a straightforward, practical method you can actually follow.\n\n---\n\n## Choosing and Adding the Pasta\n\nLionfield start with the basics: getting the pasta into a properly boiling pot.\n\nKey ideas from the song:\n\n- **Shape doesn’t matter for doneness**  \n  > \"It doesn't matter which shape you got \u002F Long or short, I really don't care\"\n  \n  Any dry pasta shape can be cooked al dente as long as you watch the time and texture.\n\n- **But don’t break spaghetti**  \n  > \"But if you pick spaghetti, don't you dare to break them in \u002F We will call the police soon.\"\n\n  This is a classic Italian pet peeve: breaking long pasta like spaghetti before cooking. Lionfield exaggerate with the \"police\" joke, but it underlines an authentic cultural preference—keep long pasta long.\n\n- **Use a boiling pot of water**  \n  > \"Take your pasta and put it in a boiling pot\"\n\n  The water should already be at a full boil before you add the pasta, so it starts cooking evenly and doesn’t turn gummy.\n\n---\n\n## What *Not* to Do: Olive Oil and Wall Tests\n\nThe video calls out two common myths in a pretty direct way.\n\n- **Don’t add olive oil to the water**  \n  > \"Don't pour the olive oil in the water because it's a scam.\"\n\n  The idea that oil in the water keeps pasta from sticking is widely repeated but misleading. Lionfield label it a \"scam\" in the lyrics. The actual sticking problem is better handled by:\n  - using enough water\n  - keeping the water at a strong boil\n  - stirring the pasta in the first minutes\n\n- **Don’t throw pasta at the wall**  \n  > \"Once I heard that some people from all over the world throw their spet on the wall and if they stick they think it's ready. God forgives them but I don't.\"\n\n  The \"throwing spaghetti at the wall\" test is another myth. In the song, they treat it almost like a culinary sin. Sticking to a wall doesn’t reliably indicate al dente; it mostly means the surface is starchy.\n\nTheir alternative: read the box, then rely on tasting, not tricks.\n\n---\n\n## Timing, Tasting, and the Box Instructions\n\nA big focus of the song is that al dente is about **timing and tasting**.\n\n- **Check the clock, but don’t worship it**  \n  > \"Check your clock and ste every now and then\"  \n  > \"If you check the box you find the cooking time while it's soft and wrong.\"\n\n  The package gives an approximate cooking time. Lionfield point out it’ll get *soft* if you follow it blindly. Their message: use it as a guideline, not a guarantee.\n\n- **Taste as you go**  \n  > \"And when it's almost ready, take your food a spoon \u002F Taste a piece or two \u002F Please don't let it overcook.\"  \n  > \"The secret is to taste it over and over until it's almost ready.\"\n\n  Their main rule: keep tasting. Pull out a piece, bite it, judge the texture yourself rather than trusting a wall or just the printed time.\n\n- **Stop before it goes too far**  \n  > \"Otherwise, you're going to make it over.\"\n\n  \"Over\" here is shorthand for overcooked: soft, mushy pasta that Italians generally want to avoid.\n\n---\n\n## What “Al Dente” Means in Practice\n\nThe chorus repeats the core target:\n\n> \"Pasta must be al dente \u002F As long as you remember to take it out the water on time.\"\n\nFrom the lyrics, the practical definition is:\n\n- **Slight bite, not crunchy and not mushy**  \n  It should be cooked through but still have firmness when you bite it.\n\n- **No wall tests, no tricks**  \n  You judge al dente by **tasting**, not sticking it to a wall or watching for gimmicks.\n\nWhile the transcript doesn’t mention it explicitly, Lionfield’s broader pasta content often highlights that al dente preserves texture and avoids the soggy, overcooked results they frequently react to in their comedy shorts.\n\n---\n\n## Simple Step‑By‑Step: Lionfield’s Al Dente Method\n\nSummarizing the method described in the song:\n\n1. **Boil water in a large pot.**  \n   Wait until it’s fully boiling.\n\n2. **Add the pasta.**  \n   - Any shape is fine.  \n   - If it’s spaghetti, keep it whole—don’t break it.\n\n3. **Do *not* add olive oil to the water.**  \n   They call this a scam and skip it entirely.\n\n4. **Check the suggested time on the box.**  \n   Use it as a starting point for when to begin tasting.\n\n5. **Taste repeatedly near the end.**  \n   - Use a spoon or fork to take out a piece.  \n   - Bite and check the texture.  \n   - Repeat \"over and over until it's almost ready.\"\n\n6. **Remove from water on time.**  \n   - As soon as it reaches that firm, not‑mushy bite, drain it.  \n   - Leaving it in the water is what ruins al dente.\n\nThroughout the song, Lionfield return to the same condition: **\"take it out the water on time.\"** That, for them, is the whole secret.\n\n---\n\n## Summary: Comedy with Real Pasta Rules\n\nIn **\"How To Make Pasta Al Dente\"**, Lionfield fold real Italian cooking advice into a humorous music video. The main points tied to the lyrics are:\n\n- Use a boiling pot of water and any pasta shape you like.\n- Don’t break spaghetti if you care about Italian sensibilities.\n- Skip olive oil in the water—it won’t save your pasta.\n- Ignore wall‑throwing tests; they’re not a real measure of doneness.\n- Read the box for guidance, then rely on repeated tasting.\n- Drain the pasta as soon as it reaches a firm, al dente bite.\n\nBehind the jokes about calling the police and divine forgiveness, Lionfield present a straightforward, taste‑focused method: **watch the clock, trust your palate, and rescue the pasta from the water at just the right moment.**","\u003Ch2>Who Are Lionfield and What Is This Pasta Song?\u003C\u002Fh2>\n\u003Cp>Lionfield, the Italian duo of Matteo Salvatori and Emiliano Santoro, are known online as comedic "pasta protectors" who defend Italian food traditions. In their official video \u003Cstrong>"How To Make Pasta Al Dente"\u003C\u002Fstrong>, they turn a how‑to guide into a full song, mixing serious cooking advice with playful warnings about what \u003Cem>not\u003C\u002Fem> to do.\u003C\u002Fp>\n\u003Cp>The lyrics walk through the steps of cooking pasta al dente while poking fun at common mistakes, especially those made outside Italy. Beneath the comedy, though, they give a straightforward, practical method you can actually follow.\u003C\u002Fp>\n\u003Chr \u002F>\n\u003Ch2>Choosing and Adding the Pasta\u003C\u002Fh2>\n\u003Cp>Lionfield start with the basics: getting the pasta into a properly boiling pot.\u003C\u002Fp>\n\u003Cp>Key ideas from the song:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Shape doesn’t matter for doneness\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>"It doesn't matter which shape you got \u002F Long or short, I really don't care"\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Any dry pasta shape can be cooked al dente as long as you watch the time and texture.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>But don’t break spaghetti\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>"But if you pick spaghetti, don't you dare to break them in \u002F We will call the police soon."\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>This is a classic Italian pet peeve: breaking long pasta like spaghetti before cooking. Lionfield exaggerate with the "police" joke, but it underlines an authentic cultural preference—keep long pasta long.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Use a boiling pot of water\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>"Take your pasta and put it in a boiling pot"\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The water should already be at a full boil before you add the pasta, so it starts cooking evenly and doesn’t turn gummy.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Chr \u002F>\n\u003Ch2>What \u003Cem>Not\u003C\u002Fem> to Do: Olive Oil and Wall Tests\u003C\u002Fh2>\n\u003Cp>The video calls out two common myths in a pretty direct way.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Don’t add olive oil to the water\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>"Don't pour the olive oil in the water because it's a scam."\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The idea that oil in the water keeps pasta from sticking is widely repeated but misleading. Lionfield label it a "scam" in the lyrics. The actual sticking problem is better handled by:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>using enough water\u003C\u002Fli>\n\u003Cli>keeping the water at a strong boil\u003C\u002Fli>\n\u003Cli>stirring the pasta in the first minutes\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Don’t throw pasta at the wall\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>"Once I heard that some people from all over the world throw their spet on the wall and if they stick they think it's ready. God forgives them but I don't."\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The "throwing spaghetti at the wall" test is another myth. In the song, they treat it almost like a culinary sin. Sticking to a wall doesn’t reliably indicate al dente; it mostly means the surface is starchy.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Their alternative: read the box, then rely on tasting, not tricks.\u003C\u002Fp>\n\u003Chr \u002F>\n\u003Ch2>Timing, Tasting, and the Box Instructions\u003C\u002Fh2>\n\u003Cp>A big focus of the song is that al dente is about \u003Cstrong>timing and tasting\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Check the clock, but don’t worship it\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>"Check your clock and ste every now and then"\u003Cbr \u002F>\n"If you check the box you find the cooking time while it's soft and wrong."\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>The package gives an approximate cooking time. Lionfield point out it’ll get \u003Cem>soft\u003C\u002Fem> if you follow it blindly. Their message: use it as a guideline, not a guarantee.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Taste as you go\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>"And when it's almost ready, take your food a spoon \u002F Taste a piece or two \u002F Please don't let it overcook."\u003Cbr \u002F>\n"The secret is to taste it over and over until it's almost ready."\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>Their main rule: keep tasting. Pull out a piece, bite it, judge the texture yourself rather than trusting a wall or just the printed time.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Stop before it goes too far\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>"Otherwise, you're going to make it over."\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>"Over" here is shorthand for overcooked: soft, mushy pasta that Italians generally want to avoid.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Chr \u002F>\n\u003Ch2>What “Al Dente” Means in Practice\u003C\u002Fh2>\n\u003Cp>The chorus repeats the core target:\u003C\u002Fp>\n\u003Cblockquote>\n\u003Cp>"Pasta must be al dente \u002F As long as you remember to take it out the water on time."\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Cp>From the lyrics, the practical definition is:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\n\u003Cp>\u003Cstrong>Slight bite, not crunchy and not mushy\u003C\u002Fstrong>\u003Cbr \u002F>\nIt should be cooked through but still have firmness when you bite it.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>No wall tests, no tricks\u003C\u002Fstrong>\u003Cbr \u002F>\nYou judge al dente by \u003Cstrong>tasting\u003C\u002Fstrong>, not sticking it to a wall or watching for gimmicks.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>While the transcript doesn’t mention it explicitly, Lionfield’s broader pasta content often highlights that al dente preserves texture and avoids the soggy, overcooked results they frequently react to in their comedy shorts.\u003C\u002Fp>\n\u003Chr \u002F>\n\u003Ch2>Simple Step‑By‑Step: Lionfield’s Al Dente Method\u003C\u002Fh2>\n\u003Cp>Summarizing the method described in the song:\u003C\u002Fp>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Boil water in a large pot.\u003C\u002Fstrong>\u003Cbr \u002F>\nWait until it’s fully boiling.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Add the pasta.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Any shape is fine.\u003C\u002Fli>\n\u003Cli>If it’s spaghetti, keep it whole—don’t break it.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Do \u003Cem>not\u003C\u002Fem> add olive oil to the water.\u003C\u002Fstrong>\u003Cbr \u002F>\nThey call this a scam and skip it entirely.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Check the suggested time on the box.\u003C\u002Fstrong>\u003Cbr \u002F>\nUse it as a starting point for when to begin tasting.\u003C\u002Fp>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Taste repeatedly near the end.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use a spoon or fork to take out a piece.\u003C\u002Fli>\n\u003Cli>Bite and check the texture.\u003C\u002Fli>\n\u003Cli>Repeat "over and over until it's almost ready."\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Remove from water on time.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>As soon as it reaches that firm, not‑mushy bite, drain it.\u003C\u002Fli>\n\u003Cli>Leaving it in the water is what ruins al dente.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>Throughout the song, Lionfield return to the same condition: \u003Cstrong>"take it out the water on time."\u003C\u002Fstrong> That, for them, is the whole secret.\u003C\u002Fp>\n\u003Chr \u002F>\n\u003Ch2>Summary: Comedy with Real Pasta Rules\u003C\u002Fh2>\n\u003Cp>In \u003Cstrong>"How To Make Pasta Al Dente"\u003C\u002Fstrong>, Lionfield fold real Italian cooking advice into a humorous music video. The main points tied to the lyrics are:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Use a boiling pot of water and any pasta shape you like.\u003C\u002Fli>\n\u003Cli>Don’t break spaghetti if you care about Italian sensibilities.\u003C\u002Fli>\n\u003Cli>Skip olive oil in the water—it won’t save your pasta.\u003C\u002Fli>\n\u003Cli>Ignore wall‑throwing tests; they’re not a real measure of doneness.\u003C\u002Fli>\n\u003Cli>Read the box for guidance, then rely on repeated tasting.\u003C\u002Fli>\n\u003Cli>Drain the pasta as soon as it reaches a firm, al dente bite.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Behind the jokes about calling the police and divine forgiveness, Lionfield present a straightforward, taste‑focused method: \u003Cstrong>watch the clock, trust your palate, and rescue the pasta from the water at just the right moment.\u003C\u002Fstrong>\u003C\u002Fp>\n","how-lionfield-teaches-you-to-make-perfect-pasta-al-dente-without-throwing-it-at-the-wall","how-lionfield-teaches-you-to-make-perfect-pasta-al-dente-without-throwing-it-at-the-wall\u002F01KK7S4R8N7FP309E9BC1VGFND",[],[],[],[],[477,478],{"type":28,"text":467,"locale":29},{"type":31,"text":468,"locale":29},[480,485],{"id":481,"ulid":482,"post_id":483,"type":254,"path":448,"url":449,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":43,"size":43,"width":43,"height":43,"duration":43,"hash":43,"metadata":43,"created_at":484,"updated_at":484},116,"01KK7S4RQVWYNTVKA9328RYS3X",62,"2026-03-08T22:30:03.000000Z",{"id":486,"ulid":487,"post_id":483,"type":37,"path":488,"url":489,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":44,"size":456,"width":264,"height":265,"duration":43,"hash":457,"variant_base_url":48,"metadata":43,"created_at":490,"updated_at":490},117,"01KK7S4RSJNX3WBH1WRMTE6ZYE","posts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7S4RSJNX3WBH1WRMTE6ZYE.jpg","https:\u002F\u002Fapi.influrs.com\u002Fstorage\u002Fposts\u002Fmedia\u002F2026\u002F03\u002F08\u002F01KK7S4RSJNX3WBH1WRMTE6ZYE.jpg","2026-03-08T22:30:04.000000Z",[492],{"ulid":6,"title":8,"content":9,"content_html":10,"slug":11,"slug_plain":11,"canonical_url":12,"texts":493,"type":7},[494,495],{"type":28,"text":8,"locale":29},{"type":31,"text":9,"locale":29},{"ulid":52,"name":53,"avatar":54},"2026-03-08T22:30:02.000000Z",{"ulid":6,"type":7,"title":8,"content":9,"content_html":10,"slug":11,"slug_plain":11,"canonical_url":12,"social_links":499,"creator_focuses":501,"creator_focus_codes":502,"creator_focus_labels":503,"texts":504,"media":507,"related":509,"user":510,"likes_count":42,"is_liked":41,"subscribers_count":42,"is_subscribed":41,"created_at":55,"updated_at":55},[500],{"network":15,"url":16},[18,19,20],[22,23,24],{"food":18,"music":19,"comedy":20},[505,506],{"type":28,"text":8,"locale":29},{"type":31,"text":9,"locale":29},[508],{"id":34,"ulid":35,"post_id":36,"type":37,"path":38,"url":39,"disk":40,"is_primary":41,"sort_order":42,"title":43,"alt":43,"caption":43,"mime":44,"size":45,"width":46,"height":46,"duration":43,"hash":47,"variant_base_url":48,"metadata":43,"created_at":49,"updated_at":49},[],{"ulid":52,"name":53,"avatar":54},{"first":57,"last":512,"prev":43,"next":59},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=17",{"current_page":61,"from":61,"last_page":514,"links":515,"path":114,"per_page":75,"to":75,"total":373,"focus_area_options":535},17,[516,517,518,519,520,521,522,523,524,525,526,527,528,532,534],{"url":43,"label":65,"page":43,"active":41},{"url":57,"label":67,"page":61,"active":68},{"url":59,"label":70,"page":71,"active":41},{"url":73,"label":74,"page":75,"active":41},{"url":77,"label":78,"page":79,"active":41},{"url":81,"label":82,"page":83,"active":41},{"url":85,"label":86,"page":87,"active":41},{"url":89,"label":90,"page":91,"active":41},{"url":93,"label":94,"page":95,"active":41},{"url":97,"label":98,"page":99,"active":41},{"url":101,"label":102,"page":103,"active":41},{"url":43,"label":105,"active":41},{"url":529,"label":530,"page":531,"active":41},"http:\u002F\u002Fapi.influrs.com\u002Fapi\u002Fv1\u002Fposts?page=16","16",16,{"url":512,"label":533,"page":514,"active":41},"17",{"url":59,"label":113,"page":71,"active":41},[536,537,538,539,540,541,542,543,544,545,546,547,548,549,550,551,552,553,554,555,556,557,558,559,560,561,562,563,564,565,566,567,568],{"code":117,"label":118},{"code":120,"label":121},{"code":123,"label":124},{"code":24,"label":20},{"code":127,"label":128},{"code":130,"label":131},{"code":133,"label":134},{"code":136,"label":137},{"code":139,"label":140},{"code":142,"label":143},{"code":145,"label":146},{"code":148,"label":149},{"code":151,"label":152},{"code":154,"label":155},{"code":157,"label":158},{"code":160,"label":161},{"code":163,"label":164},{"code":166,"label":167},{"code":23,"label":19},{"code":170,"label":171},{"code":173,"label":174},{"code":176,"label":177},{"code":179,"label":180},{"code":182,"label":183},{"code":185,"label":186},{"code":188,"label":189},{"code":191,"label":192},{"code":194,"label":195},{"code":197,"label":198},{"code":22,"label":18},{"code":201,"label":202},{"code":204,"label":205},{"code":207,"label":208}]