Merge branch 'staging' into main-into-stage

.gitignore

@@ -12,3 +12,6 @@ out
 # Package dependencies
 node_modules/
 /npm-debug.log
+
+# Compilation results from the SCSS transpiler
+resources/

admin/config.yml

@@ -218,10 +218,12 @@ collections:
         name: "button_text"
         widget: "string"
         i18n: true
+        required: false
       - label: "Button url"
         name: "button_url"
         widget: "string"
         i18n: true
+        required: false
       - label: "FAQ groups"
         name: "faqgroups"
         widget: list
@@ -1477,6 +1479,7 @@ collections:
             search_fields: ["title", "case.caseid"]
             value_field: "/newsroom/articles/{{slug}}"
             display_fields: ["title", "case.caseid"]
+            required: false
             multiple: true
             required: false
 

admin/development/config-dev.yml

@@ -218,10 +218,12 @@ collections:
         name: "button_text"
         widget: "string"
         i18n: true
+        required: false
       - label: "Button url"
         name: "button_url"
         widget: "string"
         i18n: true
+        required: false
       - label: "FAQ groups"
         name: "faqgroups"
         widget: list
@@ -1477,6 +1479,7 @@ collections:
             search_fields: ["title", "case.caseid"]
             value_field: "/newsroom/articles/{{slug}}"
             display_fields: ["title", "case.caseid"]
+            required: false
             multiple: true
             required: false
 

admin/staging/config-staging.yml

@@ -218,10 +218,12 @@ collections:
         name: "button_text"
         widget: "string"
         i18n: true
+        required: false
       - label: "Button url"
         name: "button_url"
         widget: "string"
         i18n: true
+        required: false
       - label: "FAQ groups"
         name: "faqgroups"
         widget: list
@@ -1478,6 +1480,7 @@ collections:
             search_fields: ["title", "case.caseid"]
             value_field: "/newsroom/articles/{{slug}}"
             display_fields: ["title", "case.caseid"]
+            required: false
             multiple: true
             required: false
 

content/anbi/_index.en.md

@@ -1,7 +1,7 @@
 ---
 title: ANBI
 ---
-## ANBI
+## [](/documents/Standaardformulier%20ANBI.pdf)ANBI (Algemeen Nut Beogende Instelling)
 
 STICHTING DUTCH INSTITUTE FOR VULNERABILITY DISCLOSURE (DIVD)
 
@@ -26,12 +26,28 @@ We streven ernaar de digitale wereld veiliger te maken door kwetsbaarheden die w
 
 **Beloningsbeleid**
 
-Bestuursleden zijn vrijwilligers en krijgen voor hun werkzaamheden geen vergoeding.
+* Bestuursleden zijn vrijwilligers en krijgen voor hun werkzaamheden geen vergoeding.
 
 **Documenten**
 
 * [Financieel verslag 2023](/documents/DIVD.financieel.verslag.2023.pdf)
 * [Jaarverslag 2023](/documents/DIVD.Annual.Report.2023.pdf)
 * [Jaarverslag 2022](/documents/DIVD%20jaarverslag%202022.pdf)
 * [Jaarverslag 2021](/documents/DIVD%20jaarverslag%202021.pdf)
-* [Standaardformulier ANBI](/documents/Standaardformulier%20ANBI.pdf)
+* [Standaardformulier ANBI](/documents/Standaardformulier%20ANBI.pdf)
+
+```
+<hr>
+```
+
+***Purpose of the foundation*** 
+
+*We aim to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them. We have a global reach, but do it the Dutch way: open, honest, together and free.*
+
+***Board***
+
+* *[Overview board members](https://www.divd.nl/who-we-are/team/)*
+
+***Rewards Policy***
+
+* *Board members are volunteers and receive no payment for their work.*[](https://www.divd.nl/who-we-are/team/)[](/documents/Standaardformulier%20ANBI.pdf)

content/anbi/_index.nl.md

@@ -1,8 +1,37 @@
 ---
 title: ANBI
 ---
-## ANBI
+## ANBI (Algemeen Nut Beogende Instelling)
 
-1. DIVD is a Dutch research institute that works with volunteers who aim to make the digital world safer by searching the internet for vulnerabilities and reporting the findings to those who can fix these vulnerabilities.
-2. As we work on sensitive data, gathered without informed consent, we established this Code of Conduct to provide an ethical base for the work we do. This code can also be used by other researchers working on what is currently referred to as responsible disclosure, or coordinated vulnerability disclosure.
-3. In our research projects we, for example:
+STICHTING DUTCH INSTITUTE FOR VULNERABILITY DISCLOSURE (DIVD)
+
+Adres: Maanweg 174\
+Postcode: 2516 AB\
+Plaats: Den Haag\
+Tel: (+31) 70 41 90 309\
+E-mail: question(at)divd.nl
+
+RSIN: 860456961
+
+KvK: 75957345
+
+Website: [https://www.divd.nl](https://www.divd.nl/ "https\://www.divd.nl")
+
+**Doel van stichting** \
+We streven ernaar de digitale wereld veiliger te maken door kwetsbaarheden die we vinden in digitale systemen te melden aan de mensen die ze kunnen repareren. We hebben een wereldwijd bereik, maar doen het op zijn Hollands: open, eerlijk, samen en gratis.
+
+#### **Bestuur**
+
+* [Overzicht bestuursleden](https://www.divd.nl/who-we-are/team/)
+
+**Beloningsbeleid**
+
+* Bestuursleden zijn vrijwilligers en krijgen voor hun werkzaamheden geen vergoeding.
+
+**Documenten**
+
+* [Financieel verslag 2023](/documents/DIVD.financieel.verslag.2023.pdf)
+* [Jaarverslag 2023](/documents/DIVD.Annual.Report.2023.pdf)
+* [Jaarverslag 2022](/documents/DIVD%20jaarverslag%202022.pdf)
+* [Jaarverslag 2021](/documents/DIVD%20jaarverslag%202021.pdf)
+* [Standaardformulier ANBI](/documents/Standaardformulier%20ANBI.pdf)

content/contribute/_index.en.md

@@ -3,35 +3,22 @@ aliases:
   - /donate
 title: Contribute
 opener: "Empower our mission to help others: how you can get involved"
-intro: We are a group of volunteers that scout the web for potential cyber
-  security risks.
+intro: We are a group of volunteers that scout the web for potential cyber security risks.
 becomevolunteer:
   title: Become a volunteer
-  image: images/global/becomevolunteer.png
+  image: /images/1724437526298.jfif
+  Alt tag for image: An illustration of 2 people talking about code, shown by a speakingballoon filled with 010101.
+  description: Are you interested in joining our diverse team of ethical hackers, researchers, IT professionals, or legal experts, and learning from the best? Please sign up.
   alt: Drawing of a group of voluteer hackers
-  description: "Are you interested in joining our diverse team of ethical hackers,
-    researchers, IT professionals, or legal experts, and learning from the best?
-    Please sign up. "
-  Alt tag for image: An illustration of 2 people talking about code, shown by a
-    speakingballoon filled with 010101.
 becomepartner:
   title: Become a partner
   image: images/global/becomepartner.png
-  alt: Drawing of a DIVD voluteer shaking the hand of a DIVD partner
-  description: "As an organization dedicated to serving the entire internet
-    community, we extend our assistance not only to your customers but also to
-    their suppliers. You may perceive us as the volunteer fire brigade: while
-    you protect your own infrastructure, we stand ready to aid your neighbors,
-    thereby indirectly safeguarding your establishment as well."
   Alt tag for image: An illustration of 2 people talking and exchanging information
+  description: "As an organization dedicated to serving the entire internet community, we extend our assistance not only to your customers but also to their suppliers. You may perceive us as the volunteer fire brigade: while you protect your own infrastructure, we stand ready to aid your neighbors, thereby indirectly safeguarding your establishment as well."
+  alt: Drawing of a DIVD voluteer shaking the hand of a DIVD partner
 appreciate:
   title: Since we’re a volunteer-run organization, we appreciate every donation
-  description: As a partner, your contributions in the form of funding, volunteer
-    work, and resources (tools) are invaluable to us. In reciprocation, you
-    demonstrate your commitment to fostering a safer internet environment. A
-    partnership with DIVD also provides an opportunity for your team members to
-    engage in collaborative projects with witty hackers, enabling them to
-    partake in enjoyable initiatives and learn from industry leaders.
+  description: As a partner, your contributions in the form of funding, volunteer work, and resources (tools) are invaluable to us. In reciprocation, you demonstrate your commitment to fostering a safer internet environment. A partnership with DIVD also provides an opportunity for your team members to engage in collaborative projects with witty hackers, enabling them to partake in enjoyable initiatives and learn from industry leaders.
 donatesupp:
   title: Donate via SUPP
   description: iDEAL, SOFORT, Bancontact or KBC/CBC
@@ -50,43 +37,43 @@ donatebanktransfer:
   label: Donate via banktransfer
   link: "mailto: [email protected]"
 donations:
-  - date: 2024-03-27
+  - date: 2024-03-27T00:00
     amount: € 5.000
     by: Cyber Defence Group / ESET Netherlands
-  - date: 2024-02-14
+  - date: 2024-02-14T00:00
     amount: € 3.000
     by: Kloris BV
-  - date: 2024-01-02
+  - date: 2024-01-02T00:00
     amount: € 1.000
     by: Secura
-  - date: 2023-12-30
+  - date: 2023-12-30T00:00
     amount: € 1.000
     by: Secura
-  - date: 2023-09-21
+  - date: 2023-09-21T00:00
     amount: € 20.000
     by: Kloris BV
-  - date: 2023-07-13
+  - date: 2023-07-13T00:00
     amount: €10.000
     by: Cyber Defense Group / ESET Netherlands
-  - date: 2022-03-01T13:30:50.143Z
+  - date: 2022-03-01T14:30
     amount: $10.000
     by: MSP CFO
-  - date: 2022-02-01T13:33:48.959Z
+  - date: 2022-02-01T14:33
     amount: €1.000
     by: Stichting Information Systems & Security Association NL Chapter
-  - date: 2022-01-01T13:34:20.420Z
+  - date: 2022-01-01T14:34
     amount: €10.000
     by: ESET
-  - date: 2022-01-01T13:35:06.398Z
+  - date: 2022-01-01T14:35
     amount: €5.000
     by: Unveil Security Group
-  - date: 2022-01-01T13:35:33.049Z
+  - date: 2022-01-01T14:35
     amount: $5.000
     by: Servosity
-  - date: 2021-12-01T13:36:06.127Z
+  - date: 2021-12-01T14:36
     amount: $100.000
     by: Huntress
-  - date: 2020-04-19
+  - date: 2020-04-19T00:00
     amount: €10.000
     by: Stichting SIDN fonds
 ---

content/contribute/_index.nl.md

@@ -1,36 +1,22 @@
 ---
 title: Bijdragen
 opener: "Onze missie om anderen te helpen: hoe jij betrokken kunt raken"
-intro: Wij zijn een groep vrijwilligers die het web verkennen op potentiële
-  cyberbeveiligingsrisico's.
+intro: Wij zijn een groep vrijwilligers die het web verkennen op potentiële cyberbeveiligingsrisico's.
 becomevolunteer:
   title: Vrijwilliger worden
   image: images/global/becomevolunteer.png
+  Alt tag for image: Een illustratie van 2 mensen die over code praten, weergegeven door een spreekballon gevuld met 010101.
+  description: Heb je interesse om je aan te sluiten bij ons diverse team van ethische hackers, onderzoekers, IT-professionals of juridische experts en te leren van de besten? Meld je nu aan.
   alt: Tekening van vrijwillige hackers
-  description: "Heb je interesse om je aan te sluiten bij ons diverse team van
-    ethische hackers, onderzoekers, IT-professionals of juridische experts en te
-    leren van de besten? Meld je nu aan. "
-  Alt tag for image: Een illustratie van 2 mensen die over code praten,
-    weergegeven door een spreekballon gevuld met 010101.
 becomepartner:
   title: Partner worden
   image: images/global/becomepartner.png
-  alt: Drawing can een DIVD vrijwilliger die de hand schud van een partner
-  description: "Als organisatie die zich inzet voor de hele internetcommunity,
-    bieden we niet alleen hulp aan uw klanten, maar ook aan diens leveranciers.
-    U kunt ons beschouwen als de vrijwillige brandweer: terwijl u uw eigen
-    infrastructuur beschermt, staan wij klaar om uw buren te helpen en zo
-    indirect ook uw bedrijf te beschermen."
   Alt tag for image: Een illustratie van 2 mensen die praten en informatie uitwisselen
+  description: "Als organisatie die zich inzet voor de hele internetcommunity, bieden we niet alleen hulp aan uw klanten, maar ook aan diens leveranciers. U kunt ons beschouwen als de vrijwillige brandweer: terwijl u uw eigen infrastructuur beschermt, staan wij klaar om uw buren te helpen en zo indirect ook uw bedrijf te beschermen."
+  alt: Drawing can een DIVD vrijwilliger die de hand schud van een partner
 appreciate:
   title: Omdat we een vrijwilligersorganisatie zijn, waarderen we elke donatie.
-  description: Als partner zijn uw bijdragen in de vorm van financiering,
-    vrijwilligerswerk en middelen (tools) voor ons van onschatbare waarde. Als
-    tegenprestatie toont u uw betrokkenheid bij het bevorderen van een veiligere
-    internetomgeving. Een partnerschap met DIVD biedt uw teamleden ook de
-    mogelijkheid om deel te nemen aan samenwerkingsprojecten met bekwame
-    (ethisch) hackers, waarbij ze kunnen deelnemen aan leuke initiatieven en
-    kunnen leren van vooraanstaande professionals uit de beveiligingsindustrie.
+  description: Als partner zijn uw bijdragen in de vorm van financiering, vrijwilligerswerk en middelen (tools) voor ons van onschatbare waarde. Als tegenprestatie toont u uw betrokkenheid bij het bevorderen van een veiligere internetomgeving. Een partnerschap met DIVD biedt uw teamleden ook de mogelijkheid om deel te nemen aan samenwerkingsprojecten met bekwame (ethisch) hackers, waarbij ze kunnen deelnemen aan leuke initiatieven en kunnen leren van vooraanstaande professionals uit de beveiligingsindustrie.
 donatesupp:
   title: Doneer via SUPP
   description: iDEAL, SOFORT, Bancontact of KBC/CBC

content/dictionary/_index.en.md

@@ -20,7 +20,7 @@ At DIVD, we adhere to the ‘Principle of Proportionality’ and the ‘Principl
 
 #### 
 
-#### **Case**
+**Case**
 
 When DIVD talks about a “case” we refer to a record or file created to document and manage the process of addressing a specific vulnerability. It typically includes details such as:
 
@@ -31,23 +31,21 @@ When DIVD talks about a “case” we refer to a record or file created to docum
 
 This structured approach helps ensure that vulnerabilities are tracked, managed, and resolved systematically.
 
-#### **Confidentiality**
+**Confidentiality**
 
 At DIVD, we work with sensitive data every day. Think about lists of IP addresses, types of vulnerabilities found, contact information, and metadata (e.g. timestamps, scripts, researchers working on the data). [The members of DIVD](https://www.divd.nl/who-we-are/team/) take all precautions necessary to protect the confidentiality of this data.
 
-#### **Responsible Disclosure**
+**(Ethical) Hacker** 
 
-In cybersecurity, responsible disclosure refers to the procedure where a security analyst, ethical hacker, or ethical hacker organisation such as DIVD notifies an organisation about a detected vulnerability in its systems or software. Notifying is done in such a way that the organisation has the opportunity to mitigate the weakness before it becomes public knowledge and possibly misused by hackers with malicious intentions. By privately notifying organisations, they can address the vulnerabilities before they are exploited by malicious hackers, thereby improving the security of their systems.
-
-Responsible disclosure helps protect users, maintains trust between (DIVD) researchers and organisations, and contributes to the ongoing improvement of cybersecurity practices.
+DIVD members belong to the so-called "ethical" hackers. An ethical hacker is someone who breaks into a computer system with positive intentions, without disrupting any services or processes. The motivation of an ethical hacker is to detect security vulnerabilities, without misusing or exploiting them. Our members are skilled professionals that must always operate within legal boundaries. Please read our [Code of Conduct](https://www.divd.nl/what-we-do/code-of-conduct/) for more information. 
 
-#### **Security.txt**
+**Exploit**
 
 Security.txt is a proposed standard for websites to provide a clear and consistent way for security researchers to report security vulnerabilities. It involves placing a simple text file named security.txt in the well-known location /.well-known/ directory of a website (e.g., [https://example.com/.well-known/security.txt)](https://example.com/.well-known/security.txt)). This file contains contact information and other details that guide researchers on how to responsibly disclose security issues to the organization. Wanna make DIVD’s work easier? Put our [security.txt](https://securitytxt.org/) in the code of your website and our IP 194.5.73.0-255 on your allow list.
 
 #### 
 
-## Vulnerabilities
+In cybersecurity, responsible disclosure refers to the procedure where a security analyst, ethical hacker, or ethical hacker organisation such as DIVD notifies an organisation about a detected vulnerability in its systems or software. Notifying is done in such a way that the organisation has the opportunity to mitigate the weakness before it becomes public knowledge and possibly misused by hackers with malicious intentions. By privately notifying organisations, they can address the vulnerabilities before they are exploited by malicious hackers, thereby improving the security of their systems.
 
 #### CVE
 
@@ -57,13 +55,13 @@ CVE stands for "Common Vulnerabilities and Exposures", a [public list](https://c
 
 DIVD reports every [security vulnerability](https://www.divd.nl/why-our-work-matters/) that falls under the high-risk or high-impact category. A high-risk vulnerability is a security flaw in a system, application, or network that poses a significant threat to an organization’s operations, data, or users. High-risk vulnerabilities are typically characterized by being relatively easy for cybercriminals to exploit and are often found in widely used software or systems. Successful exploitation can result in severe consequences such as unauthorized access, data breaches, significant data loss, system downtime, financial loss, or damage to an organization’s reputation.
 
-The sequence in which DIVD handles vulnerabilities is influenced by multiple metrics, including the level of exposure online and whether the vulnerability is under active exploitation.
+Security.txt is a proposed standard for websites to provide a clear and consistent way for security researchers to report security vulnerabilities. It involves placing a simple text file named security.txt in the well-known location /.well-known/ directory of a website (e.g., https://example.com/.well-known/security.txt). This file contains contact information and other details that guide researchers on how to responsibly disclose security issues to the organization. Wanna make DIVD's work easier? Put our [security.txt](https://securitytxt.org/) in the code of your website and our IP 194.5.73.0-255 on your allow list.
 
-#### **Vulnerability Scanning versus Penetration Testing**
+**Types of vulnerabilities**
 
 Vulnerability scanning is aimed at *identifying* known vulnerabilities. It is typically non-intrusive and does not disrupt operations. Penetration testing is a more focused, manual effort to *exploit and assess* vulnerabilities in a real-world context. A vulnerability scan searches for vulnerabilities, whereas a penetration test (or “pentest”) also tries to exploit the vulnerabilities found to assess their severity and demonstrate the potential consequences.
 
-#### **Vulnerability versus Exploit**
+**Vulnerability versus exploit**
 
 A vulnerability is an issue or weakness in a system or application, whereas an exploit is an active component used to carry out an attack. The purpose of an exploit is to ‘exploit’ a vulnerability. A vulnerability itself does not cause harm by itself but creates an opportunity for an attacker to exploit it.