Background: #e0e3f5
Background: #f7f7ff
Background: #fff
Foreground: #090d1e
Foreground: #000
PrimaryPale: #b9c2e8
PrimaryPale: #8cf
PrimaryLight: #7485d2
PrimaryLight: #18f
PrimaryMid: #384fb1
PrimaryMid: #04b
/% PrimaryMid: LINK color %/
PrimaryDark: #0c1126
PrimaryDark_INI: #014
PrimaryDark_2020: #014
PrimaryDark: #014
SecondaryPale: #cbe8b9
SecondaryPale: #ffc
SecondaryLight: #98d274
SecondaryLight: #fe8
SecondaryMid: #67b138
SecondaryMid: #db4
SecondaryDark: #16260c
SecondaryDark: #841
TertiaryPale: #e8bab9
/% TertiaryPale: TABLE Header %/
TertiaryPale: #eee
TertiaryLight: #d27574
TertiaryLight: #ccc
TertiaryMid: #b13a38
TertiaryMid_INI: #999
TertiaryMid_2021: #939597
TertiaryMid: #939597
TertiaryDark: #260c0c
TertiaryDark: #666
Error: #f88
<!--{{{-->
<meta name="viewport" content="width=device-width, initial-scale=1" />
<link rel='stylesheet' href='font-awesome/css/fontawesome.min.css' />
<link rel='stylesheet' href='font-awesome/css/all.css' />

<!--}}}-->
— [[InterfaceOptions]] — [[AdvancedOptions]] —
<!--{{{-->
<div class='header' role='banner' macro='gradient horiz [[ColorPalette::PrimaryDark]] [[ColorPalette::PrimaryDark]] [[ColorPalette::PrimaryDark]] [[ColorPalette::PrimaryDark]] [[ColorPalette::PrimaryDark]] [[ColorPalette::PrimaryMid]] [[ColorPalette::PrimaryLight]] [[ColorPalette::PrimaryPale]] [[ColorPalette::Background]] [[ColorPalette::Background]] [[ColorPalette::Background]]'>
<div class='headerShadow'>
<a href='https://CSIRT.fr/' target='_blank'><img src="i/CSIRT-FR.jpg" width="220px" align="right"></a>
</div>
<div class='headerForeground'>
<span class='siteTitle' refresh='content' tiddler='SiteTitle'></span>&nbsp;
<span class='siteSubtitle' refresh='content' tiddler='SiteSubtitle'></span>&nbsp;
</div>
</div>
<div id='mainMenu' role='navigation' refresh='content' tiddler='MainMenu'></div>
<div id='sidebar'>
<div id='sidebarOptions' role='navigation' refresh='content' tiddler='SideBarOptions'></div>
<div id='sidebarTabs' role='complementary' refresh='content' force='true' tiddler='SideBarTabs'></div>
</div>
<div id='displayArea' role='main'>
<div id='messageArea' class='messageArea'></div>
<div style="text-align:center"><span class='HeaderMenu' refresh='content' tiddler='HeaderMenu'></span></div>
<div id='tiddlerDisplay'></div>
<div style="text-align:center"><span class='FooterNews' refresh='content' tiddler='FooterDisclaimer'></span></div>
</div>
<!--}}}-->
/*{{{*/
body {background:[[ColorPalette::Background]]; color:[[ColorPalette::Foreground]];}
a {color:[[ColorPalette::PrimaryMid]];}
a:hover {background-color:[[ColorPalette::PrimaryMid]]; color:[[ColorPalette::Background]];}
a img {border:0;}
h1,h2,h3,h4,h5,h6 {color:[[ColorPalette::SecondaryDark]]; background:transparent;}
h1 {border-bottom:2px solid [[ColorPalette::TertiaryLight]];}
h2,h3 {border-bottom:1px solid [[ColorPalette::TertiaryLight]];}
.button {color:[[ColorPalette::PrimaryDark]]; border:1px solid [[ColorPalette::Background]];}
.button:hover {color:[[ColorPalette::PrimaryDark]]; background:[[ColorPalette::SecondaryLight]]; border-color:[[ColorPalette::SecondaryMid]];}
.button:active {color:[[ColorPalette::Background]]; background:[[ColorPalette::SecondaryMid]]; border:1px solid [[ColorPalette::SecondaryDark]];}
.header {background:[[ColorPalette::PrimaryMid]];}
.headerShadow {color:[[ColorPalette::Foreground]];}
.headerShadow a {font-weight:normal; color:[[ColorPalette::Foreground]];}
.headerForeground {color:[[ColorPalette::Background]];}
.headerForeground a {font-weight:normal; color:[[ColorPalette::PrimaryPale]];}
.tabSelected {color:[[ColorPalette::PrimaryDark]];
 background:[[ColorPalette::TertiaryPale]];
 border-left:1px solid [[ColorPalette::TertiaryLight]];
 border-top:1px solid [[ColorPalette::TertiaryLight]];
 border-right:1px solid [[ColorPalette::TertiaryLight]];
}
.tabUnselected {color:[[ColorPalette::Background]]; background:[[ColorPalette::TertiaryMid]];}
.tabContents {color:[[ColorPalette::PrimaryDark]]; background:[[ColorPalette::TertiaryPale]]; border:1px solid [[ColorPalette::TertiaryLight]];}
.tabContents .button {border:0;}
#sidebar { display: none; }
/* #sidebar {} */
#sidebarOptions input {border:1px solid [[ColorPalette::PrimaryMid]];}
#sidebarOptions .sliderPanel {background:[[ColorPalette::PrimaryPale]];}
#sidebarOptions .sliderPanel a {border:none;color:[[ColorPalette::PrimaryMid]];}
#sidebarOptions .sliderPanel a:hover {color:[[ColorPalette::Background]]; background:[[ColorPalette::PrimaryMid]];}
#sidebarOptions .sliderPanel a:active {color:[[ColorPalette::PrimaryMid]]; background:[[ColorPalette::Background]];}
.wizard { background:[[ColorPalette::PrimaryPale]]; }
.wizard__title { color:[[ColorPalette::PrimaryDark]]; border:none; }
.wizard__subtitle { color:[[ColorPalette::Foreground]]; border:none; }
.wizardStep { background:[[ColorPalette::Background]]; color:[[ColorPalette::Foreground]]; }
.wizardStep.wizardStepDone {background:[[ColorPalette::TertiaryLight]];}
.wizardFooter {background:[[ColorPalette::PrimaryPale]];}
.wizardFooter .status {background:[[ColorPalette::PrimaryDark]]; color:[[ColorPalette::Background]];}
.wizard .button {color:[[ColorPalette::Foreground]]; background:[[ColorPalette::SecondaryLight]]; border: 1px solid;
 border-color:[[ColorPalette::SecondaryPale]] [[ColorPalette::SecondaryDark]] [[ColorPalette::SecondaryDark]] [[ColorPalette::SecondaryPale]];}
.wizard .button:hover {color:[[ColorPalette::Foreground]]; background:[[ColorPalette::Background]];}
.wizard .button:active {color:[[ColorPalette::Background]]; background:[[ColorPalette::Foreground]]; border: 1px solid;
 border-color:[[ColorPalette::PrimaryDark]] [[ColorPalette::PrimaryPale]] [[ColorPalette::PrimaryPale]] [[ColorPalette::PrimaryDark]];}
.wizard .notChanged {background:transparent;}
.wizard .changedLocally {background:#80ff80;}
.wizard .changedServer {background:#8080ff;}
.wizard .changedBoth {background:#ff8080;}
.wizard .notFound {background:#ffff80;}
.wizard .putToServer {background:#ff80ff;}
.wizard .gotFromServer {background:#80ffff;}
.messageArea { border:2px solid [[ColorPalette::Background]]; background:[[ColorPalette::PrimaryMid]]; color:[[ColorPalette::Background]]; }
.messageToolbar__button { color:[[ColorPalette::PrimaryMid]]; background:[[ColorPalette::SecondaryPale]]; border:none; }
.messageToolbar__button_withIcon { background:inherit; }
.messageToolbar__button_withIcon:active { background:inherit; border:none; }
.messageToolbar__icon { fill:[[ColorPalette::TertiaryDark]]; }
.messageToolbar__icon:hover { fill:[[ColorPalette::Foreground]]; }
.popupTiddler {background:[[ColorPalette::TertiaryPale]]; border:2px solid [[ColorPalette::TertiaryMid]];}
.popup {background:[[ColorPalette::TertiaryPale]]; color:[[ColorPalette::TertiaryDark]]; border-left:1px solid [[ColorPalette::TertiaryMid]]; border-top:1px solid [[ColorPalette::TertiaryMid]]; border-right:2px solid [[ColorPalette::TertiaryDark]]; border-bottom:2px solid [[ColorPalette::TertiaryDark]]; }
.popup hr {color:[[ColorPalette::PrimaryDark]]; background:[[ColorPalette::PrimaryDark]]; border-bottom:1px;}
.popup li.disabled {color:[[ColorPalette::TertiaryMid]];}
.popup li a, .popup li a:visited {color:[[ColorPalette::Foreground]]; border: none;}
.popup li a:hover {background:[[ColorPalette::SecondaryLight]]; color:[[ColorPalette::Foreground]]; border: none;}
.popup li a:active {background:[[ColorPalette::SecondaryPale]]; color:[[ColorPalette::Foreground]]; border: none;}
.popupHighlight {background:[[ColorPalette::Background]]; color:[[ColorPalette::Foreground]];}
.listBreak div {border-bottom:1px solid [[ColorPalette::TertiaryDark]];}
.tiddler .defaultCommand {font-weight:bold;}
.shadow .title {color:[[ColorPalette::TertiaryDark]];}
.title {color:[[ColorPalette::SecondaryDark]];}
.subtitle {color:[[ColorPalette::TertiaryDark]];}
.toolbar {color:[[ColorPalette::PrimaryMid]];}
.toolbar a {color:[[ColorPalette::TertiaryLight]];}
.selected .toolbar a {color:[[ColorPalette::TertiaryMid]];}
.selected .toolbar a:hover {color:[[ColorPalette::Foreground]];}
.tagging, .tagged {border:1px solid [[ColorPalette::TertiaryPale]]; background-color:[[ColorPalette::TertiaryPale]];}
.selected .tagging, .selected .tagged {background-color:[[ColorPalette::TertiaryLight]]; border:1px solid [[ColorPalette::TertiaryMid]];}
.tagging .listTitle, .tagged .listTitle {color:[[ColorPalette::PrimaryDark]];}
.tagging .button, .tagged .button {border:none;}
.footer {color:[[ColorPalette::TertiaryLight]];}
.selected .footer {color:[[ColorPalette::TertiaryMid]];}
.error, .errorButton {color:[[ColorPalette::Foreground]]; background:[[ColorPalette::Error]];}
.warning {color:[[ColorPalette::Foreground]]; background:[[ColorPalette::SecondaryPale]];}
.lowlight {background:[[ColorPalette::TertiaryLight]];}
.zoomer {background:none; color:[[ColorPalette::TertiaryMid]]; border:3px solid [[ColorPalette::TertiaryMid]];}
.imageLink, #displayArea .imageLink {background:transparent;}
.annotation {background:[[ColorPalette::SecondaryLight]]; color:[[ColorPalette::Foreground]]; border:2px solid [[ColorPalette::SecondaryMid]];}
.viewer .listTitle {list-style-type:none; margin-left:-2em;}
.viewer .button {border:1px solid [[ColorPalette::SecondaryMid]];}
.viewer blockquote {border-left:3px solid [[ColorPalette::TertiaryDark]];}
.viewer table, table.twtable {border:2px solid [[ColorPalette::TertiaryDark]];}
.viewer th, .viewer thead td, .twtable th, .twtable thead td {background:[[ColorPalette::SecondaryMid]]; border:1px solid [[ColorPalette::TertiaryDark]]; color:[[ColorPalette::Background]];}
.viewer td, .viewer tr, .twtable td, .twtable tr {border:1px solid [[ColorPalette::TertiaryDark]];}
.viewer pre {border:1px solid [[ColorPalette::SecondaryLight]]; background:[[ColorPalette::SecondaryPale]];}
.viewer code {color:[[ColorPalette::SecondaryDark]];}
.viewer hr {border:0; border-top:dashed 1px [[ColorPalette::TertiaryDark]]; color:[[ColorPalette::TertiaryDark]];}
.highlight, .marked {background:[[ColorPalette::SecondaryLight]];}
.editor input {border:1px solid [[ColorPalette::PrimaryMid]];}
.editor textarea {border:1px solid [[ColorPalette::PrimaryMid]]; width:100%;}
.editorFooter {color:[[ColorPalette::TertiaryMid]];}
.readOnly {background:[[ColorPalette::TertiaryPale]];}
#backstageArea {background:[[ColorPalette::Foreground]]; color:[[ColorPalette::TertiaryMid]];}
#backstageArea a {background:[[ColorPalette::Foreground]]; color:[[ColorPalette::Background]]; border:none;}
#backstageArea a:hover {background:[[ColorPalette::SecondaryLight]]; color:[[ColorPalette::Foreground]]; }
#backstageArea a.backstageSelTab {background:[[ColorPalette::Background]]; color:[[ColorPalette::Foreground]];}
#backstageButton a {background:none; color:[[ColorPalette::Background]]; border:none;}
#backstageButton a:hover {background:[[ColorPalette::Foreground]]; color:[[ColorPalette::Background]]; border:none;}
#backstagePanel {background:[[ColorPalette::Background]]; border-color: [[ColorPalette::Background]] [[ColorPalette::TertiaryDark]] [[ColorPalette::TertiaryDark]] [[ColorPalette::TertiaryDark]];}
.backstagePanelFooter .button {border:none; color:[[ColorPalette::Background]];}
.backstagePanelFooter .button:hover {color:[[ColorPalette::Foreground]];}
#backstageCloak {background:[[ColorPalette::Foreground]]; opacity:0.6; filter:alpha(opacity=60);}
/*}}}*/
/*{{{*/
* html .tiddler {height:1%;}
/* font-size:.75em; */
body {font-size:1em; font-family:arial,helveticahelvetica; margin:0; padding:0;}
h1,h2,h3,h4,h5,h6 {font-weight:bold; text-decoration:none;}
h1,h2,h3 {padding-bottom:1px; margin-top:1.2em;margin-bottom:0.3em;}
h4,h5,h6 {margin-top:1em;}
h1 {font-size:1.35em;}
h2 {font-size:1.25em;}
h3 {font-size:1.1em;}
h4 {font-size:1em;}
h5 {font-size:1em;}
hr {height:1px;}
a {text-decoration:none;}
dt {font-weight:bold;}
ol {list-style-type:decimal;}
ol ol {list-style-type:lower-alpha;}
ol ol ol {list-style-type:lower-roman;}
ol ol ol ol {list-style-type:decimal;}
ol ol ol ol ol {list-style-type:lower-alpha;}
ol ol ol ol ol ol {list-style-type:lower-roman;}
ol ol ol ol ol ol ol {list-style-type:decimal;}
.txtOptionInput {width:10em;}
#contentWrapper .chkOptionInput {border:0;}
.externalLink {text-decoration:underline;}
.indent {margin-left:3em;}
.outdent {margin-left:3em; text-indent:-3em;}
code.escaped {white-space:nowrap;}
.tiddlyLinkExisting {font-weight:bold;}
.tiddlyLinkNonExisting {font-style:italic;}
/* the 'a' is required for IE, otherwise it renders the whole tiddler in bold */
a.tiddlyLinkNonExisting.shadow {font-weight:bold;}
#mainMenu .tiddlyLinkExisting,
#mainMenu .tiddlyLinkNonExisting,
#sidebarTabs .tiddlyLinkNonExisting {font-weight:normal; font-style:normal;}
#sidebarTabs .tiddlyLinkExisting {font-weight:bold; font-style:normal;}
.header {position:relative;}
.header a:hover {background:transparent;}
.headerShadow {position:relative; padding:4.5em 0 1em 1em; left:-1px; top:-1px;}
.headerForeground {position:absolute; padding:4.5em 0 1em 1em; left:0; top:0;}
.siteTitle {font-size:3em;font-style:italic;}
.siteSubtitle {font-size:1.5em;}
#mainMenu {position:absolute; left:0; width:10em; text-align:right; line-height:1.6em; padding:1.5em 0.5em 0.5em 0.5em; font-size:1.1em;}
#sidebar { display: none; }
/* #sidebar {position:absolute; right:3px; width:16em; font-size:.9em;} */
#sidebarOptions {padding-top:0.3em;}
#sidebarOptions a {margin:0 0.2em; padding:0.2em 0.3em; display:block;}
#sidebarOptions input {margin:0.4em 0.5em;}
#sidebarOptions .sliderPanel {margin-left:1em; padding:0.5em; font-size:.85em;}
#sidebarOptions .sliderPanel a {font-weight:bold; display:inline; padding:0;}
#sidebarOptions .sliderPanel input {margin:0 0 0.3em 0;}
#sidebarTabs .button { margin:0em 0.2em; padding:0.2em 0.3em; display:block; }
#sidebarTabs .tabContents {width:15em; overflow:hidden;}
.wizard { padding:0.1em 2em 0; }
.wizard__title { font-size:2em; }
.wizard__subtitle { font-size:1.2em; }
.wizard__title, .wizard__subtitle { font-weight:bold; background:none; padding:0; margin:0.4em 0 0.2em; }
.wizardStep { padding:1em; }
.wizardFooter { padding:0.8em 0.4em 0.8em 0; }
.wizardFooter .status { padding:0.2em 0.7em; margin-left:0.3em; }
.wizardFooter .button { margin:0.5em 0 0; font-size:1.2em; padding:0.2em 0.5em; }
.messageArea { position:fixed; top:0; right:20em; margin:0.5em; padding:0.7em 1em; z-index:2000; }
.messageToolbar { text-align:right; padding:0.2em 0; }
.messageToolbar__button { text-decoration:underline; }
.messageToolbar__icon { height: 1em; }
.messageArea__text a { text-decoration:underline; }
.tiddlerPopupButton {padding:0.2em;}
.popupTiddler {position: absolute; z-index:300; padding:1em; margin:0;}
.popup {position:absolute; z-index:300; font-size:.9em; padding:0.3em 0; list-style:none; margin:0; padding: 0.3em 0; border: none; box-shadow: 1px 2px 5px [[ColorPalette::TertiaryMid]];}
.popup .popupMessage {padding:0.4em;}
.popup hr {display:block; height:1px; width:auto; padding:0; margin:0.2em 0;}
.popup li.disabled {padding:0.4em;}
.popup li a {display:block; padding: 0.5em 0.5em; font-weight:normal; cursor:pointer;}
.listBreak {font-size:1px; line-height:1px;}
.listBreak div {margin:2px 0;}
.tabset {padding:1em 0 0 0.5em;}
.tab {margin:0 0 0 0.25em; padding:2px;}
.tabContents {padding:0.5em;}
.tabContents ul, .tabContents ol {margin:0; padding:0;}
.txtMainTab .tabContents li {list-style:none;}
.tabContents li.listLink { margin-left:.75em;}
#contentWrapper {display:block;}
#splashScreen {display:none;}
/* 0C wide displayArea top(1)/right(17)/bottom(0)/left(14) */
#displayArea {margin:0 0 0 10em;}
.toolbar {text-align:right; font-size:.9em;}
.tiddler {padding:1em 1em 0;}
.missing .viewer,.missing .title {font-style:italic;}
.title {font-size:1.6em; font-weight:bold;}
.missing .subtitle {display:none;}
.subtitle {font-size:1.1em;}
.tiddler .button {padding:0.2em 0.4em;}
.tagging {margin:0.5em 0.5em 0.5em 0; float:left; display:none;}
.isTag .tagging {display:block;}
.tagged {margin:0.5em; float:right;}
.tagging, .tagged {font-size:0.9em; padding:0.25em;}
.tagging ul, .tagged ul {list-style:none; margin:0.25em; padding:0;}
.tagClear {clear:both;}
.footer {font-size:.9em;}
.footer li {display:inline;}
.annotation {padding:0.5em; margin:0.5em;}
* html .viewer pre {width:99%; padding:0 0 1em 0;}
.viewer {line-height:1.4em; padding-top:0.5em;}
.viewer .button {margin:0 0.25em; padding:0 0.25em;}
.viewer blockquote {line-height:1.5em; padding-left:0.8em;margin-left:2.5em;}
.viewer ul, .viewer ol {margin-left:0.5em; padding-left:1.5em;}
.viewer table, table.twtable {border-collapse:collapse; margin:0.8em 1.0em;}
.viewer th, .viewer td, .viewer tr,.viewer caption,.twtable th, .twtable td, .twtable tr,.twtable caption {padding:3px;}
table.listView {font-size:0.85em; margin:0.8em 1.0em;}
table.listView th, table.listView td, table.listView tr {padding:0 3px 0 3px;}
.viewer pre {padding:0.5em; margin-left:0.5em; font-size:1.2em; line-height:1.4em; overflow:auto;}
.viewer code {font-size:1.2em; line-height:1.4em;}
.editor {font-size:1.1em;}
.editor input, .editor textarea {display:block; width:100%; box-sizing: border-box; font:inherit;}
.editorFooter {padding:0.25em 0; font-size:.9em;}
.editorFooter .button {padding-top:0; padding-bottom:0;}
.fieldsetFix {border:0; padding:0; margin:1px 0px;}
.zoomer {font-size:1.1em; position:absolute; overflow:hidden;}
.zoomer div {padding:1em;}
* html #backstage {width:99%;}
* html #backstageArea {width:99%;}
#backstageArea {display:none; position:relative; overflow: hidden; z-index:150; padding:0.3em 0.5em;}
#backstageToolbar {position:relative;}
#backstageArea a {font-weight:bold; margin-left:0.5em; padding:0.3em 0.5em;}
#backstageButton {display:none; position:absolute; z-index:175; top:0; right:0;}
#backstageButton a {padding:0.1em 0.4em; margin:0.1em;}
#backstage {position:relative; width:100%; z-index:50;}
#backstagePanel { display:none; z-index:100; position:absolute; width:90%; margin-left:3em; }
.backstagePanelFooter {padding-top:0.2em; float:right;}
.backstagePanelFooter a {padding:0.2em 0.4em;}
#backstageCloak {display:none; z-index:20; position:absolute; width:100%; height:100px;}
.whenBackstage {display:none;}
.backstageVisible .whenBackstage {display:block;}
/*}}}*/
/*{{{*/
body {font-size:1em;}
#sidebarOptions {font-size:1.05em;}
#sidebarOptions a {font-style:normal;}
#sidebarOptions .sliderPanel {font-size:0.95em;}
.subtitle {font-size:0.8em;}
.viewer table.listView {font-size:0.95em;}
/*}}}*/
/*{{{*/
@media print {
#mainMenu, #sidebar, .messageArea, .toolbar, #backstageButton, #backstageArea {display: none !important;}
#displayArea { margin-right: 0; }
/* #displayArea {margin: 1em 1em 0em;} */
noscript {display:none;}
}
/*}}}*/
<!--{{{-->
<div class='toolbar' role='navigation' macro='toolbar [[ToolbarCommands::ViewToolbar]]'></div>
<div class='title' macro='view title'></div>
<div class='viewer' macro='view text wikified'></div>
<div class='tagClear'></div>
<!--}}}-->
/% |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|
!show
<<tiddler {{
 var co=config.options;
 if (co.chkShowLeftSidebar===undefined) co.chkShowLeftSidebar=true;
 var mm=document.getElementById('mainMenu');
 var da=document.getElementById('displayArea');
 if (mm) {
 mm.style.display=co.chkShowLeftSidebar?'block':'none';
 da.style.marginLeft=co.chkShowLeftSidebar?'':'1em';
 }
'';}}>><html><nowiki><a href='javascript:;' title="$2"
onmouseover="
 this.href='javascript:void(eval(decodeURIComponent(%22(function(){try{('
 +encodeURIComponent(encodeURIComponent(this.onclick))
 +')()}catch(e){alert(e.description?e.description:e.toString())}})()%22)))';"
onclick="
 var co=config.options;
 var opt='chkShowLeftSidebar';
 var show=co[opt]=!co[opt];
 var mm=document.getElementById('mainMenu');
 var da=document.getElementById('displayArea');
 if (mm) {
 mm.style.display=show?'block':'none';
 da.style.marginLeft=show?'':'1em';
 }
 saveOptionCookie(opt);
 var labelShow=co.txtToggleLeftSideBarLabelShow||'&#x25BA;';
 var labelHide=co.txtToggleLeftSideBarLabelHide||'&#x25C4;';
 if (this.innerHTML==labelShow||this.innerHTML==labelHide)
 this.innerHTML=show?labelHide:labelShow;
 this.title=(show?'masquer':'montrer')+' le menu à gauche';
 var sm=document.getElementById('storyMenu');
 if (sm) config.refreshers.content(sm);
 return false;
">$1</a></html>
!end
%/<<tiddler {{
 var src='.ToggleLeftSidebar';
 src+(tiddler&&tiddler.title==src?'##info':'##show');
}} with: {{
 var co=config.options;
 var labelShow=co.txtToggleLeftSideBarLabelShow||'&#x25BA;&#x25C1;'; /%0C%/
 var labelHide=co.txtToggleLeftSideBarLabelHide||'&#x25C4;&#x25B7;'; /%0C%/
 '$1'!='$'+'1'?'$1':(co.chkShowLeftSidebar?labelHide:labelShow);
}} {{
 var tip=(config.options.chkShowLeftSidebar?'cacher':'montrer')+' le menu gauche'; /%0C%/
 '$2'!='$'+'2'?'$2':tip;
}}>>
/% |Author|Eric Shulman|License|https://www.TiddlyTools.com/#LegalStatements|
%/<html><nowiki><a href="javascript:;" title="masquer/montrer l'en-tête" /%0C%/
onmouseover="
 this.href='javascript:void(eval(decodeURIComponent(%22(function(){try{('
 +encodeURIComponent(encodeURIComponent(this.onclick))
 +')()}catch(e){alert(e.description?e.description:e.toString())}})()%22)))';"
onclick="
 var c=document.getElementById('contentWrapper'); if (!c) return;
 for (var i=0; i<c.childNodes.length; i++)
 if (hasClass(c.childNodes[i],'header')) { var h=c.childNodes[i]; break; }
 if (!h) return;
 config.options.chkHideSiteTitles=h.style.display!='none';
 h.style.display=config.options.chkHideSiteTitles?'none':'block';
 saveOptionCookie('chkHideSiteTitles');
 return false;
">&#x25b3;&#x25bc;</a></html>
/* |Author|Saq Imtiaz|License|Creative Commons Attribution-ShareAlike 3.0| */
// /%
config.formatters.unshift({name:"annotations",match:"\\(\\(",lookaheadRegExp:/\(\((.*?)\((\^?)((?:.|\n)*?)\)\)\)/g,handler:function(w){
this.lookaheadRegExp.lastIndex=w.matchStart;
var _2=this.lookaheadRegExp.exec(w.source);
if(_2&&_2.index==w.matchStart){
var _3=createTiddlyElement(w.output,"span",null,"annosub",_2[1]);
_3.anno=_2[3];
if(_2[2]){
_3.subject=_2[1];
}
_3.onmouseover=this.onmouseover;
_3.onmouseout=this.onmouseout;
_3.ondblclick=this.onmouseout;
w.nextMatch=_2.index+_2[0].length;
}
},onmouseover:function(e){
popup=createTiddlyElement(document.body,"div",null,"anno");
this.popup=popup;
if(this.subject){
wikify("!"+this.subject+"\n",popup);
}
wikify(this.anno,popup);
addClass(this,"annosubover");
Popup.place(this,popup,{x:25,y:7});
},onmouseout:function(e){
removeNode(this.popup);
this.popup=null;
removeClass(this,"annosubover");
}});
setStylesheet(".anno{position:absolute;border:2px solid #000;background-color:#DFDFFF; color:#000;padding:0.5em;max-width:15em;width:expression(document.body.clientWidth > (255/12) *parseInt(document.body.currentStyle.fontSize)?'15em':'auto' );}\n"+".anno h1, .anno h2{margin-top:0;color:#000;}\n"+".annosub{background:#ccc;}\n"+".annosubover{z-index:25; background-color:#DFDFFF;cursor:help;}\n","AnnotationStyles");
// %/
/* |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|
*/
//{{{
version.extensions.BreadcrumbsPlugin= {major: 2, minor: 1, revision: 4, date: new Date(2011,2,16)};
var defaults={
 chkShowBreadcrumbs: true,
 chkReorderBreadcrumbs: true,
 chkCreateDefaultBreadcrumbs: true,
 chkShowStartupBreadcrumbs: false,
 chkBreadcrumbsReverse: false,
 chkBreadcrumbsLimit: false,
 txtBreadcrumbsLimit: 5,
 chkBreadcrumbsLimitOpenTiddlers:false,
 txtBreadcrumbsLimitOpenTiddlers:3,
 chkBreadcrumbsHideHomeLink: false,
 chkBreadcrumbsSave: false,
 txtBreadcrumbsHomeSeparator: ' | ',
 txtBreadcrumbsCrumbSeparator: ' > '
};
for (var id in defaults) if (config.options[id]===undefined)
 config.options[id]=defaults[id];
config.macros.breadcrumbs = {
 crumbs: [], // the list of current breadcrumbs
 askMsg: "Save current breadcrumbs before clearing?\n"
 +"Press OK to save, or CANCEL to continue without saving.",
 saveMsg: 'Enter the name of a tiddler in which to save the current breadcrumbs',
 saveTitle: 'SavedBreadcrumbs',
 handler: function(place,macroName,params,wikifier,paramString,tiddler) {
 var area=createTiddlyElement(place,"span",null,"breadCrumbs",null);
 area.setAttribute("homeSep",params[0]||config.options.txtBreadcrumbsHomeSeparator);
 area.setAttribute("crumbSep",params[1]||config.options.txtBreadcrumbsCrumbSeparator);
 this.render(area);
 },
 add: function (title) {
 var thisCrumb = title;
 var ind = this.crumbs.indexOf(thisCrumb);
 if(ind === -1)
 this.crumbs.push(thisCrumb);
 else if (config.options.chkReorderBreadcrumbs)
 this.crumbs.push(this.crumbs.splice(ind,1)[0]); // reorder crumbs
 else
 this.crumbs=this.crumbs.slice(0,ind+1); // trim crumbs
 if (config.options.chkBreadcrumbsLimitOpenTiddlers)
 this.limitOpenTiddlers();
 this.refresh();
 return false;
 },
 getAreas: function() {
 var crumbAreas=[];
 // find all DIVs with classname=="breadCrumbs"
 var all=document.getElementsByTagName("*");
 for (var i=0; i<all.length; i++)
 try{ if (hasClass(all[i],"breadCrumbs")) crumbAreas.push(all[i]); } catch(e) {;}
 // or, find single DIV w/fixed ID (backward compatibility)
 var byID=document.getElementById("breadCrumbs")
 if (byID && !hasClass(byID,"breadCrumbs")) crumbAreas.push(byID);
 if (!crumbAreas.length && config.options.chkCreateDefaultBreadcrumbs) {
 // no crumbs display... create one
 var defaultArea = createTiddlyElement(null,"span",null,"breadCrumbs",null);
 defaultArea.style.display= "none";
 var targetArea= document.getElementById("tiddlerDisplay");
 targetArea.parentNode.insertBefore(defaultArea,targetArea);
 crumbAreas.push(defaultArea);
 }
 return crumbAreas;
 },
 refresh: function() {
 var crumbAreas=this.getAreas();
 for (var i=0; i<crumbAreas.length; i++) {
 crumbAreas[i].style.display = config.options.chkShowBreadcrumbs?"inline":"none";
 removeChildren(crumbAreas[i]);
 this.render(crumbAreas[i]);
 }
 },
 render: function(here) {
 var co=config.options; var out=""
 if (!co.chkBreadcrumbsHideHomeLink) {
 createTiddlyButton(here,"Accueil",null,this.home,"tiddlyLink tiddlyLinkExisting");
 out+=here.getAttribute("homeSep")||config.options.txtBreadcrumbsHomeSeparator;
 }
 for (c=0; c<this.crumbs.length; c++) // remove non-existing tiddlers from crumbs
 if (!store.tiddlerExists(this.crumbs[c]) && !store.isShadowTiddler(this.crumbs[c]))
 this.crumbs.splice(c,1);
 var count=this.crumbs.length;
 if (co.chkBreadcrumbsLimit && co.txtBreadcrumbsLimit<count) count=co.txtBreadcrumbsLimit;
 var list=[];
 for (c=this.crumbs.length-count; c<this.crumbs.length; c++) list.push('[['+this.crumbs[c]+']]');
 if (co.chkBreadcrumbsReverse) list.reverse();
 out+=list.join(here.getAttribute("crumbSep")||config.options.txtBreadcrumbsCrumbSeparator);
 wikify(out,here);
 },
 home: function() {
 var cmb=config.macros.breadcrumbs;
 if (config.options.chkBreadcrumbsSave && confirm(cmb.askMsg)) cmb.saveCrumbs();
 story.closeAllTiddlers(); restart();
 cmb.crumbs = []; var crumbAreas=cmb.getAreas();
 for (var i=0; i<crumbAreas.length; i++) crumbAreas[i].style.display = "none";
 return false;
 },
 saveCrumbs: function() {
 var tid=prompt(this.saveMsg,this.saveTitle); if (!tid||!tid.length) return; // cancelled by user
 var t=store.getTiddler(tid);
 if(t && !confirm(config.messages.overwriteWarning.format([tid]))) return;
 var who=config.options.txtUserName;
 var when=new Date();
 var text='[['+this.crumbs.join(']]\n[[')+']]';
 var tags=t?t.tags:[]; tags.pushUnique('story');
 var fields=t?t.fields:{};
 store.saveTiddler(tid,tid,text,who,when,tags,fields);
 story.displayTiddler(null,tid);
 story.refreshTiddler(tid,null,true);
 displayMessage(tid+' has been '+(t?'updated':'created'));
 },
 limitOpenTiddlers: function() {
 var limit=config.options.txtBreadcrumbsLimitOpenTiddlers; if (limit<1) limit=1;
 for (c=this.crumbs.length-1; c>=0; c--) {
 var tid=this.crumbs[c];
 var elem=story.getTiddler(tid);
 if (elem) { // tiddler is displayed
 if (limit <=0) { // display limit has been reached
 if (elem.getAttribute("dirty")=="true") { // tiddler is being edited
 var msg= "'"+tid+"' is currently being edited.\n\n"
 +"Press OK to save and close this tiddler\n"
 +"or press Cancel to leave it opened";
 if (confirm(msg)) {
 story.closeTiddler(tid);
 }
 }
 else story.closeTiddler(this.crumbs[c]);
 }
 limit--;
 }
 }
 }
};
//}}}
// // PreviousTiddler ('back') command and macro
//{{{
config.commands.previousTiddler = {
 text: 'back',
 tooltip: 'view the previous tiddler',
 handler: function(event,src,title) {
 var crumbs=config.macros.breadcrumbs.crumbs;
 if (crumbs.length<2) config.macros.breadcrumbs.home();
 else story.displayTiddler(story.findContainingTiddler(src),crumbs[crumbs.length-2]);
 return false;
 }
};
config.macros.previousTiddler= {
 label: 'back',
 prompt: 'view the previous tiddler',
 handler: function(place,macroName,params,wikifier,paramString,tiddler) {
 var label=params.shift(); if (!label) label=this.label;
 var prompt=params.shift(); if (!prompt) prompt=this.prompt;
 createTiddlyButton(place,label,prompt,function(ev){
 return config.commands.previousTiddler.handler(ev,this)
 });
 }
}//}}}
// // HIJACKS
//{{{
// update crumbs when a tiddler is displayed
if (Story.prototype.breadCrumbs_coreDisplayTiddler==undefined)
 Story.prototype.breadCrumbs_coreDisplayTiddler=Story.prototype.displayTiddler;
Story.prototype.displayTiddler = function(srcElement,tiddler) {
 var title=(tiddler instanceof Tiddler)?tiddler.title:tiddler;
 this.breadCrumbs_coreDisplayTiddler.apply(this,arguments);
 if (!startingUp || config.options.chkShowStartupBreadcrumbs)
 config.macros.breadcrumbs.add(title);
}
// update crumbs when a tiddler is deleted
if (TiddlyWiki.prototype.breadCrumbs_coreRemoveTiddler==undefined)
 TiddlyWiki.prototype.breadCrumbs_coreRemoveTiddler=TiddlyWiki.prototype.removeTiddler;
TiddlyWiki.prototype.removeTiddler= function() {
 this.breadCrumbs_coreRemoveTiddler.apply(this,arguments);
 config.macros.breadcrumbs.refresh();
}
//}}}
/* |Author|Doug Compton|Contributors|Lewcid/Saq Imtiaz, FND, Eric Shulman|License||
--
|<<showtoc>> |
To modifiy the appearance, you can use CSS similiar to the below.
//{{{
.dcTOC ul {
 color: red;
 list-style-type: lower-roman;
}
.dcTOC a {
 color: green;
 border: none;
}
.dcTOC a:hover {
 background: white;
 border: solid 1px;
}
.dcTOCTop {
 font-size: 2em;
 color: green;
}
//}}}
*/
//{{{
version.extensions.DcTableOfContentsPlugin= {
 major: 0, minor: 4, revision: 0,
 type: "macro",
 source: "http://devpad.tiddlyspot.com#DcTableOfContentsPlugin"
};
for (var n=0; n<config.formatters.length; n++) {
 var format = config.formatters[n];
 if (format.name == 'heading') {
  format.handler = function(w) {
   var e = createTiddlyElement(w.output, "h" + w.matchLength);
   w.subWikifyTerm(e, this.termRegExp); //updated for TW 2.2+
   if (w.tiddler && w.tiddler.isTOCInTiddler == 1) {
    var c = createTiddlyElement(e, "div");
    c.setAttribute("style", "font-size: 0.5em; color: blue;");
    createTiddlyButton(c, " [top]", "Retour à la table des matières", window.scrollToTop, "dcTOCTop", null, null);
   }
  }
  break;
 }
}
config.macros.showtoc = {
 handler: function(place, macroName, params, wikifier, paramString, tiddler) {
  var text = "";
  var title = "";
  var myTiddler = null;
  // Did they pass in a tiddler?
  if (params.length) {
   title = params[0];
   myTiddler = store.getTiddler(title);
  } else {
   myTiddler = tiddler;
  }
  if (myTiddler == null) {
   wikify("ERROR: Could not find " + title, place);
   return;
  }
  var lines = myTiddler .text.split("\n");
  myTiddler.isTOCInTiddler = 1;
  var r = createTiddlyElement(place, "div", null, "dcTOC");
  createTiddlyButton(r, "", "Masque/Affiche la Table des Matières",
//##0C##++
//createTiddlyButton(r, "◄-► Masquer/Afficher ◄-►", "Masque/Affiche la Table des Matières",
//##0C##--
   function() { config.macros.showtoc.toggleElement(this.nextSibling); },
   "toggleButton")
  var c = createTiddlyElement(r, "div");
  if (lines != null) {
//##0C##++
   text = "•• "
//##0C##--
   for (var x=0; x<lines.length; x++) {
    var line = lines[x];
    if (line.substr(0,1) == "!") {
     // Find first non ! char
     for (var i=0; i<line.length; i++) {
      if (line.substr(i, 1) != "!") {
       break;
      }
     }
     var desc = line.substring(i);
     // Remove WikiLinks
     desc = desc.replace(/\[\[/g, "");
     desc = desc.replace(/\]\]/g, "");
     text += line.substr(0, i).replace(/[!]/g, '');
//##0C##++
//     text += '<html><a href="javascript:;" onClick="window.scrollToHeading(\'' + title + '\', \'' + desc+ '\', event)">' + desc+ '</a></html>\n';
     text += '<html><a href="javascript:;" onClick="window.scrollToHeading(\'' + title + '\', \'' + desc+ '\', event)">' + desc+ '</a></html> •• ';
//##0C##--
    }
   }
  }
  wikify(text, c);
 }
}
config.macros.showtoc.toggleElement = function(e) {
 if(e) {
  if(e.style.display != "none") {
   e.style.display = "none";
  } else {
   e.style.display = "";
  }
 }
};
window.scrollToTop = function(evt) {
 if (! evt)
  var evt = window.event;
 var target = resolveTarget(evt);
 var tiddler = story.findContainingTiddler(target);
 if (! tiddler)
  return false;
 window.scrollTo(0, ensureVisible(tiddler));
 return false;
};
window.scrollToHeading = function(title, anchorName, evt) {
 var tiddler = null;
 if (! evt)
  var evt = window.event;
 if (title) {
  story.displayTiddler(store.getTiddler(title), title, null, false);
  tiddler = document.getElementById(story.idPrefix + title);
 } else {
  var target = resolveTarget(evt);
  tiddler = story.findContainingTiddler(target);
 }
 if (tiddler == null)
  return false;

 var children1 = tiddler.getElementsByTagName("h1");
 var children2 = tiddler.getElementsByTagName("h2");
 var children3 = tiddler.getElementsByTagName("h3");
 var children4 = tiddler.getElementsByTagName("h4");
 var children5 = tiddler.getElementsByTagName("h5");
 var children = new Array();
 children = children.concat(children1, children2, children3, children4, children5);
 for (var i = 0; i < children.length; i++) {
  for (var j = 0; j < children[i].length; j++) {
   var heading = children[i][j].innerHTML;
   // Remove all HTML tags
   while (heading.indexOf("<") >= 0) {
    heading = heading.substring(0, heading.indexOf("<")) + heading.substring(heading.indexOf(">") + 1);
   }
   // Cut off the code added in showtoc for TOP
   heading = heading.substr(0, heading.length-6);
   if (heading == anchorName) {
    var y = findPosY(children[i][j]);
    window.scrollTo(0,y);
    return false;
   }
  }
 }
 return false
};
//}}}
/* |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|
!Configuration
<<<
<<option chkDisableWikiLinks>> Disable ALL automatic WikiWord tiddler links
<<option chkAllowLinksFromShadowTiddlers>> ... except for WikiWords //contained in// shadow tiddlers
<<option chkDisableNonExistingWikiLinks>> Disable automatic WikiWord links for non-existing tiddlers
Disable automatic WikiWord links for words listed in: <<option txtDisableWikiLinksList>>
Disable automatic WikiWord links for tiddlers tagged with: <<option txtDisableWikiLinksTag>>
<<<
!Code
*/
//{{{
version.extensions.DisableWikiLinksPlugin= {major: 1, minor: 6, revision: 0, date: new Date(2008,7,22)};
if (config.options.chkDisableNonExistingWikiLinks==undefined) config.options.chkDisableNonExistingWikiLinks= false;
if (config.options.chkDisableWikiLinks==undefined) config.options.chkDisableWikiLinks=false;
if (config.options.txtDisableWikiLinksList==undefined) config.options.txtDisableWikiLinksList="DisableWikiLinksList";
if (config.options.chkAllowLinksFromShadowTiddlers==undefined) config.options.chkAllowLinksFromShadowTiddlers=true;
if (config.options.txtDisableWikiLinksTag==undefined) config.options.txtDisableWikiLinksTag="excludeWikiWords";
// find the formatter for wikiLink and replace handler with 'pass-thru' rendering
initDisableWikiLinksFormatter();
function initDisableWikiLinksFormatter() {
 for (var i=0; i<config.formatters.length && config.formatters[i].name!="wikiLink"; i++);
 config.formatters[i].coreHandler=config.formatters[i].handler;
 config.formatters[i].handler=function(w) {
  // supress any leading "~" (if present)
  var skip=(w.matchText.substr(0,1)==config.textPrimitives.unWikiLink)?1:0;
  var title=w.matchText.substr(skip);
  var exists=store.tiddlerExists(title);
  var inShadow=w.tiddler && store.isShadowTiddler(w.tiddler.title);
  // check for excluded Tiddler
  if (w.tiddler && w.tiddler.isTagged(config.options.txtDisableWikiLinksTag))
   { w.outputText(w.output,w.matchStart+skip,w.nextMatch); return; }
  // check for specific excluded wiki words
  var t=store.getTiddlerText(config.options.txtDisableWikiLinksList);
  if (t && t.length && t.indexOf(w.matchText)!=-1)
   { w.outputText(w.output,w.matchStart+skip,w.nextMatch); return; }
  // if not disabling links from shadows (default setting)
  if (config.options.chkAllowLinksFromShadowTiddlers && inShadow)
   return this.coreHandler(w);
  // check for non-existing non-shadow tiddler
  if (config.options.chkDisableNonExistingWikiLinks && !exists)
   { w.outputText(w.output,w.matchStart+skip,w.nextMatch); return; }
  // if not enabled, just do standard WikiWord link formatting
  if (!config.options.chkDisableWikiLinks)
   return this.coreHandler(w);
  // just return text without linking
  w.outputText(w.output,w.matchStart+skip,w.nextMatch)
 }
}
Tiddler.prototype.coreAutoLinkWikiWords = Tiddler.prototype.autoLinkWikiWords;
Tiddler.prototype.autoLinkWikiWords = function()
{
 if (!config.options.chkDisableWikiLinks)
  return this.coreAutoLinkWikiWords.apply(this,arguments);
 return false;
}
Tiddler.prototype.disableWikiLinks_changed = Tiddler.prototype.changed;
Tiddler.prototype.changed = function()
{
 this.disableWikiLinks_changed.apply(this,arguments);
 var t=store.getTiddlerText(config.options.txtDisableWikiLinksList,"").readBracketedList();
 if (t.length) for (var i=0; i<t.length; i++)
  if (this.links.contains(t[i]))
   this.links.splice(this.links.indexOf(t[i]),1);
};
//}}}
/* |Author|Yakov Litvin|Forked from|[[abego.ForEachTiddlerPlugin|http://tiddlywiki.abego-software.de/#ForEachTiddlerPlugin]], by Udo Borkowski| */
//{{{
(function(){
// Only install once
if (version.extensions.ForEachTiddlerPlugin) {
 alert("Warning: more than one copy of ForEachTiddlerPlugin is set to be launched");
 return;
} else
 version.extensions.ForEachTiddlerPlugin = {
  source: "[repository url here]",
  licence: "[licence url here]",
  copyright: "Copyright (c) Yakov Litvin, 2012 [url of the meta page]"
 };
config.macros.forEachTiddler = {
 actions: {
  addToList: {},
  write: {}
 }
};
config.macros.forEachTiddler.handler = function(place,macroName,params,wikifier,paramString,tiddler) {
 var parsedParams = this.parseParams(params);
 if (parsedParams.errorText) {
  this.handleError(place, parsedParams.errorText);
  return;
 }//else
  parsedParams.place = place;
  parsedParams.inTiddler = tiddler? tiddler : getContainingTiddler(place);
 parsedParams.actionName = parsedParams.actionName ? parsedParams.actionName : "addToList";
 var actionName = parsedParams.actionName;
 var action = this.actions[actionName];
 if (!action) {
  this.handleError(place, "Unknown action '"+actionName+"'.");
  return;
 }
 var element = document.createElement(action.element);
 jQuery(element).attr({ refresh: "macro", macroName: macroName }).data(parsedParams);
 place.appendChild(element);
 this.refresh(element);
};
config.macros.forEachTiddler.refresh = function(element) {
 var parsedParams = jQuery(element).data(),
  action = this.actions[parsedParams.actionName];
 jQuery(element).empty();
 try {
  var tiddlersAndContext = this.getTiddlersAndContext(parsedParams);
  action.handler(element, tiddlersAndContext.tiddlers,
    parsedParams.actionParameter, tiddlersAndContext.context);
 } catch (e) {
  this.handleError(place, e);
 }
};
config.macros.forEachTiddler.getTiddlersAndContext = function(parameter) {
 var context = config.macros.forEachTiddler.createContext(parameter.place, parameter.filter, parameter.whereClause, parameter.sortClause, parameter.sortAscending, parameter.actionName, parameter.actionParameter, parameter.scriptText, parameter.tiddlyWikiPath, parameter.inTiddler);
 var tiddlyWiki = parameter.tiddlyWikiPath ? this.loadTiddlyWiki(parameter.tiddlyWikiPath) : store;
 context["tiddlyWiki"] = tiddlyWiki;
 var tiddlers = this.findTiddlers(parameter.filter, parameter.whereClause, context, tiddlyWiki);
 context["tiddlers"] = tiddlers;
 if (parameter.sortClause)
  this.sortTiddlers(tiddlers, parameter.sortClause, parameter.sortAscending, context);
 return {tiddlers: tiddlers, context: context};
};
config.macros.forEachTiddler.actions.addToList.element = "ul";
config.macros.forEachTiddler.actions.addToList.handler = function(place, tiddlers, parameter, context) {
 var p = 0;
 if (parameter.length > p) {
  config.macros.forEachTiddler.createExtraParameterErrorElement(place, "addToList", parameter, p);
  return;
 }
 for (var i = 0; i < tiddlers.length; i++) {
  var tiddler = tiddlers[i];
  var listItem = document.createElement("li");
  place.appendChild(listItem);
  createTiddlyLink(listItem, tiddler.title, true);
 }
};
var parseNamedParameter = function(name, parameter, i) {
 var beginExpression = null;
 if ((i < parameter.length) && parameter[i] == name) {
  i++;
  if (i >= parameter.length) {
   throw "Missing text behind '%0'".format([name]);
  }
  return config.macros.forEachTiddler.paramEncode(parameter[i]);
 }
 return null;
}
config.macros.forEachTiddler.actions.write.element = "span";
config.macros.forEachTiddler.actions.write.handler = function(place, tiddlers, parameter, context) {
 var p = 0;
 if (p >= parameter.length) {
  this.handleError(place, "Missing expression behind 'write'.");
  return;
 }
 var textExpression = config.macros.forEachTiddler.paramEncode(parameter[p]);
 p++;
 var beginExpression = parseNamedParameter("begin", parameter, p);
 if (beginExpression !== null)
  p += 2;
 var endExpression = parseNamedParameter("end", parameter, p);
 if (endExpression !== null)
  p += 2;
 var noneExpression = parseNamedParameter("none", parameter, p);
 if (noneExpression !== null)
  p += 2;
 var filename = null;
 var lineSeparator = undefined;
 if ((p < parameter.length) && parameter[p] == "toFile") {
  p++;
  if (p >= parameter.length) {
   this.handleError(place, "Filename expected behind 'toFile' of 'write' action.");
   return;
  }
  filename = config.macros.forEachTiddler.getLocalPath(config.macros.forEachTiddler.paramEncode(parameter[p]));
  p++;
  if ((p < parameter.length) && parameter[p] == "withLineSeparator") {
   p++;
   if (p >= parameter.length) {
    this.handleError(place, "Line separator text expected behind 'withLineSeparator' of 'write' action.");
    return;
   }
   lineSeparator = config.macros.forEachTiddler.paramEncode(parameter[p]);
   p++;
  }
 }
 if (parameter.length > p) {
  config.macros.forEachTiddler.createExtraParameterErrorElement(place, "write", parameter, p);
  return;
 }
 var func = config.macros.forEachTiddler.getEvalTiddlerFunction(textExpression, context);
 var count = tiddlers.length;
 var text = "";
 if (count > 0 && beginExpression)
  text += config.macros.forEachTiddler.getEvalTiddlerFunction(beginExpression, context)(undefined, context, count, undefined);
 for (var i = 0; i < count; i++) {
  var tiddler = tiddlers[i];
  text += func(tiddler, context, count, i);
 }
 if (count > 0 && endExpression)
  text += config.macros.forEachTiddler.getEvalTiddlerFunction(endExpression, context)(undefined, context, count, undefined);
 if (count == 0 && noneExpression)
  text += config.macros.forEachTiddler.getEvalTiddlerFunction(noneExpression, context)(undefined, context, count, undefined);
 if (filename) {
  if (lineSeparator !== undefined) {
   lineSeparator = lineSeparator.replace(/\\n/mg, "\n").replace(/\\r/mg, "\r");
   text = text.replace(/\n/mg,lineSeparator);
  }
  saveFile(filename, convertUnicodeToUTF8(text));
 } else
  wikify(text, place, null/* highlightRegExp */, context.inTiddler);
};
config.macros.forEachTiddler.parseParams = function(params) {
 var i = 0; // index running over the params
 var tiddlyWikiPath = undefined;
 if ((i < params.length) && params[i] == "in") {
  i++;
  if (i >= params.length)
   return { errorText: "TiddlyWiki path expected behind 'in'." };
  tiddlyWikiPath = this.paramEncode((i < params.length) ? params[i] : "");
  i++;
 }
 if ((i < params.length) && params[i] == "filter") {
  i++;
  var filter = (i < params.length) ? params[i] : undefined;
  i++;
 }
 var whereClause ="true";
 if ((i < params.length) && params[i] == "where") {
  i++;
  whereClause = this.paramEncode((i < params.length) ? params[i] : "");
  i++;
 }
 var sortClause = null;
 var sortAscending = true;
 if ((i < params.length) && params[i] == "sortBy") {
  i++;
  if (i >= params.length)
   return { errorText: "sortClause missing behind 'sortBy'." };
  sortClause = this.paramEncode(params[i]);
  i++;
  if ((i < params.length) && (params[i] == "ascending" || params[i] == "descending")) {
    sortAscending = params[i] == "ascending";
    i++;
  }
 }
 var scriptText = null;
 if ((i < params.length) && params[i] == "script") {
  i++;
  scriptText = this.paramEncode((i < params.length) ? params[i] : "");
  i++;
 }
 var actionName = "addToList";
 if (i < params.length) {
  if (!config.macros.forEachTiddler.actions[params[i]])
   return { errorText: "Unknown action '"+params[i]+"'." };
  else {
   actionName = params[i];
   i++;
  }
 }
 var actionParameter = params.slice(i);
 return {
   filter:   filter,
   whereClause:  whereClause,
   sortClause:  sortClause,
   sortAscending:  sortAscending,
   actionName:  actionName,
   actionParameter: actionParameter,
   scriptText:  scriptText,
   tiddlyWikiPath:  tiddlyWikiPath
  }
};
var getContainingTiddler = function(e) {
 while(e && !hasClass(e,"tiddler"))
  e = e.parentNode;
 var title = e ? e.getAttribute("tiddler") : null;
 return title ? store.getTiddler(title) : null;
};
config.macros.forEachTiddler.createContext = function(placeParam, filterParam, whereClauseParam, sortClauseParam, sortAscendingParam, actionNameParam, actionParameterParam, scriptText, tiddlyWikiPathParam, inTiddlerParam) {
 return {
  place  : placeParam,
  filter  : filterParam,
  whereClause : whereClauseParam,
  sortClause : sortClauseParam,
  sortAscending : sortAscendingParam,
  script  : scriptText,
  actionName : actionNameParam,
  actionParameter : actionParameterParam,
  tiddlyWikiPath : tiddlyWikiPathParam,
  inTiddler : inTiddlerParam, // the tiddler containing the <<forEachTiddler ...>> macro call.
  viewerTiddler : getContainingTiddler(placeParam) //the tiddler showing the forEachTiddler result
 };
};
config.macros.forEachTiddler.loadTiddlyWiki = function(path, idPrefix) {
 if (!idPrefix) {
  idPrefix = "store";
 }
 var lenPrefix = idPrefix.length;
 var content = loadFile(this.getLocalPath(path));
 if(content === null) {
  throw "TiddlyWiki '"+path+"' not found.";
 }
 var tiddlyWiki = new TiddlyWiki();
 if (!tiddlyWiki.importTiddlyWiki(content))
  throw "File '"+path+"' is not a TiddlyWiki.";
 tiddlyWiki.dirty = false;
 return tiddlyWiki;
};
config.macros.forEachTiddler.getEvalTiddlerFunction = function (javaScriptExpression, context) {
 var script = context["script"];
 var functionText = "var theFunction = function(tiddler, context, count, index) { return "+javaScriptExpression+"}";
 var fullText = (script ? script+";" : "")+functionText+";theFunction;";
 return eval(fullText);
};
config.macros.forEachTiddler.findTiddlers = function(filter, whereClause, context, tiddlyWiki) {
 var result = [];
 var func = config.macros.forEachTiddler.getEvalTiddlerFunction(whereClause, context);
 if(filter) {
  var tids = tiddlyWiki.filterTiddlers(filter);
  for(var i = 0; i < tids.length; i++)
   if(func(tids[i], context, undefined, undefined))
    result.push(tids[i]);
 } else
  tiddlyWiki.forEachTiddler(function(title,tiddler) {
   if(func(tiddler, context, undefined, undefined))
    result.push(tiddler);
  });
 return result;
};
config.macros.forEachTiddler.sortAscending = function(tiddlerA, tiddlerB) {
 return ((tiddlerA.forEachTiddlerSortValue == tiddlerB.forEachTiddlerSortValue)
   ? 0
   : ((tiddlerA.forEachTiddlerSortValue < tiddlerB.forEachTiddlerSortValue)
    ? -1
    : +1))
};
config.macros.forEachTiddler.sortDescending = function(tiddlerA, tiddlerB) {
 return ((tiddlerA.forEachTiddlerSortValue == tiddlerB.forEachTiddlerSortValue)
   ? 0
   : ((tiddlerA.forEachTiddlerSortValue < tiddlerB.forEachTiddlerSortValue)
    ? +1
    : -1))
};
config.macros.forEachTiddler.sortTiddlers = function(tiddlers, sortClause, ascending, context) {
 var func = config.macros.forEachTiddler.getEvalTiddlerFunction(sortClause, context);
 var count = tiddlers.length;
 var i;
 for (i = 0; i < count; i++) {
  var tiddler = tiddlers[i];
  tiddler.forEachTiddlerSortValue = func(tiddler,context, undefined, undefined);
 }
 tiddlers.sort(ascending ? this.sortAscending : this.sortDescending);
 for (i = 0; i < tiddlers.length; i++)
  delete tiddlers[i].forEachTiddlerSortValue;
};
config.macros.forEachTiddler.createErrorElement = function(place, exception) {
 var message = (exception.description) ? exception.description : exception.toString();
 return createTiddlyElement(place,"span",null,"forEachTiddlerError","<<forEachTiddler ...>>: "+message);
};
config.macros.forEachTiddler.handleError = function(place, exception) {
 if (place) {
  this.createErrorElement(place, exception);
 } else {
  throw exception;
 }
};
config.macros.forEachTiddler.createExtraParameterErrorElement = function(place, actionName, parameter, firstUnusedIndex) {
 var message = "Extra parameter behind '"+actionName+"':";
 for (var i = firstUnusedIndex; i < parameter.length; i++) {
  message += " "+parameter[i];
 }
 this.handleError(place, message);
};
config.macros.forEachTiddler.paramEncode = function(s) {
 var reGTGT = new RegExp("\\$\\)\\)","mg");
 var reGT = new RegExp("\\$\\)","mg");
 return s.replace(reGTGT, ">>").replace(reGT, ">");
};
config.macros.forEachTiddler.getLocalPath = function(originalPath) {
 var originalAbsolutePath = originalPath;
 if(originalAbsolutePath.search(/^((http(s)?)|(file)):/) != 0) {
  if (originalAbsolutePath.search(/^(.\:\\)|(\\\\)|(\/)/) != 0){// is relative?
   var currentUrl = document.location.toString();
   var currentPath = (currentUrl.lastIndexOf("/") > -1) ?
    currentUrl.substr(0, currentUrl.lastIndexOf("/") + 1) :
    currentUrl + "/";
   originalAbsolutePath = currentPath + originalAbsolutePath;
  } else
   originalAbsolutePath = "file://" + originalAbsolutePath;
  originalAbsolutePath = originalAbsolutePath.replace(/\\/mg,"/");
 }
 return getLocalPath(originalAbsolutePath);
};
setStylesheet(
 ".forEachTiddlerError{color: #ffffff;background-color: #880000;}",
 "forEachTiddler");
config.macros.fet = config.macros.forEachTiddler;
String.prototype.startsWith = function(prefix) {
 var n = prefix.length;
 return (this.length >= n) && (this.slice(0, n) == prefix);
};
String.prototype.endsWith = function(suffix) {
 var n = suffix.length;
 return (this.length >= n) && (this.right(n) == suffix);
};
String.prototype.contains = function(substring) {
 return this.indexOf(substring) >= 0;
};
})();
Tiddler.prototype.getSlice = function(sliceName,defaultText) {
 var re = TiddlyWiki.prototype.slicesRE;
 re.lastIndex = 0;
 var m = re.exec(this.text);
 while(m) {
  if(m[2]) {
   if(m[2] == sliceName)
    return m[3];
  } else {
   if(m[5] == sliceName)
    return m[6];
  }
  m = re.exec(this.text);
 }
 return defaultText;
};
Tiddler.prototype.getSection = function(sectionName,defaultText) {
 var beginSectionRegExp = new RegExp("(^!{1,6}[ \t]*" + sectionName.escapeRegExp() + "[ \t]*\n)","mg"),
  sectionTerminatorRegExp = /^!/mg;
 var match = beginSectionRegExp.exec(this.text), sectionText;
 if(match) {
  sectionText = this.text.substr(match.index+match[1].length);
  match = sectionTerminatorRegExp.exec(sectionText);
  if(match)
   sectionText = sectionText.substr(0,match.index-1); // don't include final \n
  return sectionText
 }
 return defaultText;
};
//}}}
/* |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|
!Configuration
<<<
Use {{{<hide linebreaks>}}} within HTML content to wiki-style rendering of line breaks. To //always// omit all line breaks from the rendered output, you can set this option:
><<option chkHTMLHideLinebreaks>> ignore all line breaks
which can also be 'hard coded' into your document by adding the following to a tiddler, tagged with <<tag systemConfig>>
>{{{config.options.chkHTMLHideLinebreaks=true;}}}
<<<
!Code
*/
//{{{
version.extensions.HTMLFormattingPlugin= {major: 2, minor: 4, revision: 1, date: new Date(2010,5,7)};
// find the formatter for HTML and replace the handler
initHTMLFormatter();
function initHTMLFormatter()
{
 for (var i=0; i<config.formatters.length && config.formatters[i].name!="html"; i++);
 if (i<config.formatters.length) config.formatters[i].handler=function(w) {
  if (!this.lookaheadRegExp)
   this.lookaheadRegExp = new RegExp(this.lookahead,"mg");
  this.lookaheadRegExp.lastIndex = w.matchStart;
  var lookaheadMatch = this.lookaheadRegExp.exec(w.source)
  if(lookaheadMatch && lookaheadMatch.index == w.matchStart) {
   var html=lookaheadMatch[1];
   // if <nowiki> is present, just let browser handle it!
   if (html.indexOf('<nowiki>')!=-1)
    createTiddlyElement(w.output,"span").innerHTML=html;
   else {
    // if <hide linebreaks> is present, or chkHTMLHideLinebreaks is set
    // suppress wiki-style literal handling of newlines
    if (config.options.chkHTMLHideLinebreaks||(html.indexOf('<hide linebreaks>')!=-1))
     html=html.replace(/\n/g,' ');
    // remove all \r's added by IE textarea and mask newlines and macro brackets
    html=html.replace(/\r/g,'').replace(/\n/g,'\\n').replace(/<</g,'%%(').replace(/>>/g,')%%');
    // create span, let browser parse HTML
    var e=createTiddlyElement(w.output,"span"); e.innerHTML=html;
    // then re-render text nodes as wiki-formatted content
    wikifyTextNodes(e,w);
   }
   w.nextMatch = this.lookaheadRegExp.lastIndex; // continue parsing
  }
 }
}
// wikify #text nodes that remain after HTML content is processed (pre-order recursion)
function wikifyTextNodes(theNode,w)
{
 function unmask(s) { return s.replace(/\%%\(/g,'<<').replace(/\)\%%/g,'>>').replace(/\\n/g,'\n'); }
 switch (theNode.nodeName.toLowerCase()) {
  case 'style': case 'option': case 'select':
   theNode.innerHTML=unmask(theNode.innerHTML);
   break;
  case 'textarea':
   theNode.value=unmask(theNode.value);
   break;
  case '#text':
   var txt=unmask(theNode.nodeValue);
   var newNode=createTiddlyElement(null,"span");
   theNode.parentNode.replaceChild(newNode,theNode);
   wikify(txt,newNode,highlightHack,w.tiddler);
   break;
  default:
   for (var i=0;i<theNode.childNodes.length;i++)
    wikifyTextNodes(theNode.childNodes.item(i),w); // recursion
   break;
 }
}
//}}}
/* |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|
!Code
*/
//{{{
version.extensions.ImageSizePlugin= {major: 1, minor: 2, revision: 2, date: new Date(2010,7,24)};
//}}}
//{{{
var f=config.formatters[config.formatters.findByField("name","image")];
f.match="\\[[<>]?[Ii][Mm][Gg](?:\\([^,]*,[^\\)]*\\))?\\[";
f.lookaheadRegExp=/\[([<]?)(>?)[Ii][Mm][Gg](?:\(([^,]*),([^\)]*)\))?\[(?:([^\|\]]+)\|)?([^\[\]\|]+)\](?:\[([^\]]*)\])?\]/mg;
f.handler=function(w) {
 this.lookaheadRegExp.lastIndex = w.matchStart;
 var lookaheadMatch = this.lookaheadRegExp.exec(w.source)
 if(lookaheadMatch && lookaheadMatch.index == w.matchStart) {
  var floatLeft=lookaheadMatch[1];
  var floatRight=lookaheadMatch[2];
  var width=lookaheadMatch[3];
  var height=lookaheadMatch[4];
  var tooltip=lookaheadMatch[5];
  var src=lookaheadMatch[6];
  var link=lookaheadMatch[7];
  var e = w.output;
  if(link) { // LINKED IMAGE
   if (config.formatterHelpers.isExternalLink(link)) {
    if (config.macros.attach && config.macros.attach.isAttachment(link)) {
     // see [[AttachFilePluginFormatters]]
     e = createExternalLink(w.output,link);
     e.href=config.macros.attach.getAttachment(link);
     e.title = config.macros.attach.linkTooltip + link;
    } else
     e = createExternalLink(w.output,link);
   } else
    e = createTiddlyLink(w.output,link,false,null,w.isStatic);
   addClass(e,"imageLink");
  }
  var img = createTiddlyElement(e,"img");
  if(floatLeft) img.align="left"; else if(floatRight) img.align="right";
  if(width||height) {
   var x=width.trim(); var y=height.trim();
   var stretchW=(x.substr(x.length-1,1)=='+'); if (stretchW) x=x.substr(0,x.length-1);
   var stretchH=(y.substr(y.length-1,1)=='+'); if (stretchH) y=y.substr(0,y.length-1);
   if (x.substr(0,2)=="{{")
    { try{x=eval(x.substr(2,x.length-4))} catch(e){displayMessage(e.description||e.toString())} }
   if (y.substr(0,2)=="{{")
    { try{y=eval(y.substr(2,y.length-4))} catch(e){displayMessage(e.description||e.toString())} }
   img.style.width=x.trim(); img.style.height=y.trim();
   config.formatterHelpers.addStretchHandlers(img,stretchW,stretchH);
  }
  if(tooltip) img.title = tooltip;
  if (config.macros.attach && config.macros.attach.isAttachment(src))
   src=config.macros.attach.getAttachment(src); // see [[AttachFilePluginFormatters]]
  else if (config.formatterHelpers.resolvePath) { // see [[ImagePathPlugin]]
   if (config.browser.isIE || config.browser.isSafari) {
    img.onerror=(function(){
     this.src=config.formatterHelpers.resolvePath(this.src,false);
     return false;
    });
   } else
    src=config.formatterHelpers.resolvePath(src,true);
  }
  img.src=src;
  w.nextMatch = this.lookaheadRegExp.lastIndex;
 }
}
config.formatterHelpers.imageSize={
tip: '', dragtip: 'DRAG=étirer/réduire, '
}
config.formatterHelpers.addStretchHandlers=function(e,stretchW,stretchH) {
 e.title=((stretchW||stretchH)?this.imageSize.dragtip:'')+this.imageSize.tip;
 e.statusMsg='width=%0, height=%1';
 e.style.cursor='move';
 e.originalW=e.style.width;
 e.originalH=e.style.height;
 e.minW=Math.max(e.offsetWidth/20,10);
 e.minH=Math.max(e.offsetHeight/20,10);
 e.stretchW=stretchW;
 e.stretchH=stretchH;
 e.onmousedown=function(ev) { var ev=ev||window.event;
  this.sizing=true;
  this.startX=!config.browser.isIE?ev.pageX:(ev.clientX+findScrollX());
  this.startY=!config.browser.isIE?ev.pageY:(ev.clientY+findScrollY());
  this.startW=this.offsetWidth;
  this.startH=this.offsetHeight;
  return false;
 };
 e.onmousemove=function(ev) { var ev=ev||window.event;
  if (this.sizing) {
   var s=this.style;
   var currX=!config.browser.isIE?ev.pageX:(ev.clientX+findScrollX());
   var currY=!config.browser.isIE?ev.pageY:(ev.clientY+findScrollY());
   var newW=(currX-this.offsetLeft)/(this.startX-this.offsetLeft)*this.startW;
   var newH=(currY-this.offsetTop )/(this.startY-this.offsetTop )*this.startH;
   if (this.stretchW) s.width =Math.floor(Math.max(newW,this.minW))+'px';
   if (this.stretchH) s.height=Math.floor(Math.max(newH,this.minH))+'px';
   clearMessage(); displayMessage(this.statusMsg.format([s.width,s.height]));
  }
  return false;
 };
 e.onmouseup=function(ev) { var ev=ev||window.event;
  if (ev.shiftKey) { this.style.width=this.style.height=''; }
  if (ev.ctrlKey) { this.style.width=this.originalW; this.style.height=this.originalH; }
  this.sizing=false;
  clearMessage();
  return false;
 };
 e.onmouseout=function(ev) { var ev=ev||window.event;
  this.sizing=false;
  clearMessage();
  return false;
 };
}
//}}}
/* |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|!Code
*/
//{{{
version.extensions.InlineJavascriptPlugin= {major: 1, minor: 9, revision: 6, date: new Date(2010,12,15)};
config.formatters.push( {
 name: "inlineJavascript",
 match: "\\<script",
 lookahead: "\\<script(?: type=\\\"[^\\\"]*\\\")?(?: src=\\\"([^\\\"]*)\\\")?(?: label=\\\"([^\\\"]*)\\\")?(?: title=\\\"([^\\\"]*)\\\")?(?: key=\\\"([^\\\"]*)\\\")?( show)?\\>((?:.|\\n)*?)\\</script\\>",
 handler: function(w) {
  var lookaheadRegExp = new RegExp(this.lookahead,"mg");
  lookaheadRegExp.lastIndex = w.matchStart;
  var lookaheadMatch = lookaheadRegExp.exec(w.source)
  if(lookaheadMatch && lookaheadMatch.index == w.matchStart) {
   var src=lookaheadMatch[1];
   var label=lookaheadMatch[2];
   var tip=lookaheadMatch[3];
   var key=lookaheadMatch[4];
   var show=lookaheadMatch[5];
   var code=lookaheadMatch[6];
   if (src) { // external script library
    var script = document.createElement("script"); script.src = src;
    document.body.appendChild(script); document.body.removeChild(script);
   }
   if (code) { // inline code
    if (show) // display source in tiddler
     wikify("{{{\n"+lookaheadMatch[0]+"\n}}}\n",w.output);
    if (label) { // create 'onclick' command link
     var link=createTiddlyElement(w.output,"a",null,"tiddlyLinkExisting",wikifyPlainText(label));
     var fixup=code.replace(/document.write\s*\(/gi,'place.bufferedHTML+=(');
     link.code="function _out(place,tiddler){"+fixup+"\n};_out(this,this.tiddler);"
     link.tiddler=w.tiddler;
     link.onclick=function(){
      this.bufferedHTML="";
      try{ var r=eval(this.code);
       if(this.bufferedHTML.length || (typeof(r)==="string")&&r.length)
        var s=this.parentNode.insertBefore(document.createElement("span"),this.nextSibling);
       if(this.bufferedHTML.length)
        s.innerHTML=this.bufferedHTML;
       if((typeof(r)==="string")&&r.length) {
        wikify(r,s,null,this.tiddler);
        return false;
       } else return r!==undefined?r:false;
      } catch(e){alert(e.description||e.toString());return false;}
     };
     link.setAttribute("title",tip||"");
     var URIcode='javascript:void(eval(decodeURIComponent(%22(function(){try{';
     URIcode+=encodeURIComponent(encodeURIComponent(code.replace(/\n/g,' ')));
     URIcode+='}catch(e){alert(e.description||e.toString())}})()%22)))';
     link.setAttribute("href",URIcode);
     link.style.cursor="pointer";
     if (key) link.accessKey=key.substr(0,1); // single character only
    }
    else { // run script immediately
     var fixup=code.replace(/document.write\s*\(/gi,'place.innerHTML+=(');
     var c="function _out(place,tiddler){"+fixup+"\n};_out(w.output,w.tiddler);";
     try  { var out=eval(c); }
     catch(e) { out=e.description?e.description:e.toString(); }
     if (out && out.length) wikify(out,w.output,w.highlightRegExp,w.tiddler);
    }
   }
   w.nextMatch = lookaheadMatch.index + lookaheadMatch[0].length;
  }
 }
} )
//}}}
// // Backward-compatibility for TW2.1.x and earlier
//{{{
if (typeof(wikifyPlainText)=="undefined") window.wikifyPlainText=function(text,limit,tiddler) {
 if(limit > 0) text = text.substr(0,limit);
 var wikifier = new Wikifier(text,formatter,null,tiddler);
 return wikifier.wikifyPlain();
}
//}}}
// // GLOBAL FUNCTION: $(...) -- 'shorthand' convenience syntax for document.getElementById()
//{{{
if (typeof($)=='undefined') { function $(id) { return document.getElementById(id.replace(/^#/,'')); } }
//}}}
/* |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|
!Configuration
<<<
<<option chkFloatingSlidersAnimate>> allow floating sliders to animate when opening/closing
<<<
!Code
*/
//{{{
version.extensions.NestedSlidersPlugin= {major: 2, minor: 4, revision: 9, date: new Date(2008,11,15)};
// options for deferred rendering of sliders that are not initially displayed
if (config.options.chkFloatingSlidersAnimate===undefined)
 config.options.chkFloatingSlidersAnimate=false; // avoid clipping problems in IE
// default styles for 'floating' class
setStylesheet(".floatingPanel { position:absolute; z-index:10; padding:0.5em; margin:0em; \
 background-color:#fff; color:#014; border:1px solid #000; text-align:left; }","floatingPanelStylesheet");
// if removeCookie() function is not defined by TW core, define it here.
if (window.removeCookie===undefined) {
 window.removeCookie=function(name) {
  document.cookie = name+'=; expires=Thu, 01-Jan-1970 00:00:01 UTC; path=/;';
 }
}
config.formatters.push( {
 name: "nestedSliders",
 match: "\\n?\\+{3}",
 terminator: "\\s*\\={3}\\n?",
 lookahead: "\\n?\\+{3}(\\+)?(\\([^\\)]*\\))?(\\!*)?(\\^(?:[^\\^\\*\\@\\[\\>]*\\^)?)?(\\*)?(\\@)?(?:\\{\\{([\\w]+[\\s\\w]*)\\{)?(\\[[^\\]]*\\])?(\\[[^\\]]*\\])?(?:\\}{3})?(\\#[^:]*\\:)?(\\>)?(\\.\\.\\.)?\\s*",
 handler: function(w)
  {
   lookaheadRegExp = new RegExp(this.lookahead,"mg");
   lookaheadRegExp.lastIndex = w.matchStart;
   var lookaheadMatch = lookaheadRegExp.exec(w.source)
   if(lookaheadMatch && lookaheadMatch.index == w.matchStart)
   {
    var defopen=lookaheadMatch[1];
    var cookiename=lookaheadMatch[2];
    var header=lookaheadMatch[3];
    var panelwidth=lookaheadMatch[4];
    var transient=lookaheadMatch[5];
    var hover=lookaheadMatch[6];
    var buttonClass=lookaheadMatch[7];
    var label=lookaheadMatch[8];
    var openlabel=lookaheadMatch[9];
    var panelID=lookaheadMatch[10];
    var blockquote=lookaheadMatch[11];
    var deferred=lookaheadMatch[12];
    // location for rendering button and panel
    var place=w.output;
    // default to closed, no cookie, no accesskey, no alternate text/tip
    var show="none"; var cookie=""; var key="";
    var closedtext=">"; var closedtip="";
    var openedtext="<"; var openedtip="";
    // extra "+", default to open
    if (defopen) show="block";
    // cookie, use saved open/closed state
    if (cookiename) {
     cookie=cookiename.trim().slice(1,-1);
     cookie="chkSlider"+cookie;
     if (config.options[cookie]==undefined)
      { config.options[cookie] = (show=="block") }
     show=config.options[cookie]?"block":"none";
    }
    // parse label/tooltip/accesskey: [label=X|tooltip]
    if (label) {
     var parts=label.trim().slice(1,-1).split("|");
     closedtext=parts.shift();
     if (closedtext.substr(closedtext.length-2,1)=="=")
      { key=closedtext.substr(closedtext.length-1,1); closedtext=closedtext.slice(0,-2); }
     openedtext=closedtext;
     if (parts.length) closedtip=openedtip=parts.join("|");
     else { closedtip="afficher "+closedtext; openedtip="masquer "+closedtext; }
    }
    // parse alternate label/tooltip: [label|tooltip]
    if (openlabel) {
     var parts=openlabel.trim().slice(1,-1).split("|");
     openedtext=parts.shift();
     if (parts.length) openedtip=parts.join("|");
     else openedtip="hide "+openedtext;
    }
    var title=show=='block'?openedtext:closedtext;
    var tooltip=show=='block'?openedtip:closedtip;
    // create the button
    if (header) { // use "Hn" header format instead of button/link
     var lvl=(header.length>5)?5:header.length;
     var btn = createTiddlyElement(createTiddlyElement(place,"h"+lvl,null,null,null),"a",null,buttonClass,title);
     btn.onclick=onClickNestedSlider;
     btn.setAttribute("href","javascript:;");
     btn.setAttribute("title",tooltip);
    }
    else
     var btn = createTiddlyButton(place,title,tooltip,onClickNestedSlider,buttonClass);
    btn.innerHTML=title; // enables use of HTML entities in label
    // set extra button attributes
    btn.setAttribute("closedtext",closedtext);
    btn.setAttribute("closedtip",closedtip);
    btn.setAttribute("openedtext",openedtext);
    btn.setAttribute("openedtip",openedtip);
    btn.sliderCookie = cookie; // save the cookiename (if any) in the button object
    btn.defOpen=defopen!=null; // save default open/closed state (boolean)
    btn.keyparam=key; // save the access key letter ("" if none)
    if (key.length) {
     btn.setAttribute("accessKey",key); // init access key
     btn.onfocus=function(){this.setAttribute("accessKey",this.keyparam);}; // **reclaim** access key on focus
    }
    btn.setAttribute("hover",hover?"true":"false");
    btn.onmouseover=function(ev) {
     // optional 'open on hover' handling
     if (this.getAttribute("hover")=="true" && this.sliderPanel.style.display=='none') {
      document.onclick.call(document,ev); // close transients
      onClickNestedSlider(ev); // open this slider
     }
     // mouseover on button aligns floater position with button
     if (window.adjustSliderPos) window.adjustSliderPos(this.parentNode,this,this.sliderPanel);
    }
    // create slider panel
    var panelClass=panelwidth?"floatingPanel":"sliderPanel";
    if (panelID) panelID=panelID.slice(1,-1); // trim off delimiters
    var panel=createTiddlyElement(place,"div",panelID,panelClass,null);
    panel.button = btn; // so the slider panel know which button it belongs to
    btn.sliderPanel=panel; // so the button knows which slider panel it belongs to
    panel.defaultPanelWidth=(panelwidth && panelwidth.length>2)?panelwidth.slice(1,-1):"";
    panel.setAttribute("transient",transient=="*"?"true":"false");
    panel.style.display = show;
    panel.style.width=panel.defaultPanelWidth;
    panel.onmouseover=function(event) // mouseover on panel aligns floater position with button
     { if (window.adjustSliderPos) window.adjustSliderPos(this.parentNode,this.button,this); }
    // render slider (or defer until shown)
    w.nextMatch = lookaheadMatch.index + lookaheadMatch[0].length;
    if ((show=="block")||!deferred) {
     // render now if panel is supposed to be shown or NOT deferred rendering
     w.subWikify(blockquote?createTiddlyElement(panel,"blockquote"):panel,this.terminator);
     // align floater position with button
     if (window.adjustSliderPos) window.adjustSliderPos(place,btn,panel);
    }
    else {
     var src = w.source.substr(w.nextMatch);
     var endpos=findMatchingDelimiter(src,"+++","===");
     panel.setAttribute("raw",src.substr(0,endpos));
     panel.setAttribute("blockquote",blockquote?"true":"false");
     panel.setAttribute("rendered","false");
     w.nextMatch += endpos+3;
     if (w.source.substr(w.nextMatch,1)=="\n") w.nextMatch++;
    }
   }
  }
 }
)
function findMatchingDelimiter(src,starttext,endtext) {
 var startpos = 0;
 var endpos = src.indexOf(endtext);
 // check for nested delimiters
 while (src.substring(startpos,endpos-1).indexOf(starttext)!=-1) {
  // count number of nested 'starts'
  var startcount=0;
  var temp = src.substring(startpos,endpos-1);
  var pos=temp.indexOf(starttext);
  while (pos!=-1) { startcount++; pos=temp.indexOf(starttext,pos+starttext.length); }
  // set up to check for additional 'starts' after adjusting endpos
  startpos=endpos+endtext.length;
  // find endpos for corresponding number of matching 'ends'
  while (startcount && endpos!=-1) {
   endpos = src.indexOf(endtext,endpos+endtext.length);
   startcount--;
  }
 }
 return (endpos==-1)?src.length:endpos;
}
//}}}
//{{{
window.onClickNestedSlider=function(e)
{
 if (!e) var e = window.event;
 var theTarget = resolveTarget(e);
 while (theTarget && theTarget.sliderPanel==undefined) theTarget=theTarget.parentNode;
 if (!theTarget) return false;
 var theSlider = theTarget.sliderPanel;
 var isOpen = theSlider.style.display!="none";
 // if SHIFT-CLICK, dock panel first (see [[MoveablePanelPlugin]])
 if (e.shiftKey && config.macros.moveablePanel) config.macros.moveablePanel.dock(theSlider,e);
 // toggle label
 theTarget.innerHTML=isOpen?theTarget.getAttribute("closedText"):theTarget.getAttribute("openedText");
 // toggle tooltip
 theTarget.setAttribute("title",isOpen?theTarget.getAttribute("closedTip"):theTarget.getAttribute("openedTip"));
 // deferred rendering (if needed)
 if (theSlider.getAttribute("rendered")=="false") {
  var place=theSlider;
  if (theSlider.getAttribute("blockquote")=="true")
   place=createTiddlyElement(place,"blockquote");
  wikify(theSlider.getAttribute("raw"),place);
  theSlider.setAttribute("rendered","true");
 }
 // show/hide the slider
 if(config.options.chkAnimate && (!hasClass(theSlider,'floatingPanel') || config.options.chkFloatingSlidersAnimate))
  anim.startAnimating(new Slider(theSlider,!isOpen,e.shiftKey || e.altKey,"none"));
 else
  theSlider.style.display = isOpen ? "none" : "block";
 // reset to default width (might have been changed via plugin code)
 theSlider.style.width=theSlider.defaultPanelWidth;
 // align floater panel position with target button
 if (!isOpen && window.adjustSliderPos) window.adjustSliderPos(theSlider.parentNode,theTarget,theSlider);
 // if showing panel, set focus to first 'focus-able' element in panel
 if (theSlider.style.display!="none") {
  var ctrls=theSlider.getElementsByTagName("*");
  for (var c=0; c<ctrls.length; c++) {
   var t=ctrls[c].tagName.toLowerCase();
   if ((t=="input" && ctrls[c].type!="hidden") || t=="textarea" || t=="select")
    { try{ ctrls[c].focus(); } catch(err){;} break; }
  }
 }
 var cookie=theTarget.sliderCookie;
 if (cookie && cookie.length) {
  config.options[cookie]=!isOpen;
  if (config.options[cookie]!=theTarget.defOpen) window.saveOptionCookie(cookie);
  else window.removeCookie(cookie); // remove cookie if slider is in default display state
 }
 // prevent SHIFT-CLICK from being processed by browser (opens blank window... yuck!)
 // prevent clicks *within* a slider button from being processed by browser
 // but allow plain click to bubble up to page background (to close transients, if any)
 if (e.shiftKey || theTarget!=resolveTarget(e))
  { e.cancelBubble=true; if (e.stopPropagation) e.stopPropagation(); }
 Popup.remove(); // close open popup (if any)
 return false;
}
//}}}
//{{{
// click in document background closes transient panels
document.nestedSliders_savedOnClick=document.onclick;
document.onclick=function(ev) { if (!ev) var ev=window.event; var target=resolveTarget(ev);
 if (document.nestedSliders_savedOnClick)
  var retval=document.nestedSliders_savedOnClick.apply(this,arguments);
 // if click was inside a popup... leave transient panels alone
 var p=target; while (p) if (hasClass(p,"popup")) break; else p=p.parentNode;
 if (p) return retval;
 // if click was inside transient panel (or something contained by a transient panel), leave it alone
 var p=target; while (p) {
  if ((hasClass(p,"floatingPanel")||hasClass(p,"sliderPanel"))&&p.getAttribute("transient")=="true") break;
  p=p.parentNode;
 }
 if (p) return retval;
 // otherwise, find and close all transient panels...
 var all=document.all?document.all:document.getElementsByTagName("DIV");
 for (var i=0; i<all.length; i++) {
   // if it is not a transient panel, or the click was on the button that opened this panel, don't close it.
  if (all[i].getAttribute("transient")!="true" || all[i].button==target) continue;
  // otherwise, if the panel is currently visible, close it by clicking it's button
  if (all[i].style.display!="none") window.onClickNestedSlider({target:all[i].button})
  if (!hasClass(all[i],"floatingPanel")&&!hasClass(all[i],"sliderPanel")) all[i].style.display="none";
 }
 return retval;
};
//}}}
//{{{
// adjust floating panel position based on button position
if (window.adjustSliderPos==undefined) window.adjustSliderPos=function(place,btn,panel) {
 if (hasClass(panel,"floatingPanel") && !hasClass(panel,"undocked")) {
  // see [[MoveablePanelPlugin]] for use of 'undocked'
  var rightEdge=document.body.offsetWidth-1;
  var panelWidth=panel.offsetWidth;
  var left=0;
  var top=btn.offsetHeight;
  if (place.style.position=="relative" && findPosX(btn)+panelWidth>rightEdge) {
   left-=findPosX(btn)+panelWidth-rightEdge; // shift panel relative to button
   if (findPosX(btn)+left<0) left=-findPosX(btn); // stay within left edge
  }
  if (place.style.position!="relative") {
   var left=findPosX(btn);
   var top=findPosY(btn)+btn.offsetHeight;
   var p=place; while (p && !hasClass(p,'floatingPanel')) p=p.parentNode;
   if (p) { left-=findPosX(p); top-=findPosY(p); }
   if (left+panelWidth>rightEdge) left=rightEdge-panelWidth;
   if (left<0) left=0;
  }
  panel.style.left=left+"px"; panel.style.top=top+"px";
 }
}
//}}}
//{{{
// TW2.1 and earlier:
// hijack Slider stop handler so overflow is visible after animation has completed
Slider.prototype.coreStop = Slider.prototype.stop;
Slider.prototype.stop = function()
 { this.coreStop.apply(this,arguments); this.element.style.overflow = "visible"; }
// TW2.2+
// hijack Morpher stop handler so sliderPanel/floatingPanel overflow is visible after animation has completed
if (version.major+.1*version.minor+.01*version.revision>=2.2) {
 Morpher.prototype.coreStop = Morpher.prototype.stop;
 Morpher.prototype.stop = function() {
  this.coreStop.apply(this,arguments);
  var e=this.element;
  if (hasClass(e,"sliderPanel")||hasClass(e,"floatingPanel")) {
   // adjust panel overflow and position after animation
   e.style.overflow = "visible";
   if (window.adjustSliderPos) window.adjustSliderPos(e.parentNode,e.button,e);
  }
 };
}
//}}}
/* |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|
*/
//{{{
version.extensions.QuoteOfTheDayPlugin= {major: 1, minor: 4, revision: 1, date: new Date(2008,3,21)};
config.macros.QOTD = {
 clickTooltip: "click to view another item",
 timerTooltip: "auto-timer stopped... 'mouseout' to restart timer",
 timerClickTooltip: "auto-timer stopped... click to view another item, or 'mouseout' to restart timer",
 handler:
 function(place,macroName,params) {
 var tid=params.shift(); // source tiddler containing HR-separated quotes
 var p=params.shift();
 var click=true; // allow click for next item
 var inline=false; // wrap in slider for animation effect
 var random=true; // pick an item at random (default for "quote of the day" usage)
 var folder=false; // use local filesystem folder list
 var cookie=""; // default to no cookie
 var next=0; // default to first item (or random item)
 while (p) {
 if (p.toLowerCase()=="noclick") var click=false;
 if (p.toLowerCase()=="inline") var inline=true;
 if (p.toLowerCase()=="norandom") var random=false;
 if (p.toLowerCase().substr(0,7)=="cookie:") var cookie=p.substr(8);
 if (!isNaN(p)) var delay=p;
 p=params.shift();
 }
 if ((click||delay) && !inline) {
 var panel = createTiddlyElement(null,"div",null,"sliderPanel");
 panel.style.display="none";
 place.appendChild(panel);
 var here=createTiddlyElement(panel,click?"a":"span",null,"QOTD");
 }
 else
 var here=createTiddlyElement(place,click?"a":"span",null,"QOTD");
 here.id=(new Date()).convertToYYYYMMDDHHMMSSMMM()+Math.random().toString(); // unique ID
 // get items from tiddler or file list
 var list=store.getTiddlerText(tid,"");
 if (!list||!list.length) { // not a tiddler... maybe an image directory?
 var list=this.getImageFileList(tid);
 if (!list.length) { // maybe relative path... fixup and try again
 var h=document.location.href;
 var p=getLocalPath(decodeURIComponent(h.substr(0,h.lastIndexOf("/")+1)));
 var list=this.getImageFileList(p+tid);
 }
 }
 if (!list||!list.length) return false; // no contents... nothing to display!
 here.setAttribute("list",list);
 if (delay) here.setAttribute("delay",delay);
 here.setAttribute("random",random);
 here.setAttribute("cookie",cookie);
 if (click) {
 here.title=this.clickTooltip
 if (!inline) here.style.display="block";
 here.setAttribute("href","javascript:;");
 here.onclick=function(event)
 { config.macros.QOTD.showNextItem(this); }
 }
 if (config.options["txtQOTD_"+cookie]!=undefined) next=parseInt(config.options["txtQOTD_"+cookie]);
 here.setAttribute("nextItem",next);
 config.macros.QOTD.showNextItem(here);
 if (delay) {
 here.title=click?this.timerClickTooltip:this.timerTooltip
 here.onmouseover=function(event)
 { clearTimeout(this.ticker); };
 here.onmouseout=function(event)
 { this.ticker=setTimeout("config.macros.QOTD.tick('"+this.id+"')",this.getAttribute("delay")); };
 here.ticker=setTimeout("config.macros.QOTD.tick('"+here.id+"')",delay);
 }
 },
 tick: function(id) {
 var here=document.getElementById(id); if (!here) return;
 config.macros.QOTD.showNextItem(here);
 here.ticker=setTimeout("config.macros.QOTD.tick('"+id+"')",here.getAttribute("delay"));
 },
 showNextItem:
 function (here) {
 // hide containing slider panel (if any)
 var p=here.parentNode;
 if (p.className=="sliderPanel") p.style.display = "none"
 // get a new quote
 var index=here.getAttribute("nextItem");
 var items=here.getAttribute("list").split("\n----\n");
 if (index<0||index>=items.length) index=0;
 if (here.getAttribute("random")=="true") index=Math.floor(Math.random()*items.length);
 var txt=items[index];
 // re-render quote display element, and advance index counter
 removeChildren(here); wikify(txt,here);
 index++; here.setAttribute("nextItem",index);
 var cookie=here.getAttribute("cookie");
 if (cookie.length) {
 config.options["txtQOTD_"+cookie]=index.toString();
 saveOptionCookie("txtQOTD_"+cookie);
 }
 // redisplay slider panel (if any)
 if (p.className=="sliderPanel") {
 if(anim && config.options.chkAnimate)
 anim.startAnimating(new Slider(p,true,false,"none"));
 else p.style.display="block";
 }
 },
 getImageFileList: function(cwd) { // returns HR-separated list of image files
 function isImage(fn) {
 var ext=fn.substr(fn.length-3,3).toLowerCase();
 return ext=="jpg"||ext=="gif"||ext=="png";
 }
 var files=[];
 if (config.browser.isIE) {
 cwd=cwd.replace(/\//g,"\\");
 // IE uses ActiveX to read filesystem info
 var fso = new ActiveXObject("Scripting.FileSystemObject");
 if(!fso.FolderExists(cwd)) return [];
 var dir=fso.GetFolder(cwd);
 for(var f=new Enumerator(dir.Files); !f.atEnd(); f.moveNext())
 if (isImage(f.item().path)) files.push("[img[%0]]".format(["file:///"+f.item().path.replace(/\\/g,"/")]));
 } else {
 // FireFox (mozilla) uses "components" to read filesystem info
 // get security access
 if(!window.Components) return;
 try { netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect"); }
 catch(e) { alert(e.description?e.description:e.toString()); return []; }
 // open/validate directory
 var file=Components.classes["@mozilla.org/file/local;1"].createInstance(Components.interfaces.nsILocalFile);
 try { file.initWithPath(cwd); } catch(e) { return []; }
 if (!file.exists() || !file.isDirectory()) { return []; }
 var folder=file.directoryEntries;
 while (folder.hasMoreElements()) {
 var f=folder.getNext().QueryInterface(Components.interfaces.nsILocalFile);
 if (f instanceof Components.interfaces.nsILocalFile)
 if (isImage(f.path)) files.push("[img[%0]]".format(["file:///"+f.path.replace(/\\/g,"/")]));
 }
 }
 return files.join("\n----\n");
 }
}
//}}}
/% |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|
!end
!show
<<tiddler {{
 var here=story.findContainingTiddler(place); if (here) {
  var nodes=here.getElementsByTagName("*");
  for (var i=0; i<nodes.length; i++) if (hasClass(nodes[i],"title"))
   { removeChildren(nodes[i]); wikify("$1",nodes[i]); break; }
 }
'';}}>>
!end
%/<<tiddler {{'.ReplaceTiddlerTitle##'+('$1'=='$'+'1'?'info':'show')}} with: [[$1]]>>
/* |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements|
*/
//{{{
version.extensions.SinglePageModePlugin= {major: 2, minor: 9, revision: 7, date: new Date(2010,11,30)};
//}}}
//{{{
config.paramifiers.SPM = { onstart: function(v) {
 config.options.chkSinglePageMode=eval(v);
 if (config.options.chkSinglePageMode && config.options.chkSinglePagePermalink && !config.browser.isSafari) {
 config.lastURL = window.location.hash;
 if (!config.SPMTimer) config.SPMTimer=window.setInterval(function() {checkLastURL();},1000);
 }
} };
//}}}
//{{{
if (config.options.chkSinglePageMode==undefined)
 config.options.chkSinglePageMode=false;
if (config.options.chkSinglePagePermalink==undefined)
 config.options.chkSinglePagePermalink=true;
if (config.options.chkSinglePageKeepFoldedTiddlers==undefined)
 config.options.chkSinglePageKeepFoldedTiddlers=false;
if (config.options.chkSinglePageKeepEditedTiddlers==undefined)
 config.options.chkSinglePageKeepEditedTiddlers=false;
if (config.options.chkTopOfPageMode==undefined)
 config.options.chkTopOfPageMode=false;
if (config.options.chkBottomOfPageMode==undefined)
 config.options.chkBottomOfPageMode=false;
if (config.options.chkSinglePageAutoScroll==undefined)
 config.options.chkSinglePageAutoScroll=false;
//}}}
//{{{
config.SPMTimer = 0;
config.lastURL = window.location.hash;
function checkLastURL()
{
 if (!config.options.chkSinglePageMode)
 { window.clearInterval(config.SPMTimer); config.SPMTimer=0; return; }
 if (config.lastURL == window.location.hash) return; // no change in hash
 var tids=decodeURIComponent(window.location.hash.substr(1)).readBracketedList();
 if (tids.length==1) // permalink (single tiddler in URL)
 story.displayTiddler(null,tids[0]);
 else { // restore permaview or default view
 config.lastURL = window.location.hash;
 if (!tids.length) tids=store.getTiddlerText("DefaultTiddlers").readBracketedList();
 story.closeAllTiddlers();
 story.displayTiddlers(null,tids);
 }
}
if (Story.prototype.SPM_coreDisplayTiddler==undefined)
 Story.prototype.SPM_coreDisplayTiddler=Story.prototype.displayTiddler;
Story.prototype.displayTiddler = function(srcElement,tiddler,template,animate,slowly)
{
 var title=(tiddler instanceof Tiddler)?tiddler.title:tiddler;
 var tiddlerElem=story.getTiddler(title); // ==null unless tiddler is already displayed
 var opt=config.options;
 var single=opt.chkSinglePageMode && !startingUp;
 var top=opt.chkTopOfPageMode && !startingUp;
 var bottom=opt.chkBottomOfPageMode && !startingUp;
 if (single) {
 story.forEachTiddler(function(tid,elem) {
 // skip current tiddler and, optionally, tiddlers that are folded.
 if ( tid==title
 || (opt.chkSinglePageKeepFoldedTiddlers && elem.getAttribute("folded")=="true"))
 return;
 // if a tiddler is being edited, ask before closing
 if (elem.getAttribute("dirty")=="true") {
 if (opt.chkSinglePageKeepEditedTiddlers) return;
 // if tiddler to be displayed is already shown, then leave active tiddler editor as is
 // (occurs when switching between view and edit modes)
 if (tiddlerElem) return;
 // otherwise, ask for permission
 var msg="'"+tid+"' is currently being edited.\n\n";
 msg+="Press OK to save and close this tiddler\nor press Cancel to leave it opened";
 if (!confirm(msg)) return; else story.saveTiddler(tid);
 }
 story.closeTiddler(tid);
 });
 }
 else if (top)
 arguments[0]=null;
 else if (bottom)
 arguments[0]="bottom";
 if (single && opt.chkSinglePagePermalink && !config.browser.isSafari) {
 window.location.hash = encodeURIComponent(String.encodeTiddlyLink(title));
 config.lastURL = window.location.hash;
 document.title = wikifyPlain("SiteTitle") + " - " + title;
 if (!config.SPMTimer) config.SPMTimer=window.setInterval(function() {checkLastURL();},1000);
 }
 if (tiddlerElem && tiddlerElem.getAttribute("dirty")=="true") { // editing... move tiddler without re-rendering
 var isTopTiddler=(tiddlerElem.previousSibling==null);
 if (!isTopTiddler && (single || top))
 tiddlerElem.parentNode.insertBefore(tiddlerElem,tiddlerElem.parentNode.firstChild);
 else if (bottom)
 tiddlerElem.parentNode.insertBefore(tiddlerElem,null);
 else this.SPM_coreDisplayTiddler.apply(this,arguments); // let CORE render tiddler
 } else
 this.SPM_coreDisplayTiddler.apply(this,arguments); // let CORE render tiddler
 var tiddlerElem=story.getTiddler(title);
 if (tiddlerElem&&opt.chkSinglePageAutoScroll) {
 // scroll to top of page or top of tiddler
 var isTopTiddler=(tiddlerElem.previousSibling==null);
 var yPos=isTopTiddler?0:ensureVisible(tiddlerElem);
 // if animating, defer scroll until after animation completes
 var delay=opt.chkAnimate?config.animDuration+10:0;
 setTimeout("window.scrollTo(0,"+yPos+")",delay);
 }
}
if (Story.prototype.SPM_coreDisplayTiddlers==undefined)
 Story.prototype.SPM_coreDisplayTiddlers=Story.prototype.displayTiddlers;
Story.prototype.displayTiddlers = function() {
 // suspend single/top/bottom modes when showing multiple tiddlers
 var opt=config.options;
 var saveSPM=opt.chkSinglePageMode; opt.chkSinglePageMode=false;
 var saveTPM=opt.chkTopOfPageMode; opt.chkTopOfPageMode=false;
 var saveBPM=opt.chkBottomOfPageMode; opt.chkBottomOfPageMode=false;
 this.SPM_coreDisplayTiddlers.apply(this,arguments);
 opt.chkBottomOfPageMode=saveBPM;
 opt.chkTopOfPageMode=saveTPM;
 opt.chkSinglePageMode=saveSPM;
}
//}}}
/* |Author|Eric Shulman|License|http://www.TiddlyTools.com/#LegalStatements| */
//{{{
version.extensions.WikifyPlugin= {major: 1, minor: 1, revision: 4, date: new Date(2009,3,29)};
config.macros.wikify={
 handler: function(place,macroName,params,wikifier,paramString,tiddler) {
  var fmt=params.shift();
  var values=[];
  var out="";
  if (!fmt.match(/\%[0-9]/g) && params.length) // format has no markers, just join all params with spaces
   out=fmt+" "+params.join(" ");
  else { // format param has markers, get values and perform substitution
   while (p=params.shift()) values.push(this.getFieldReference(place,p));
   out=fmt.format(values);
  }
  if (macroName=="wikiCalc") out=eval(out).toString();
  wikify(out.unescapeLineBreaks(),place,null,tiddler);
 },
 getFieldReference: function(place,p) { // "slicename::tiddlername" or "fieldname@tiddlername" or "fieldname"
  if (typeof p != "string") return p; // literal non-string value... just return it...
  var parts=p.split(config.textPrimitives.sliceSeparator);
  if (parts.length==2) {// maybe a slice reference?
   var tid=parts[0]; var slice=parts[1];
   if (!tid || !tid.length || tid=="here") { // no target (or "here"), use containing tiddler
    tid=story.findContainingTiddler(place);
    if (tid) tid=tid.getAttribute("tiddler")
    else tid="SiteSlices"; // fallback for 'non-tiddler' areas (e.g, header, sidebar, etc.)
   }
   var val=store.getTiddlerSlice(tid,slice); // get tiddler slice value
  }
  if (val==undefined) {// not a slice, or slice not found, maybe a field reference?
   var parts=p.split("@");
   var field=parts[0];
   if (!field || !field.length) field="checked"; // missing fieldname, fallback: checked@tiddlername
   var tid=parts[1];
   if (!tid || !tid.length || tid=="here") { // no target (or "here"), use containing tiddler
    tid=story.findContainingTiddler(place);
    if (tid) tid=tid.getAttribute("tiddler")
    else tid="SiteFields"; // fallback for 'non-tiddler' areas (e.g, header, sidebar, etc.)
   }
   var val=store.getValue(tid,field);
  }
  // not a slice or field, or slice/field not found... return value unchanged
  return val===undefined?p:val;
 }
}
//}}}
//{{{
// define alternative macroName for triggering pre-rendering call to eval()
config.macros.wikiCalc=config.macros.wikify;
//}}}
<!--{{{-->
<span class='yourSearchNumber' macro='foundTiddler number'></span>
<span class='yourSearchTitle' macro='foundTiddler title text 100'/></span> —
<span class='yourSearchTags' macro='foundTiddler field tags 0'/></span>
<!--}}}-->
/* |YourSearchPlugin v2.1.6 (2012-04-19)|http://tiddlywiki.abego-software.de/#YourSearchPlugin|https://github.com/abego/YourSearchPlugin|
|Author|UdoBorkowski (ub [at] abego-software [dot] de)|[[BSD open source license|http://www.abego-software.de/legal/apl-v10.html]]| */
///%
if(!version.extensions.YourSearchPlugin){version.extensions.YourSearchPlugin={major:2,minor:1,revision:6,source:"http://tiddlywiki.abego-software.de/#YourSearchPlugin",licence:"[[BSD open source license (abego Software)|http://www.abego-software.de/legal/apl-v10.html]]",copyright:"Copyright (c) abego Software GmbH, 2005-2012 (www.abego-software.de)"};if(!window.abego){window.abego={}}if(!Array.forEach){Array.forEach=function(c,e,d){for(var b=0,a=c.length;b<a;b++){e.call(d,c[b],b,c)}};Array.prototype.forEach=function(d,c){for(var b=0,a=this.length;b<a;b++){d.call(c,this[b],b,this)}}}abego.toInt=function(b,a){if(!b){return a}var c=parseInt(b);return(c==NaN)?a:c};abego.createEllipsis=function(a){var b=createTiddlyElement(a,"span");b.innerHTML="&hellip;"};abego.shallowCopy=function(b){if(!b){return b}var a={};for(var c in b){a[c]=b[c]}return a};abego.copyOptions=function(a){return !a?{}:abego.shallowCopy(a)};abego.countStrings=function(d,c){if(!c){return 0}var a=c.length;var f=0;var e=0;while(true){var b=d.indexOf(c,e);if(b<0){return f}f++;e=b+a}return f};abego.getBracedText=function(j,e,a){if(!e){e=0}var k=/\{([^\}]*)\}/gm;k.lastIndex=e;var d=k.exec(j);if(d){var l=d[1];var b=abego.countStrings(l,"{");if(!b){if(a){a.lastIndex=k.lastIndex}return l}var g=j.length;for(var f=k.lastIndex;f<g&&b;f++){var h=j.charAt(f);if(h=="{"){b++}else{if(h=="}"){b--}}}if(!b){if(a){a.lastIndex=f-1}return j.substring(d.index+1,f-1)}}};abego.select=function(d,c,b,a){if(!a){a=[]}d.forEach(function(e){if(c.call(b,e)){a.push(e)}});return a};abego.consumeEvent=function(a){if(a.stopPropagation){a.stopPropagation()}if(a.preventDefault){a.preventDefault()}a.cancelBubble=true;a.returnValue=true};abego.TiddlerFilterTerm=function(d,b){if(!b){b={}}var c=d;if(!b.textIsRegExp){c=d.escapeRegExp();if(b.fullWordMatch){c="\\b"+c+"\\b"}}var a=new RegExp(c,"m"+(b.caseSensitive?"":"i"));this.tester=new abego.MultiFieldRegExpTester(a,b.fields,b.withExtendedFields)};abego.TiddlerFilterTerm.prototype.test=function(a){return this.tester.test(a)};abego.parseNewTiddlerCommandLine=function(c){var a=/(.*?)\.(?:\s+|$)([^#]*)(#.*)?/.exec(c);if(!a){a=/([^#]*)()(#.*)?/.exec(c)}if(a){var d;if(a[3]){var b=a[3].replace(/#/g,"");d=b.parseParams("tag")}else{d=[[]]}var e=a[2]?a[2].trim():"";d.push({name:"text",value:e});d[0].text=[e];return{title:a[1].trim(),params:d}}else{return{title:c.trim(),params:[[]]}}};abego.parseTiddlerFilterTerm=function(queryText,offset,options){var re=/\s*(?:(?:\{([^\}]*)\})|(?:(=)|([#%!])|(?:(\w+)\s*\:(?!\/\/))|(?:(?:("(?:(?:\\")|[^"])+")|(?:\/((?:(?:\\\/)|[^\/])+)\/)|(\w+\:\/\/[^\s]+)|([^\s\)\-\"]+)))))/mg;var shortCuts={"!":"title","%":"text","#":"tags"};var fieldNames={};var fullWordMatch=false;re.lastIndex=offset;while(true){var i=re.lastIndex;var m=re.exec(queryText);if(!m||m.index!=i){throw"Word or String literal expected"}if(m[1]){var lastIndexRef={};var code=abego.getBracedText(queryText,0,lastIndexRef);if(!code){throw"Invalid {...} syntax"}var f=Function("tiddler","return ("+code+");");return{func:f,lastIndex:lastIndexRef.lastIndex,markRE:null}}if(m[2]){fullWordMatch=true}else{if(m[3]){fieldNames[shortCuts[m[3]]]=1}else{if(m[4]){fieldNames[m[4]]=1}else{var textIsRegExp=m[6];var text=m[5]?window.eval(m[5]):m[6]?m[6]:m[7]?m[7]:m[8];options=abego.copyOptions(options);options.fullWordMatch=fullWordMatch;options.textIsRegExp=textIsRegExp;var fields=[];for(var n in fieldNames){fields.push(n)}if(fields.length==0){options.fields=options.defaultFields}else{options.fields=fields;options.withExtendedFields=false}var term=new abego.TiddlerFilterTerm(text,options);var markREText=textIsRegExp?text:text.escapeRegExp();if(markREText&&fullWordMatch){markREText="\\b"+markREText+"\\b"}return{func:function(tiddler){return term.test(tiddler)},lastIndex:re.lastIndex,markRE:markREText?"(?:"+markREText+")":null}}}}}};abego.BoolExp=function(i,c,j){this.s=i;var h=j&&j.defaultOperationIs_OR;var e=/\s*\)/g;var f=/\s*(?:(and|\&\&)|(or|\|\|))/gi;var b=/\s*(\-|not)?(\s*\()?/gi;var a;var d=function(p){b.lastIndex=p;var l=b.exec(i);var o=false;var k=null;if(l&&l.index==p){p+=l[0].length;o=l[1];if(l[2]){var n=a(p);e.lastIndex=n.lastIndex;if(!e.exec(i)){throw"Missing ')'"}k={func:n.func,lastIndex:e.lastIndex,markRE:n.markRE}}}if(!k){k=c(i,p,j)}if(o){k.func=(function(m){return function(q){return !m(q)}})(k.func);k.markRE=null}return k};a=function(s){var n=d(s);while(true){var p=n.lastIndex;f.lastIndex=p;var k=f.exec(i);var o;var q;if(k&&k.index==p){o=!k[1];q=d(f.lastIndex)}else{try{q=d(p)}catch(r){return n}o=h}n.func=(function(t,m,l){return l?function(u){return t(u)||m(u)}:function(u){return t(u)&&m(u)}})(n.func,q.func,o);n.lastIndex=q.lastIndex;if(!n.markRE){n.markRE=q.markRE}else{if(q.markRE){n.markRE=n.markRE+"|"+q.markRE}}}};var g=a(0);this.evalFunc=g.func;if(g.markRE){this.markRegExp=new RegExp(g.markRE,j.caseSensitive?"mg":"img")}};abego.BoolExp.prototype.exec=function(){return this.evalFunc.apply(this,arguments)};abego.BoolExp.prototype.getMarkRegExp=function(){return this.markRegExp};abego.BoolExp.prototype.toString=function(){return this.s};abego.MultiFieldRegExpTester=function(b,a,c){this.re=b;this.fields=a?a:["title","text","tags"];this.withExtendedFields=c};abego.MultiFieldRegExpTester.prototype.test=function(b){var d=this.re;for(var a=0;a<this.fields.length;a++){var c=store.getValue(b,this.fields[a]);if(typeof c=="string"&&d.test(c)){return this.fields[a]}}if(this.withExtendedFields){return store.forEachField(b,function(e,g,f){return typeof f=="string"&&d.test(f)?g:null},true)}return null};abego.TiddlerQuery=function(b,a,d,c,e){if(d){this.regExp=new RegExp(b,a?"mg":"img");this.tester=new abego.MultiFieldRegExpTester(this.regExp,c,e)}else{this.expr=new abego.BoolExp(b,abego.parseTiddlerFilterTerm,{defaultFields:c,caseSensitive:a,withExtendedFields:e})}this.getQueryText=function(){return b};this.getUseRegExp=function(){return d};this.getCaseSensitive=function(){return a};this.getDefaultFields=function(){return c};this.getWithExtendedFields=function(){return e}};abego.TiddlerQuery.prototype.test=function(a){if(!a){return false}if(this.regExp){return this.tester.test(a)}return this.expr.exec(a)};abego.TiddlerQuery.prototype.filter=function(a){return abego.select(a,this.test,this)};abego.TiddlerQuery.prototype.getMarkRegExp=function(){if(this.regExp){return"".search(this.regExp)>=0?null:this.regExp}return this.expr.getMarkRegExp()};abego.TiddlerQuery.prototype.toString=function(){return(this.regExp?this.regExp:this.expr).toString()};abego.PageWiseRenderer=function(){this.firstIndexOnPage=0};merge(abego.PageWiseRenderer.prototype,{setItems:function(a){this.items=a;this.setFirstIndexOnPage(0)},getMaxPagesInNavigation:function(){return 10},getItemsCount:function(a){return this.items?this.items.length:0},getCurrentPageIndex:function(){return Math.floor(this.firstIndexOnPage/this.getItemsPerPage())},getLastPageIndex:function(){return Math.floor((this.getItemsCount()-1)/this.getItemsPerPage())},setFirstIndexOnPage:function(a){this.firstIndexOnPage=Math.min(Math.max(0,a),this.getItemsCount()-1)},getFirstIndexOnPage:function(){this.firstIndexOnPage=Math.floor(this.firstIndexOnPage/this.getItemsPerPage())*this.getItemsPerPage();return this.firstIndexOnPage},getLastIndexOnPage:function(){return Math.min(this.getFirstIndexOnPage()+this.getItemsPerPage()-1,this.getItemsCount()-1)},onPageChanged:function(a,b){},renderPage:function(a){if(a.beginRendering){a.beginRendering(this)}try{if(this.getItemsCount()){var d=this.getLastIndexOnPage();var c=-1;for(var b=this.getFirstIndexOnPage();b<=d;b++){c++;a.render(this,this.items[b],b,c)}}}finally{if(a.endRendering){a.endRendering(this)}}},addPageNavigation:function(c){if(!this.getItemsCount()){return}var k=this;var g=function(n){if(!n){n=window.event}abego.consumeEvent(n);var i=abego.toInt(this.getAttribute("page"),0);var m=k.getCurrentPageIndex();if(i==m){return}var l=i*k.getItemsPerPage();k.setFirstIndexOnPage(l);k.onPageChanged(i,m)};var e;var h=this.getCurrentPageIndex();var f=this.getLastPageIndex();if(h>0){e=createTiddlyButton(c,"Précédent","Page précédente (Raccourci: Alt-'<')",g,"prev");e.setAttribute("page",(h-1).toString());e.setAttribute("accessKey","<")}for(var d=-this.getMaxPagesInNavigation();d<this.getMaxPagesInNavigation();d++){var b=h+d;if(b<0){continue}if(b>f){break}var a=(d+h+1).toString();var j=b==h?"currentPage":"otherPage";e=createTiddlyButton(c,a,"Aller page %0".format([a]),g,j);e.setAttribute("page",(b).toString())}if(h<f){e=createTiddlyButton(c,"Suivant","Page suivante (Raccourci: Alt-'>')",g,"next");e.setAttribute("page",(h+1).toString());e.setAttribute("accessKey",">")}}});abego.LimitedTextRenderer=function(){var l=40;var c=4;var k=function(p,z,v){var q=p.length;if(q==0){p.push({start:z,end:v});return}var u=0;for(;u<q;u++){var w=p[u];if(w.start<=v&&z<=w.end){var o;var s=u+1;for(;s<q;s++){o=p[s];if(o.start>v||z>w.end){break}}var x=z;var y=v;for(var t=u;t<s;t++){o=p[t];x=Math.min(x,o.start);y=Math.max(y,o.end)}p.splice(u,s-u,{start:x,end:y});return}if(w.start>v){break}}p.splice(u,0,{start:z,end:v})};var d=function(n){var q=0;for(var p=0;p<n.length;p++){var o=n[p];q+=o.end-o.start}return q};var b=function(n){return(n>="a"&&n<="z")||(n>="A"&&n<="Z")||n=="_"};var f=function(p,r){if(!b(p[r])){return null}for(var o=r-1;o>=0&&b(p[o]);o--){}var q=o+1;var t=p.length;for(o=r+1;o<t&&b(p[o]);o++){}return{start:q,end:o}};var a=function(o,q,p){var n;if(p){n=f(o,q)}else{if(q<=0){return q}n=f(o,q-1)}if(!n){return q}if(p){if(n.start>=q-c){return n.start}if(n.end<=q+c){return n.end}}else{if(n.end<=q+c){return n.end}if(n.start>=q-c){return n.start}}return q};var j=function(r,q){var n=[];if(q){var u=0;do{q.lastIndex=u;var o=q.exec(r);if(o){if(u<o.index){var p=r.substring(u,o.index);n.push({text:p})}n.push({text:o[0],isMatch:true});u=o.index+o[0].length}else{n.push({text:r.substr(u)});break}}while(true)}else{n.push({text:r})}return n};var i=function(p){var n=0;for(var o=0;o<p.length;o++){if(p[o].isMatch){n++}}return n};var h=function(v,u,q,t,o){var w=Math.max(Math.floor(o/(t+1)),l);var n=Math.max(w-(q-u),0);var r=Math.min(Math.floor(q+n/3),v.length);var p=Math.max(r-w,0);p=a(v,p,true);r=a(v,r,false);return{start:p,end:r}};var m=function(r,y,o){var n=[];var v=i(r);var u=0;for(var p=0;p<r.length;p++){var x=r[p];var w=x.text;if(x.isMatch){var q=h(y,u,u+w.length,v,o);k(n,q.start,q.end)}u+=w.length}return n};var g=function(t,p,o){var n=o-d(p);while(n>0){if(p.length==0){k(p,0,a(t,o,false));return}else{var q=p[0];var v;var r;if(q.start==0){v=q.end;if(p.length>1){r=p[1].start}else{k(p,v,a(t,v+n,false));return}}else{v=0;r=q.start}var u=Math.min(r,v+n);k(p,v,u);n-=(u-v)}}};var e=function(p,x,w,n,o){if(n.length==0){return}var u=function(z,I,D,F,C){var H;var G;var E=0;var B=0;var A=0;for(;B<D.length;B++){H=D[B];G=H.text;if(F<E+G.length){A=F-E;break}E+=G.length}var y=C-F;for(;B<D.length&&y>0;B++){H=D[B];G=H.text.substr(A);A=0;if(G.length>y){G=G.substr(0,y)}if(H.isMatch){createTiddlyElement(z,"span",null,"marked",G)}else{createTiddlyText(z,G)}y-=G.length}if(C<I.length){abego.createEllipsis(z)}};if(n[0].start>0){abego.createEllipsis(p)}var q=o;for(var r=0;r<n.length&&q>0;r++){var t=n[r];var v=Math.min(t.end-t.start,q);u(p,x,w,t.start,t.start+v);q-=v}};this.render=function(p,q,o,t){if(q.length<o){o=q.length}var r=j(q,t);var n=m(r,q,o);g(q,n,o);e(p,q,r,n,o)}};(function(){function alertAndThrow(msg){alert(msg);throw msg}if(version.major<2||(version.major==2&&version.minor<1)){alertAndThrow("YourSearchPlugin requires TiddlyWiki 2.1 or newer.\n\nCheck the archive for YourSearch plugins\nsupporting older versions of TiddlyWiki.\n\nArchive: http://tiddlywiki.abego-software.de/archive")}abego.YourSearch={};var lastResults=undefined;var lastQuery=undefined;var setLastResults=function(array){lastResults=array};var getLastResults=function(){return lastResults?lastResults:[]};var getLastResultsCount=function(){return lastResults?lastResults.length:0};var matchInTitleWeight=4;var precisionInTitleWeight=10;var matchInTagsWeight=2;var getMatchCount=function(s,re){var m=s.match(re);return m?m.length:0};var standardRankFunction=function(tiddler,query){var markRE=query.getMarkRegExp();if(!markRE){return 1}var matchesInTitle=tiddler.title.match(markRE);var nMatchesInTitle=matchesInTitle?matchesInTitle.length:0;var nMatchesInTags=getMatchCount(tiddler.getTags(),markRE);var lengthOfMatchesInTitle=matchesInTitle?matchesInTitle.join("").length:0;var precisionInTitle=tiddler.title.length>0?lengthOfMatchesInTitle/tiddler.title.length:0;var rank=nMatchesInTitle*matchInTitleWeight+nMatchesInTags*matchInTagsWeight+precisionInTitle*precisionInTitleWeight+1;return rank};var findMatches=function(store,searchText,caseSensitive,useRegExp,sortField,excludeTag){lastQuery=null;var candidates=store.reverseLookup("tags",excludeTag,false);try{var defaultFields=[];if(config.options.chkSearchInTitle){defaultFields.push("title")}if(config.options.chkSearchInText){defaultFields.push("text")}if(config.options.chkSearchInTags){defaultFields.push("tags")}lastQuery=new abego.TiddlerQuery(searchText,caseSensitive,useRegExp,defaultFields,config.options.chkSearchExtendedFields)}catch(e){return[]}var results=lastQuery.filter(candidates);var rankFunction=abego.YourSearch.getRankFunction();for(var i=0;i<results.length;i++){var tiddler=results[i];var rank=rankFunction(tiddler,lastQuery);tiddler.searchRank=rank}if(!sortField){sortField="title"}var sortFunction=function(a,b){var searchRankDiff=a.searchRank-b.searchRank;if(searchRankDiff==0){if(a[sortField]==b[sortField]){return(0)}else{return(a[sortField]<b[sortField])?-1:+1}}else{return(searchRankDiff>0)?-1:+1}};results.sort(sortFunction);return results};var maxCharsInTitle=80;var maxCharsInTags=50;var maxCharsInText=250;var maxCharsInField=50;var itemsPerPageDefault=25;var itemsPerPageWithPreviewDefault=10;var yourSearchResultID="yourSearchResult";var yourSearchResultItemsID="yourSearchResultItems";var lastSearchText=null;var resultElement=null;var searchInputField=null;var searchButton=null;var lastNewTiddlerButton=null;var initStylesheet=function(){if(version.extensions.YourSearchPlugin.styleSheetInited){return}version.extensions.YourSearchPlugin.styleSheetInited=true;setStylesheet(store.getTiddlerText("YourSearchStyleSheet"),"yourSearch")};var isResultOpen=function(){return resultElement!=null&&resultElement.parentNode==document.body};var closeResult=function(){if(isResultOpen()){document.body.removeChild(resultElement)}};var closeResultAndDisplayTiddler=function(e){closeResult();var title=this.getAttribute("tiddlyLink");if(title){var withHilite=this.getAttribute("withHilite");var oldHighlightHack=highlightHack;if(withHilite&&withHilite=="true"&&lastQuery){highlightHack=lastQuery.getMarkRegExp()}story.displayTiddler(this,title);highlightHack=oldHighlightHack}return(false)};var adjustResultPositionAndSize=function(){if(!searchInputField){return}var root=searchInputField;var rootLeft=findPosX(root);var rootTop=findPosY(root);var rootHeight=root.offsetHeight;var popupLeft=rootLeft;var popupTop=rootTop+rootHeight;var winWidth=findWindowWidth();if(winWidth<resultElement.offsetWidth){resultElement.style.width=(winWidth-100)+"px";winWidth=findWindowWidth()}var popupWidth=resultElement.offsetWidth;if(popupLeft+popupWidth>winWidth){popupLeft=winWidth-popupWidth-30}if(popupLeft<0){popupLeft=0}resultElement.style.left=popupLeft+"px";resultElement.style.top=popupTop+"px";resultElement.style.display="block"};var scrollVisible=function(){if(resultElement){window.scrollTo(0,ensureVisible(resultElement))}if(searchInputField){window.scrollTo(0,ensureVisible(searchInputField))}};var ensureResultIsDisplayedNicely=function(){adjustResultPositionAndSize();scrollVisible()};var indexInPage=undefined;var currentTiddler=undefined;var pager=new abego.PageWiseRenderer();var MyItemRenderer=function(parent){this.itemHtml=store.getTiddlerText(".YourSearchItemTemplate");if(!this.itemHtml){alertAndThrow(".YourSearchItemTemplate not found")}this.place=document.getElementById(yourSearchResultItemsID);if(!this.place){this.place=createTiddlyElement(parent,"div",yourSearchResultItemsID)}};merge(MyItemRenderer.prototype,{render:function(pager,object,index,indexOnPage){indexInPage=indexOnPage;currentTiddler=object;var item=createTiddlyElement(this.place,"div",null,"yourSearchItem");item.innerHTML=this.itemHtml;applyHtmlMacros(item,null);refreshElements(item,null)},endRendering:function(pager){currentTiddler=null}});var refreshResult=function(){if(!resultElement||!searchInputField){return}var html=store.getTiddlerText("YourSearchResultTemplate");if(!html){html="<b>Tiddler YourSearchResultTemplate not found</b>"}resultElement.innerHTML=html;applyHtmlMacros(resultElement,null);refreshElements(resultElement,null);var itemRenderer=new MyItemRenderer(resultElement);pager.renderPage(itemRenderer);ensureResultIsDisplayedNicely()};pager.getItemsPerPage=function(){var n=(config.options.chkPreviewText)?abego.toInt(config.options.txtItemsPerPageWithPreview,itemsPerPageWithPreviewDefault):abego.toInt(config.options.txtItemsPerPage,itemsPerPageDefault);return(n>0)?n:1};pager.onPageChanged=function(){refreshResult()};var reopenResultIfApplicable=function(){if(searchInputField==null||!config.options.chkUseYourSearch){return}if((searchInputField.value==lastSearchText)&&lastSearchText&&!isResultOpen()){if(resultElement&&(resultElement.parentNode!=document.body)){document.body.appendChild(resultElement);ensureResultIsDisplayedNicely()}else{abego.YourSearch.onShowResult(true)}}};var invalidateResult=function(){closeResult();resultElement=null;lastSearchText=null};var isDescendantOrSelf=function(self,e){while(e!=null){if(self==e){return true}e=e.parentNode}return false};var onDocumentClick=function(e){if(e.target==searchInputField){return}if(e.target==searchButton){return}if(resultElement&&isDescendantOrSelf(resultElement,e.target)){return}closeResult()};var onDocumentKeyup=function(e){if(e.keyCode==27){closeResult()}};addEvent(document,"click",onDocumentClick);addEvent(document,"keyup",onDocumentKeyup);var myStorySearch=function(text,useCaseSensitive,useRegExp){lastSearchText=text;setLastResults(findMatches(store,text,useCaseSensitive,useRegExp,"title","excludeSearch"));abego.YourSearch.onShowResult()};var myMacroSearchHandler=function(place,macroName,params,wikifier,paramString,tiddler){initStylesheet();lastSearchText="";var searchTimeout=null;var doSearch=function(txt){if(config.options.chkUseYourSearch){myStorySearch(txt.value,config.options.chkCaseSensitiveSearch,config.options.chkRegExpSearch)}else{story.search(txt.value,config.options.chkCaseSensitiveSearch,config.options.chkRegExpSearch)}lastSearchText=txt.value};var clickHandler=function(e){doSearch(searchInputField);return false};var keyHandler=function(e){if(!e){e=window.event}searchInputField=this;switch(e.keyCode){case 13:if(e.ctrlKey&&lastNewTiddlerButton&&isResultOpen()){lastNewTiddlerButton.onclick.apply(lastNewTiddlerButton,[e])}else{doSearch(this)}break;case 27:if(isResultOpen()){closeResult()}else{this.value="";clearMessage()}break}if(String.fromCharCode(e.keyCode)==this.accessKey||e.altKey){reopenResultIfApplicable()}if(this.value.length<3&&searchTimeout){clearTimeout(searchTimeout)}if(this.value.length>2){if(this.value!=lastSearchText){if(!config.options.chkUseYourSearch||config.options.chkSearchAsYouType){if(searchTimeout){clearTimeout(searchTimeout)}var txt=this;searchTimeout=setTimeout(function(){doSearch(txt)},500)}}else{if(searchTimeout){clearTimeout(searchTimeout)}}}if(this.value.length==0){closeResult()}};var focusHandler=function(e){this.select();clearMessage();reopenResultIfApplicable()};var args=paramString.parseParams("list",null,true);var buttonAtRight=getFlag(args,"buttonAtRight");var sizeTextbox=getParam(args,"sizeTextbox",this.sizeTextbox);var txt=createTiddlyElement(null,"input",null,"txtOptionInput searchField",null);if(params[0]){txt.value=params[0]}txt.onkeyup=keyHandler;txt.onfocus=focusHandler;txt.setAttribute("size",sizeTextbox);txt.setAttribute("accessKey",this.accessKey);txt.setAttribute("autocomplete","off");if(config.browser.isSafari){txt.setAttribute("type","search");txt.setAttribute("results","5")}else{if(!config.browser.isIE){txt.setAttribute("type","text")}}var btn=createTiddlyButton(null,this.label,this.prompt,clickHandler);if(place){if(!buttonAtRight){place.appendChild(btn)}place.appendChild(txt);if(buttonAtRight){place.appendChild(btn)}}searchInputField=txt;searchButton=btn};var openAllFoundTiddlers=function(){closeResult();var results=getLastResults();var n=results.length;if(n){var titles=[];for(var i=0;i<n;i++){titles.push(results[i].title)}story.displayTiddlers(null,titles)}};var createOptionWithRefresh=function(place,optionParams,wikifier,tiddler){invokeMacro(place,"option",optionParams,wikifier,tiddler);var elem=place.lastChild;var oldOnClick=elem.onclick;elem.onclick=function(e){var result=oldOnClick.apply(this,arguments);refreshResult();return result};return elem};var removeTextDecoration=function(s){var removeThis=["''","{{{","}}}","//","<<<","/***","***/"];var reText="";for(var i=0;i<removeThis.length;i++){if(i!=0){reText+="|"}reText+="("+removeThis[i].escapeRegExp()+")"}return s.replace(new RegExp(reText,"mg"),"").trim()};var getShortCutNumber=function(){var i=indexInPage;return(i>=0&&i<=9)?(i<9?(i+1):0):-1};var limitedTextRenderer=new abego.LimitedTextRenderer();var renderLimitedText=function(place,s,maxLen){limitedTextRenderer.render(place,s,maxLen,lastQuery.getMarkRegExp())};var oldTiddlyWikiSaveTiddler=TiddlyWiki.prototype.saveTiddler;TiddlyWiki.prototype.saveTiddler=function(title,newTitle,newBody,modifier,modified,tags,fields){oldTiddlyWikiSaveTiddler.apply(this,arguments);invalidateResult()};var oldTiddlyWikiRemoveTiddler=TiddlyWiki.prototype.removeTiddler;TiddlyWiki.prototype.removeTiddler=function(title){oldTiddlyWikiRemoveTiddler.apply(this,arguments);invalidateResult()};config.macros.yourSearch={label:"yourSearch",prompt:"Gives access to the current/last YourSearch result",handler:function(place,macroName,params,wikifier,paramString,tiddler){if(params.length==0){return}var name=params[0];var func=config.macros.yourSearch.funcs[name];if(func){func(place,macroName,params,wikifier,paramString,tiddler)}},tests:{"true":function(){return true},"false":function(){return false},found:function(){return getLastResultsCount()>0},previewText:function(){return config.options.chkPreviewText}},funcs:{itemRange:function(place){if(getLastResultsCount()){var lastIndex=pager.getLastIndexOnPage();var s="%0 - %1".format([pager.getFirstIndexOnPage()+1,lastIndex+1]);createTiddlyText(place,s)}},count:function(place){createTiddlyText(place,getLastResultsCount().toString())},query:function(place){if(lastQuery){createTiddlyText(place,lastQuery.toString())}},version:function(place){var t="YourSearch %0.%1.%2".format([version.extensions.YourSearchPlugin.major,version.extensions.YourSearchPlugin.minor,version.extensions.YourSearchPlugin.revision]);var e=createTiddlyElement(place,"a");e.setAttribute("href","http://tiddlywiki.abego-software.de/#YourSearchPlugin");e.innerHTML='<font color="black" weight="bold" face="Arial, Helvetica, sans-serif">'+t+"<font>"},copyright:function(place){var e=createTiddlyElement(place,"a");e.setAttribute("href","http://www.abego-software.de");e.innerHTML='<font color="black" face="Arial, Helvetica, sans-serif">&copy; 2005-2019 <b><font color="blue">abego</font></b> Software<font>'},newTiddlerButton:function(place){if(lastQuery){var r=abego.parseNewTiddlerCommandLine(lastQuery.getQueryText());var btn=config.macros.newTiddler.createNewTiddlerButton(place,r.title,r.params,"","",null,"text");var oldOnClick=btn.onclick;btn.onclick=function(){closeResult();oldOnClick.apply(this,arguments)};lastNewTiddlerButton=btn}},linkButton:function(place,macroName,params,wikifier,paramString,tiddler){if(params<2){return}var tiddlyLink=params[1];var text=params<3?tiddlyLink:params[2];var tooltip=params<4?text:params[3];var accessKey=params<5?null:params[4];var btn=createTiddlyButton(place,text,tooltip,closeResultAndDisplayTiddler,null,null,accessKey);btn.setAttribute("tiddlyLink",tiddlyLink)},closeButton:function(place,macroName,params,wikifier,paramString,tiddler){createTiddlyButton(place,"Fermer","Fermer la zone de recherche (touche \'ESC\')",closeResult)},openAllButton:function(place,macroName,params,wikifier,paramString,tiddler){var n=getLastResultsCount();if(n==0){return}var title=n==1?"open tiddler":"Ouvrir les %0 articles".format([n]);var button=createTiddlyButton(place,title,"Ouvrir tous les articles (Raccourci : Alt-O)",openAllFoundTiddlers);button.setAttribute("accessKey","O")},naviBar:function(place,macroName,params,wikifier,paramString,tiddler){pager.addPageNavigation(place)},"if":function(place,macroName,params,wikifier,paramString,tiddler){if(params.length<2){return}var testName=params[1];var negate=(testName=="not");if(negate){if(params.length<3){return}testName=params[2]}var test=config.macros.yourSearch.tests[testName];var showIt=false;try{if(test){showIt=test(place,macroName,params,wikifier,paramString,tiddler)!=negate}else{showIt=(!eval(testName))==negate}}catch(ex){}if(!showIt){place.style.display="none"}},chkPreviewText:function(place,macroName,params,wikifier,paramString,tiddler){var elem=createOptionWithRefresh(place,"chkPreviewText",wikifier,tiddler);elem.setAttribute("accessKey","P");elem.title="Prévisualisation des articles (Raccourci : Alt-P)";return elem}}};config.macros.foundTiddler={label:"foundTiddler",prompt:"Provides information on the tiddler currently processed on the YourSearch result page",handler:function(place,macroName,params,wikifier,paramString,tiddler){var name=params[0];var func=config.macros.foundTiddler.funcs[name];if(func){func(place,macroName,params,wikifier,paramString,tiddler)}},funcs:{title:function(place,macroName,params,wikifier,paramString,tiddler){if(!currentTiddler){return}var shortcutNumber=getShortCutNumber();var tooltip=shortcutNumber>=0?"Ouvrir l\'article (Raccourci : Alt-%0)".format([shortcutNumber.toString()]):"Open tiddler";var btn=createTiddlyButton(place,null,tooltip,closeResultAndDisplayTiddler,null);btn.setAttribute("tiddlyLink",currentTiddler.title);btn.setAttribute("withHilite","true");renderLimitedText(btn,currentTiddler.title,maxCharsInTitle);if(shortcutNumber>=0){btn.setAttribute("accessKey",shortcutNumber.toString())}},tags:function(place,macroName,params,wikifier,paramString,tiddler){if(!currentTiddler){return}renderLimitedText(place,currentTiddler.getTags(),maxCharsInTags)},text:function(place,macroName,params,wikifier,paramString,tiddler){if(!currentTiddler){return}renderLimitedText(place,removeTextDecoration(currentTiddler.text),maxCharsInText)},field:function(place,macroName,params,wikifier,paramString,tiddler){if(!currentTiddler){return}var name=params[1];var len=params.length>2?abego.toInt(params[2],maxCharsInField):maxCharsInField;var v=store.getValue(currentTiddler,name);if(v){renderLimitedText(place,removeTextDecoration(v),len)}},number:function(place,macroName,params,wikifier,paramString,tiddler){var numberToDisplay=getShortCutNumber();if(numberToDisplay>=0){var text="%0)".format([numberToDisplay.toString()]);createTiddlyElement(place,"span",null,"shortcutNumber",text)}}}};var opts={chkUseYourSearch:true,chkPreviewText:true,chkSearchAsYouType:true,chkSearchInTitle:true,chkSearchInText:true,chkSearchInTags:true,chkSearchExtendedFields:true,txtItemsPerPage:itemsPerPageDefault,txtItemsPerPageWithPreview:itemsPerPageWithPreviewDefault};for(var n in opts){if(config.options[n]==undefined){config.options[n]=opts[n]}}config.shadowTiddlers.AdvancedOptions+="\n<<option chkUseYourSearch>> Use 'Your Search' ";config.shadowTiddlers.YourSearchStyleSheet="/***\n!~YourSearchResult Stylesheet\n***/\n/*{{{*/\n.yourSearchResult {\n\tposition: absolute;\n\twidth: 800px;\n\n\tpadding: 0.2em;\n\tlist-style: none;\n\tmargin: 0;\n\n\tbackground: #f0f8ff;\n\tborder: 1px solid DarkGray;\n}\n\n/*}}}*/\n/***\n!!Summary Section\n***/\n/*{{{*/\n.yourSearchResult .summary {\n\tborder-bottom-width: thin;\n\tborder-bottom-style: solid;\n\tborder-bottom-color: #999999;\n\tpadding-bottom: 4px;\n}\n\n.yourSearchRange, .yourSearchCount, .yourSearchQuery   {\n\tfont-weight: bold;\n}\n\n.yourSearchResult .summary .button {\n\tfont-size: 10px;\n\n\tpadding-left: 0.3em;\n\tpadding-right: 0.3em;\n}\n\n.yourSearchResult .summary .chkBoxLabel {\n\tfont-size: 10px;\n\n\tpadding-right: 0.3em;\n}\n\n/*}}}*/\n/***\n!!Items Area\n***/\n/*{{{*/\n.yourSearchResult .marked {\n\tbackground: none;\n\tfont-weight: bold;\n}\n\n.yourSearchItem {\n\tmargin-top: 2px;\n}\n\n.yourSearchNumber {\n\tcolor: #0000FF;\n}\n\n\n.yourSearchTags {\n\tcolor: #3333ff;\n}\n\n.yourSearchText {\n\tcolor: #000080;\n\tmargin-bottom: 6px;\n}\n\n/*}}}*/\n/***\n!!Footer\n***/\n/*{{{*/\n.yourSearchFooter {\n\tmargin-top: 8px;\n\tborder-top-width: thin;\n\tborder-top-style: solid;\n\tborder-top-color: #999999;\n}\n\n.yourSearchFooter a:hover{\n\tbackground: none;\n\tcolor: none;\n}\n/*}}}*/\n/***\n!!Navigation Bar\n***/\n/*{{{*/\n.yourSearchNaviBar a {\n\tfont-size: 16px;\n\tmargin-left: 4px;\n\tmargin-right: 4px;\n\tcolor: black;\n\ttext-decoration: underline;\n}\n\n.yourSearchNaviBar a:hover {\n\tbackground-color: none;\n}\n\n.yourSearchNaviBar .prev {\n\tfont-weight: bold;\n\tcolor: blue;\n}\n\n.yourSearchNaviBar .currentPage {\n\tcolor: #0000FF;\n\ttext-decoration: none;\n}\n\n.yourSearchNaviBar .next {\n\tfont-weight: bold;\n\tcolor: blue;\n}\n/*}}}*/\n";config.shadowTiddlers.YourSearchResultTemplate='<!--\n{{{\n-->\n<span macro="yourSearch if found">\n<!-- The Summary Header ============================================ -->\n<table class="summary" border="0" width="100%" cellspacing="0" cellpadding="0"><tbody>\n  <tr>\n\t<td align="left">\n\t\tYourSearch Result <span class="yourSearchRange" macro="yourSearch itemRange"></span>\n\t\t&nbsp;of&nbsp;<span class="yourSearchCount" macro="yourSearch count"></span>\n\t\tfor&nbsp;<span class="yourSearchQuery" macro="yourSearch query"></span>\n\t</td>\n\t<td class="yourSearchButtons" align="right">\n\t\t<span macro="yourSearch newTiddlerButton"></span>\n\t\t<span macro="yourSearch openAllButton"></span>\n\t\t<span macro="yourSearch closeButton"></span>\n\t</td>\n  </tr>\n</tbody></table>\n\n<!-- The List of Found Tiddlers ============================================ -->\n<div id="yourSearchResultItems" itemsPerPage="25" itemsPerPageWithPreview="10"></div>\n\n<!-- The Footer (with the Navigation) ============================================ -->\n<table class="yourSearchFooter" border="0" width="100%" cellspacing="0" cellpadding="0"><tbody>\n  <tr>\n\t<td align="left">\n\t\tNombre de pages : <span class="yourSearchNaviBar" macro="yourSearch naviBar"></span>\n\t</td>\n\t<td align="right"><span macro="yourSearch version"></span>, <span macro="yourSearch copyright"></span>\n\t</td>\n  </tr>\n</tbody></table>\n<!-- end of the \'tiddlers found\' case =========================================== -->\n</span>\n\n\n<!-- The "No tiddlers found" case =========================================== -->\n<span macro="yourSearch if not found">\n<table class="summary" border="0" width="100%" cellspacing="0" cellpadding="0"><tbody>\n  <tr>\n\t<td align="left">\n\t\tRecherche infructueuse: aucun article trouvé pour <span class="yourSearchQuery" macro="yourSearch query"></span>.\n\t</td>\n\t<td class="yourSearchButtons" align="right">\n\t\t<span macro="yourSearch closeButton"></span>\n\t</td>\n  </tr>\n</tbody></table>\n</span>\n\n\n<!--\n}}}\n-->\n';config.shadowTiddlers.YourSearchItemTemplate="<!--\n{{{\n-->\n<span class='yourSearchNumber' macro='foundTiddler number'></span>\n<span class='yourSearchTitle' macro='foundTiddler title'/></span>&nbsp;-&nbsp;\n<span class='yourSearchTags' macro='foundTiddler field tags 50'/></span>\n<span macro=\"yourSearch if previewText\"><div class='yourSearchText' macro='foundTiddler field text 250'/></div></span>\n<!--\n}}}\n-->";config.shadowTiddlers.YourSearch="<<tiddler [[YourSearch Help]]>>";config.shadowTiddlers["YourSearch Result"]="The popup-like window displaying the result of a YourSearch query.";config.macros.search.handler=myMacroSearchHandler;var checkForOtherHijacker=function(){if(config.macros.search.handler!=myMacroSearchHandler){alert("Message from YourSearchPlugin:\n\n\nAnother plugin has disabled the 'Your Search' features.\n\n\nYou may disable the other plugin or change the load order of \nthe plugins (by changing the names of the tiddlers)\nto enable the 'Your Search' features.")}};setTimeout(checkForOtherHijacker,5000);abego.YourSearch.getStandardRankFunction=function(){return standardRankFunction};abego.YourSearch.getRankFunction=function(){return abego.YourSearch.getStandardRankFunction()};abego.YourSearch.getCurrentTiddler=function(){return currentTiddler};abego.YourSearch.closeResult=function(){closeResult()};abego.YourSearch.getFoundTiddlers=function(){return lastResults};abego.YourSearch.getQuery=function(){return lastQuery};abego.YourSearch.onShowResult=function(useOldResult){highlightHack=lastQuery?lastQuery.getMarkRegExp():null;if(!useOldResult){pager.setItems(getLastResults())}if(!resultElement){resultElement=createTiddlyElement(document.body,"div",yourSearchResultID,"yourSearchResult")}else{if(resultElement.parentNode!=document.body){document.body.appendChild(resultElement)}}refreshResult();highlightHack=null}})()};
//%/
[[Accueil]]
[<img(100px,auto)[i/CSIRT-FR.jpg]]{{floatL{
|ssTablN0|k
| @@color:#0000ff;<html><i class="fa fa-home" aria-hidden="true"></i></html>@@ |__[[Accueil]]__|
| @@color:#c0c0c0;<html><i class="fa fa-info-circle" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Actualités]]|
| @@color:#c0c0c0;<html><i class="fa fa-blog" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Blog]]|
| @@color:#c0c0c0;<html><i class="fa fa-book" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Publications]]|
| @@color:#c0c0c0;<html><i class="fa fa-pencil-alt" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Newsletters]]|
| @@color:#0000ff;<html><i class="fa fa-eye" aria-hidden="true"></i></html>@@ |__[[Veille]]__|
| @@color:#c0c0c0;<html><i class="fa fa-book-reader" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Références]]|
| @@color:#c0c0c0;<html><i class="fa fa-tools" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Outils]]|
| @@color:#c0c0c0;<html><i class="fa fa-exclamation-triangle" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Alertes]]|
| @@color:#c0c0c0;<html><i class="fa fa-laptop-medical" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Correctifs]]|
| @@color:#c0c0c0;<html><i class="fa fa-podcast" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Podcasts]]|
| @@color:#c0c0c0;<html><i class="fa fa-video" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Webinars]]|
| @@color:#0000ff;<html><i class="fa fa-calendar-alt" aria-hidden="true"></i></html>@@ |__[[Agenda]]__|
| @@color:#c0c0c0;<html><i class="fa fa-archive" aria-hidden="true"></i></html>@@ |bgcolor:#e0e0e0;[[Archives]]|
| → |[[Contact]]|
|>| ^^• MàJ @@color:#00F;''''@@^^ |
|>| [img(50%,1px)[i/BluePixel.gif]] |
}}}
^^//Computer Security Incident Response Team//^^
CSIRT.FR
[[myCSS]]
<!--{{{-->
<div class='toolbar' macro='toolbar [[ToolbarCommands::ViewToolbar]]'></div>
<div class='title' macro='view title'></div>
<div class='viewer' macro='view text wikified'></div>
<div class='viewer' macro='tiddler ReplaceDoubleClick'></div>
<div class='tagClear'></div>
<!--}}}-->
//{{{
config.options.txtUserName='CSIRT-FR';
config.options.chkAnimate=false;
config.options.chkRegExpSearch=false;
config.options.chkCaseSensitiveSearch=false;
config.options.chkOpenInNewWindow=true;
config.messages.tiddlerLinkTooltip="→ %0";
config.messages.externalLinkTooltip="→ %0";
config.options.chkHideSiteTitles=true;
config.macros.search.prompt="Recherche sur ce site";
config.macros.search.successMsg="%1 → %0 article(s)";
config.macros.search.failureMsg="%0 → Aucun article";
config.macros.search.label="Recherche";
merge(config.views.wikified,{ dateFormat: "0DD.0MM.YYYY",});
merge(config.macros.search,{ label: "", prompt: "Moteur de recherche local",});
config.options.chkUseYourSearch=true;
config.options.chkPreviewText=false;
config.options.chkSearchAsYouType=false;
config.options.chkSearchInTitle=true;
config.options.chkSearchInText=true;
config.options.chkSearchInTags=true;
config.options.chkSearchExtendedFields=false;
config.options.txtItemsPerPage=10;
config.options.txtItemsPerPageWithPreview=10;
config.options.chkShowLeftSidebar=true;
config.options.chkDisableWikiLinks=true;
config.options.chkAllowLinksFromShadowTiddlers=true;
config.options.chkDisableNonExistingWikiLinks=true;
config.options.chkSinglePageAutoScroll=true;
config.options.chkSinglePagePermalink=false;
config.options.chkSinglePageMode=false;
config.options.chkTopOfPageMode=true;
config.options.chkBottomOfPageMode=true;
config.options.chkShowBreadcrumbs=true;
config.options.txtBreadcrumbsLimit=8;
config.options.chkReorderBreadcrumbs=true;
config.options.txtBreadcrumbsCrumbSeparator="  <html><i class='fa fa-shoe-prints' aria-hidden='true'></i><i class='fa fa-shoe-prints' aria-hidden='true'></i></html>  ";
config.options.chkBreadcrumbsSave=false;
config.options.chkShowStartupBreadcrumbs=false;
config.options.chkBreadcrumbsReverse=false;
config.options.chkBreadcrumbsLimitOpenTiddlers=true;
config.options.txtBreadcrumbsLimitOpenTiddlers=20;
config.options.chkBreadcrumbsHideHomeLink=false;
config.options.chkCreateDefaultBreadcrumbs=true;
config.options.chkFramedLinks=false;
config.options.chkFramedLinksTag=true;
config.options.txtFramedLinksTag='_EmbedFrame';
config.options.txtFrameWidth='98%';
config.options.txtFrameHeight='33%';
readOnly=true;
config.options.chkHttpReadOnly=true;
config.options.chkBackstage=false;
showBackstage=false;
merge(config.shadowTiddlers,{ ToolbarCommands: '|~ViewToolbar|closeTiddler closeOthers|\n|~EditToolbar|+saveTiddler -cancelTiddler deleteTiddler|',});
merge(config.commands.closeTiddler,{ text: "[fermer]", tooltip: "Fermer cet article" });
merge(config.commands.closeOthers,{ text: "[isoler]", tooltip: "Fermer les autres articles" });
//}}}
/*{{{*/
.HeaderMenu .searchField {width:20em;text-align:center;}
/* compact form */
.smallform { white-space:nowrap; }
.smallform input, .smallform textarea, .smallform button, .smallform checkbox, .smallform radio, .smallform select { font-size:8pt; }
/* Alignement */
.floatL { display:block;text-align:left; }
.floatR { display:block;text-align:right; }
.floatC { display:block;text-align:center; }
.ssTabl99 {width:99%}
.ssTabl96 {width:96%}
.ssTabl2,
.ssTabl2 td,
.ssTabl2 th,
.ssTabl2 tbody
{ table-layout:fixed; width:98%; }
.ssTabl98N0,
.ssTabl98N0 table,
.ssTabl98N0 td,
.ssTabl98N0 tr,
.ssTabl98N0 th,
.ssTabl98N0 tbody
{ border:0 !important; width:98%; table-layout:fixed; }
.ssCol30 {width:30%; float:left; margin-left:1%; margin-right:1%; border-color:#014; border-style:solid; border-width:3px; }
.ssCol45 {width:45%; float:left; margin-left:1%;}
/* multi-column tiddler content (not supported in Internet Explorer) */
.ss2col { display:block; -moz-column-count:2; -moz-column-gap:1em; -moz-column-width:50%; /* FireFox */ -webkit-column-count:2; -webkit-column-gap:1em; -webkit-column-width:50%; /* Safari */ column-count:2; column-gap:1em; column-width:50%; /* Opera */ }
.ss3col { display:block; -moz-column-count:3; -moz-column-gap:1em; -moz-column-width:33%; /* FireFox */ -webkit-column-count:3; -webkit-column-gap:1em; -webkit-column-width:33%; /* Safari */ column-count:3; column-gap:1em; column-width:33%; /* Opera */ }
.ss4col { display:block; -moz-column-count:4; -moz-column-gap:1em; -moz-column-width:24%; /* FireFox */ -webkit-column-count:4; -webkit-column-gap:1em; -webkit-column-width:24%; /* Safari */ column-count:4; column-gap:1em; column-width:24%; /* Opera */ }
.ss5col { display:block; -moz-column-count:5; -moz-column-gap:1em; -moz-column-width:16%; /* FireFox */ -webkit-column-count:5; -webkit-column-gap:1em; -webkit-column-width:16%; /* Safari */ column-count:5; column-gap:1em; column-width:16%; /* Opera */ }
.clear {clear:both;}
/* ssTablN0 : table without tr/th/td borders */
.ssTablN0, .ssTablN0 table, .ssTablN0 tr, .ssTablN0 th, .ssTablN0 td, .ssTablN0 tbody { border:0 !important; }
/* ssTablN0 : table without tr/td borders borders, but with th borders */
.ssTablN0L, .ssTablN0L tr, .ssTablN0L td, .ssTablN0L tbody { border:0 !important; }
/* {font-size:.70em;} */
body {font-size:.8em;font-family:Verdana,times,serif; margin:0; padding:0;}
pre, .tagged, .tagging, #messageArea, .popup, .tiddlyLink, .button { border-radius: 5px; }
.tiddlyLink { padding: 0px 2px; margin: 0 -2px; }
img[align="left"] { margin-right: .5em; }
img[align="right"] { margin-left: .5em; }
.toolbar {text-align:left; font-size:.7em;}
img {border:2px solid [[ColorPalette::Background]];}
.headerShadow {position:relative; padding:0.5em 0em 1em 1em; left:-1px; top:-1px;}
.headerForeground {position:absolute; padding:0.5em 0em 1em 1em; left:0px; top:0px;}
.headerShadow .right { position: absolute; top: 0; }
.headerShadow .right { right: 0; }
.headerForeground .right { display: none; }
/* InlineTabs */
.tabSelected {font-weight:bold; font-size:125%; color:[[ColorPalette::PrimaryDark]]; background:[[ColorPalette::TertiaryPale]]; border-left:2px solid [[ColorPalette::PrimaryMid]]; border-top:2px solid [[ColorPalette::PrimaryLight]]; border-right:2px solid [[ColorPalette::PrimaryMid]]; border-bottom-style:2px solid [[ColorPalette::PrimaryMid]]; }
.tabContents {color:[[ColorPalette::PrimaryDark]]; background:[[ColorPalette::Background]]; border:2px solid [[ColorPalette::PrimaryMid]];}
/* StyleSheetRotate90 */
.ssRot90 { float:left; width:0.6em; font-size:100%; font-family:Verdana,times,serif; line-height:60%; color:#014 !important; background:inherit !important; transform: rotate(90deg);}
/* StyleSheetLetters */
.arOund {border:2px solid #014; background-color:#FFF; color:#014; font-style:italic; font-size:0.9em; text-align:center; padding:0.1em 0.5em 0.1em 0.5em; }}
.arOund200 {border:2px solid #014; background-color:#FFF; color:#014; font-style:italic; font-size:200%; text-align:center; padding:0.1em 0.5em 0.1em 0.5em; }}
.firstletter { width:0.6em; font-size:250%; font-family:Verdana,times,serif; line-height:60%; color:#014 !important; background:inherit !important; }
/* .firstletterC { float:center; width:0.6em; font-size:250%; line-height:60%; color:#014 !important; background:inherit !important; } */
.FirstLetter { width:0.6em; font-size:150%; font-family:Verdana,times,serif; line-height:60%; !important; background:inherit !important; }
.Blue250 { float:left; width:0.6em; font-size:250%; font-family:Verdana,times,serif; line-height:60%; color:#014 !important; background:inherit !important; }
/* StyleSheetTableList */
.viewer ul {margin-top:0; margin-bottom:0;}
.viewer {text-align:justify;}
.viewer th {background:[[ColorPalette::TertiaryPale]]; color:[[ColorPalette::PrimaryMid]];}
/* NestedSlidersPlugin */
.floatingPanel { z-index:700; padding:1em; margin:0em; border:1px solid; -moz-border-radius:1em; font-size:8pt; text-align:left; }
.floatingPanel hr { margin:2px 0 1px 0; padding:0; }
#sidebarOptions .sliderPanel { margin:0; padding:0; font-size:1em; background:transparent; }
#sidebarOptions .sliderPanel a { font-weight:normal; }
#sidebarOptions .sliderPanel blockquote { margin:0;padding:0;margin-left:1em; border-left:1px dotted; padding-left:1em }
.selected .floatingPanel .button,
.selected .floatingPanel a:link,
.selected .floatingPanel a:hover,
.selected .floatingPanel a:visited,
.floatingPanel .button,
.floatingPanel a:link,
.floatingPanel a:hover,
.floatingPanel a:visited { color:[[ColorPalette::PrimaryDark]] !important; }
.QOTD { color:#014 !important; background:inherit !important; }
.horizTag li.listTitle { display:none }
.horizTag li { display:inline; font-size:90%; }
.horizTag ul { display:inline; margin:0px; padding:0px;}
.viewer td { vertical-align:top; }
.viewer th { vertical-align:top; }
.viewer dl { margin:0; }
.size75 { font-size:75%; }

.annotation {background:[[ColorPalette::SecondaryLight]]; color:[[ColorPalette::Foreground]]; border:2px solid [[ColorPalette::SecondaryMid]];}
.annotation {padding:0.5em; margin:0.5em;}
/*}}}*/
[img(10%,2px)[i/BluePixel.gif]] © 2010-2023 [img(10%,2px)[i/BluePixel.gif]]
• <<tiddler [[Catégories]]>>
| ![img[i/Francais.gif]][img[iLang/lang_FR.gif]]|![img[iLang/lang_EN.gif]][img[i/Anglais.gif]] |
| Le serveur {{{CSIRT.FR}}} est temporairement indisponible|The {{{CSIRT.FR}}} server is temporarily unavailable |
| Nous sommes désolés de l'inconvénient que cela peut vous causer|We apologise for any inconvenience this may cause to you |
|>| [img[iLang/lang_BG.gif]]+++[»]> ''Поради технически причини нашият {{{CSIRT.FR}}} сървър временно не работи'' • Моля извинете ни за всички евентуални неудобства, причинени от това === • [img[iLang/lang_CS.gif]]+++[»]> ''Server {{{CSIRT.FR}}} je dočasně nedostupný'' • Omlouváme se za případné nepříjemnosti, které vám tím mohou vzniknout === • [img[iLang/lang_DA.gif]]+++[»]> ''{{{CSIRT.FR}}}-serveren er midlertidigt utilgængelig'' • Vi beklager === • [img[iLang/lang_DE.gif]]+++[»]> ''Der {{{CSIRT.FR}}}-Server steht zurzeit leider nicht zur Verfügung '' • Wir bitten um Ihr Verständnis === • [img[iLang/lang_EL.gif]]+++[»]> ''Ο διακομιστής ({{{CSIRT.FR}}}) είναι προσωρινά μη διαθέσιμος'' • Ζητάμε συγγνώμη για τυχόν προβλήματα που θα αντιμετωπίσετε === • [img[iLang/lang_ES.gif]]+++[»]> ''El servidor {{{CSIRT.FR}}} no funciona por el momento '' • Disculpe las molestias === • [img[iLang/lang_ET.gif]]+++[»]> ''{{{CSIRT.FR}}} server on ajutiselt kättesamatu'' • Vabandame tekkinud ebamugavuste pärast === • [img[iLang/lang_FI.gif]]+++[»]> ''{{{CSIRT.FR}}}-palvelin on väliaikaisesti poissa käytöstä '' • Pahoittelemme tästä mahdollisesti aiheutuvaa haittaa === • [img[iLang/lang_GA.gif]]+++[»]> ''De bharr cúiseanna teicniúla ní bheidh {{{CSIRT.FR}}} ár bhfreastalaí ar fáil go ceann tamaill.'' • Is dona linn aon trioblóid a chuirtear ort dá bharr === • [img[iLang/lang_HR.gif]]+++[»]> ''Poslužitelj {{{CSIRT.FR}}} privremeno je nedostupan.'' • Ispričavamo se zbog mogućih neugodnosti. === • [img[iLang/lang_HU.gif]]+++[»]> ''Szerverünk {{{CSIRT.FR}}} műszaki okok miatt jelenleg nem elérhető.'' • A kényelmetlenségért elnézést kérünk === • [img[iLang/lang_IT.gif]]+++[»]> ''Il server {{{CSIRT.FR}}} è momentaneamente inaccessibile.'' • Ci scusiamo degli inconvenienti che questo le può causare === • [img[iLang/lang_LT.gif]]+++[»]> ''{{{CSIRT.FR}}} serveris laikinai neveikia'' • Atsiprašome dėl nepatogumų === • [img[iLang/lang_LV.gif]]+++[»]> ''Serveris {{{CSIRT.FR}}} šobrīd nav pieejams'' • Mēs atvainojamies par sagādātajām neērtībām === • [img[iLang/lang_MT.gif]]+++[»]> ''Is-server {{{CSIRT.FR}}} għalissa mhux disponibbli'' • Niskużaw ruħna għal kull inkonvenjenza li dan jista' joħloqlok === • [img[iLang/lang_NL.gif]]+++[»]> ''De {{{CSIRT.FR}}} server is tijdelijk niet beschikbaar'' • Onze excuses voor het eventuele ongemak === • [img[iLang/lang_PL.gif]]+++[»]> ''Serwer {{{CSIRT.FR}}} jest chwilowo niedostępny '' • Przepraszamy za wszelkie związane z tym niedogodności === • [img[iLang/lang_PT.gif]]+++[»]> ''O servidor {{{CSIRT.FR}}} está momentaneamente indisponível '' • Pedimos desculpa pelo inconveniente === • [img[iLang/lang_RO.gif]]+++[»]> ''Din motive tehnice, serverul nostru {{{CSIRT.FR}}} este momentan indisponibil.'' • Ne cerem scuze pentru inconvenientele cauzate === • [img[iLang/lang_SK.gif]]+++[»]> ''Server {{{CSIRT.FR}}} je dočasne nedostupný'' • Ospravedlňujeme sa za prípadné problémy, ktoré môžu v dôsledku toho vzniknúť === • [img[iLang/lang_SL.gif]]+++[»]> ''Strežnik {{{CSIRT.FR}}} je začasno nedosegljiv.'' • Opravičujemo se vam za vse morebitne nevšečnosti === • [img[iLang/lang_SV.gif]]+++[»]> ''{{{CSIRT.FR}}}-servern kan för närvarande inte nås'' • Vi beklagar att detta kan vålla dig problem === |
|ssTabl98N0|k
| {{arOund{CSIRT.fr}}}|
{{floatC{contact à csirt point fr
@@font-size:75%;@@
+++*[Protection des données] <<tiddler [[Protection des Données]]>>=== }}}

<<tiddler [[En-Tete]]>>
[[CSIRT ou CERT]] • [[Maturité SIM3|SIM3]] • [[TLP]] • [[Veille]] • [[Formations TRANSITS et SIM3|Formations]] •
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
En cours de mise à jour
<<tiddler [[FORM-MA1 - TRANSITS-I FR]]>>
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site /%

!@@color:#0000ff;<html><i class="fa fa-laptop-medical fa-2x" aria-hidden="true"></i></html> • @@Sites à consulter
Pour être informé au plus vite lors de la publicaton de correctifs de sécurité :
* Mise à jour de sécurité
** [[Bleeping Computer|https://www.bleepingcomputer.com/tag/security-update/]]
* Microsoft : Patch Tuesday
** [[SANS Diary|https://isc.sans.edu/diaryarchive.html]]
** [[Morphus Labs Patch Tuesday Board|https://patchtuesdaydashboard.com/]]
** [[Cyber Security Watch Patch Watch|https://cybersecurityworks.com/patchwatch/]]
** [[Bleeping Computer Patch Tuesday|https://www.bleepingcomputer.com/tag/patch-tuesday/]]
* Adobe
** [[Bleeping Computer|https://www.bleepingcomputer.com/tag/adobe/]]
%/
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
| !Sur les aspects protection des données, RGPD et similaires, et pour les éléments suivants | !la réponse est simple |
| • Identité et coordonnées du responsable de traitement •
• Identité et coordonnées du délégué à la protection des données •
• Catégories de données collectées •
• Finalités du traitement •
• Base juridique du traitement •
• Destinataires des données •
• Transferts de données en dehors de l'UE •
• Conservation des données •
• Exercice des droits •
• Soumission d'une réclamation auprès de l'autorité de contrôle •
• Cookies • | ''c'est sans objet''
car ...
• aucune donnée n'est collectée sur le site •
• aucun cookie n'est utilisé •
• aucun traitement de données n'est réalisé •
[img(50%,1px)[i/BluePixel.gif]]
Pour toute demande de précision, utilisez l'adresse
rgpd à csirt point fr
[img(50%,1px)[i/BluePixel.gif]] |
Exemple d'article
!Traffic Light Protocol
La dernière version du ''TLP'' est la ''version 2.0'' :
* La version anglaise a été publiée par le FIRST en ''août 2022''.
* La traduction française est disponible depuis ''février 2023''.
* La traduction française de la version précédente (1.0) est aussi publiée ci-dessous à des fins historiques.
<<tabs TLP "TLP 2.0 en Français" "Français" [[TLP v2.0 FR]] "TLP 2.0 en Anglais" "Anglais" [[TLP v2.0 EN]] "TLP 1.0 en Français" "Français" [[TLP v1.0 FR]]>>
!TRAFFIC LIGHT PROTOCOL (TLP) Version 2.0 en Français
* Version de référence au format PDF : https://www.first.org/tlp/docs/v2/tlp-v2-fr.pdf
* Version de référence au format RTF : https://www.first.org/tlp/docs/v2/tlp-v2-fr.rtf
 __''Définitions des Normes et Conseils d'Utilisation''__
!!1 - Introduction
# Le protocole TLP (Traffic Light Protocol) a été créé pour faciliter un plus grand partage d'informations potentiellement sensibles et une collaboration plus efficace. Le partage d'informations se fait à partir d'une source d'informations, vers un ou plusieurs destinataires. Le protocole TLP est un ensemble de quatre appellations utilisées pour indiquer les limites de partage à appliquer par les destinataires. Seules les appellations listées dans cette norme sont considérées comme valides par le FIRST.
# Les quatre appellations du protocole TLP sont : TLP:RED, TLP:AMBER, TLP:GREEN, et TLP:CLEAR. A l'écrit, ils NE DOIVENT pas contenir d'espaces et DOIVENT être en majuscules. Les appellations du protocole TLP DOIVENT rester dans leur forme originale, même lorsqu'ils sont utilisés dans d'autres langues : le contenu peut être traduit, mais pas les labels.
# Le protocole TLP fournit un schéma simple et intuitif pour indiquer avec qui les informations potentiellement sensibles peuvent être partagées. Le protocole TLP n'est pas un schéma de classification formel. Le protocole TLP n'a pas été conçu pour gérer les termes de licence, ni les règles de traitement de l'information ou de chiffrement. Les appellations du protocole TLP et leurs définitions ne sont pas destinées à avoir un quelconque effet sur la liberté d’accès aux documents administratifs ou les lois dites "sunshine" dans aucune juridiction.
# Le protocole TLP est optimisé pour la facilité d'adoption, la lisibilité humaine et le partage de personne à personne ; il peut être utilisé dans des systèmes automatisés d'échange d'informations, tels que MISP ou IEP.
# Le protocole TLP est distinct de la règle de Chatham House, mais peut être utilisé conjointement lorsque cela est approprié. Lorsqu'une réunion se tient selon la règle de Chatham House, les participants sont libres d'utiliser les informations reçues, mais ni l'identité ni l'affiliation du ou des intervenants, ni celle de tout autre participant, ne peuvent être révélées. 
# ''La source a la responsabilité de s'assurer que les destinataires des informations étiquetées avec le protocole TLP comprennent et sont en mesure de suivre les instructions de partage du protocole TLP.''
# ''La source est libre de spécifier des restrictions de partage supplémentaires. Celles-ci doivent être respectées par les destinataires.''
# ''Si un destinataire a besoin de partager l'information plus largement que ce qui est indiqué par le protocole TLP avec lequel elle a été fournie, il doit obtenir la permission explicite de la source.''
!!2 - Utilisation
# ''Comment utiliser le protocole TLP dans la messagerie (comme le courriel et le chat)''
** La messagerie étiquetée TLP DOIT indiquer le label TLP de l'information, ainsi que toute restriction supplémentaire, directement avant l'information elle-même. La mention du label TLP DOIT figurer dans la ligne d'objet du courriel. Si nécessaire, veillez également à indiquer la fin du texte auquel s'applique le label TLP.
# ''Comment utiliser le protocole TLP dans les documents''
** Les documents portant un label TLP DOIVENT indiquer le niveau de TLP de l'information, ainsi que toute restriction supplémentaire, dans l'en-tête et le pied de page de chaque page. La mention du protocole TLP DOIT être en caractères de 12 points ou plus pour les utilisateurs malvoyants. Il est recommandé d'ajuster les mentions TLP à droite.
# ''Comment utiliser le protocole TLP dans les échanges d'informations automatisés''
** L'utilisation du protocole TLP dans les échanges d'informations automatisés n'est pas définie : elle est laissée aux concepteurs de ces échanges, mais DOIT être conforme à la présente norme. 
# ''Codage couleur du TLP en RGB, CMYK et Hex.''
| |!|>|>| ''RGB:font'' |!|>|>| ''RGB:background'' |!|>|>|>| ''CMYK:font'' |!|>|>|>| ''CMYK:background'' |!| ''Hex'' | ''Hex'' |!|
|~|~| R | G | B |~| R | G | B |~| C | M | Y | K |~| C | M | Y | K |~| ''font'' | ''background'' |~|
|!|~|>|>|!|~|>|>|!|~|>|>|>|!|~|>|>|>|!|~|>|!|~|
|color:#FF2B2B;bgcolor:#000000;''TLP:RED'' |~| 255 | 43 | 43 |~| 0 | 0 | 0 |~| 0 | 83 | 83 | 0 |~| 0 | 0 | 0 | 100 |~| #FF2B2B | #000000 |~|
|color:#FFC000;bgcolor:#000000;''TLP:AMBER'' |~| 255 | 192 | 0 |~| 0 | 0 | 0 |~| 0 | 25 | 100 | 0 |~| 0 | 0 | 0 | 100 |~| #FFC000 | #000000 |~|
|color:#33FF00;bgcolor:#000000;''TLP:GREEN'' |~| 51 | 255 | 0 |~| 0 | 0 | 0 |~| 79 | 0 | 100 | 0 |~| 0 | 0 | 0 | 100 |~| #33FF00 | #000000 |~|
|color:#FFFFFF;bgcolor:#000000;''TLP:CLEAR'' |~| 255 | 255 | 255 |~| 0 | 0 | 0 |~| 0 | 0 | 0 | 0 |~| 0 | 0 | 0 | 100 |~| #FFFFFF | #000000 |~|
|!|~|>|>|!|~|>|>|!|~|>|>|>|!|~|>|>|>|!|~|>|!|~|
Remarque sur le codage couleur : lorsque le contraste entre le texte et le fond est trop faible, les personnes malvoyantes ont du mal à lire le texte ou ne le voient pas du tout. Le protocole TLP est conçu pour s'adapter aux personnes malvoyantes. Les sources DEVRAIENT adhérer au code couleur du protocole TLP pour assurer un contraste de couleur suffisant pour ces lecteurs.
!!3 - Définitions des appellations utilisées par le protocole TLP
''Communauté'' : Dans le cadre du protocole TLP, une communauté est un groupe qui partage des objectifs, des pratiques et des relations de confiance informelles. Une communauté peut être aussi large que tous les praticiens de la cybersécurité dans un pays (ou dans un secteur ou une région).
''Organisation'' : Dans le cadre du protocole TLP, une organisation est un groupe qui partage une affiliation commune par une adhésion formelle et qui est lié par des politiques communes définies par l'organisation. Une organisation peut être aussi large que tous les membres d'une organisation de partage d'informations, mais rarement plus large.
''Clients'' : Dans le cadre du protocole TLP, les clients sont les personnes ou entités qui reçoivent des services de cybersécurité d'une organisation. Les clients sont inclus par défaut dans l’appellation TLP:AMBER afin que les destinataires puissent partager des informations en aval pour que les clients prennent des mesures pour se protéger. Pour les équipes ayant une responsabilité nationale, cette définition inclut les parties prenantes et les électeurs.
@@font-size:125%;color:#FF2B2B;bgcolor:#000000;TLP:RED@@
* Pour les yeux et les oreilles des destinataires individuels uniquement, aucune autre divulgation. Les sources peuvent utiliser l’appellation TLP:RED lorsque les informations ne peuvent pas être traitées efficacement sans risque significatif pour la vie privée, la réputation ou les opérations des organisations concernées. Les destinataires ne peuvent donc pas partager les informations avec l’appellation TLP:RED avec qui que ce soit. Dans le contexte d'une réunion, par exemple, les informations mentionnées avec le label TLP:RED sont limitées aux personnes présentes à la réunion. 
  @@font-size:125%;color:#FFC000;bgcolor:#000000;TLP:AMBER@@ * Divulgation limitée, les destinataires ne peuvent diffuser ces informations que sur la base du besoin d'en connaître au sein de leur organisation et de ses clients. Notez que le ''@@font-size:125%;color:#FFC000;bgcolor:#000000;TLP:AMBER+STRICT@@'' restreint le partage à l'organisation uniquement. Les sources peuvent utiliser le TLP:AMBER lorsque l'information nécessite un soutien pour être traitée efficacement, mais qu'elle présente un risque pour la confidentialité, la réputation ou les opérations si elle est partagée en dehors des organisations concernées. Les destinataires peuvent partager les informations avec la mention TLP:AMBER avec les membres de leur propre organisation et ses clients, mais ''uniquement'' sur la base du besoin d'en connaître, afin de protéger leur organisation et ses clients et d'éviter tout préjudice supplémentaire. ** Remarque : si la source souhaite restreindre le partage à l'organisation uniquement, elle doit spécifier TLP:AMBER+STRICT.
  @@font-size:125%;color:#33FF00;bgcolor:#000000;TLP:GREEN@@ Divulgation limitée, les destinataires peuvent la diffuser au sein de leur communauté. Les sources peuvent utiliser l’appellation TLP:GREEN lorsque l'information est utile pour accroître la sensibilisation au sein de leur communauté. Les destinataires peuvent partager les informations avec l’appellation TLP:GREEN avec leurs pairs et les organisations partenaires au sein de leur communauté, mais pas via des canaux accessibles au public. Les informations ayant la mention TLP:GREEN ne peuvent pas être partagées en dehors de la communauté. ** Remarque : lorsque le terme "communauté" n'est pas défini, il s'agit de la communauté de la cybersécurité/défense. @@font-size:125%;color:#FFFFFF;bgcolor:#000000;TLP:CLEAR@@ Les destinataires peuvent diffuser cette information dans le monde entier, il n'y a pas de limite à la divulgation. Les sources peuvent utiliser l’appellation TLP:CLEAR lorsque les informations présentent un risque minimal ou nul de mauvaise utilisation, conformément aux règles et procédures applicables à la diffusion publique. Sous réserve des règles standard de copyright, les informations mentionnées en TLP:CLEAR peuvent être partagées sans restriction. ---- __Notes__ # Ce document utilisent les termes DOIT (MUST) et DEVRAIT (SHOULD) tel que défini dans le [[RFC-2119|https://tools.ietf.org/html/rfc2119]]. # Tous les commentaires et ou suggestions peuvent être envoyées à l’adresse courriel suivante //tlp-sig @ first . org//. ---- __Translation__ * Marc-Frederic GOMEZ, CERT Credit Agricole, FR * Louis Rouxel, CERT-FR, FR * Olivier Caleff, FIRST Liaison member, FR __Review__ * Don Stikvoort, FIRST Liaison member, NL
!1 - TRAFFIC LIGHT PROTOCOL (TLP) Version 2.0
__''FIRST Standards Definitions and Usage Guidance — Version 2.0''__
''TLP version 2.0 is the current version of TLP standardized by FIRST. It is authoritative from August 2022 onwards''
!!1.1 - Introduction
# The Traffic Light Protocol (TLP) was created to facilitate greater sharing of potentially sensitive information and more effective collaboration. Information sharing happens from an information //source//, towards one or more //recipients//. TLP is a set of four labels used to indicate the sharing boundaries to be applied by the recipients. Only labels listed in this standard are considered valid by FIRST.
# The four TLP labels are: TLP:RED, TLP:AMBER, TLP:GREEN, and TLP:CLEAR. In written form, they MUST not contain spaces and SHOULD be in capitals. TLP labels MUST remain in their original form, even when used in other languages: content can be translated, but the labels cannot.
# TLP provides a simple and intuitive schema for indicating with whom potentially sensitive information can be shared. TLP is not a formal classification scheme. TLP was not designed to handle licensing terms, nor information handling or encryption rules. TLP labels and their definitions are not intended to have any effect on freedom of information or “sunshine” laws in any jurisdiction.
# TLP is optimized for ease of adoption, human readability and person-to-person sharing; it may be used in automated information exchange systems, such as [[MISP|https://www.misp-project.org]] or [[IEP|https://www.first.org/iep/]].
# TLP is distinct from the Chatham House Rule, but may be used in conjunction when appropriate. When a meeting is held under the Chatham House Rule, participants are free to use the information received, but neither the identity nor the affiliation of the speaker(s), nor that of any other participant, may be revealed.
# ''The source is responsible for ensuring that recipients of TLP-labeled information understand and can follow TLP sharing guidance.''
# ''The source is at liberty to specify additional sharing restrictions. These must be adhered to by recipients.''
# ''If a recipient needs to share information more widely than indicated by the TLP label it came with, they must obtain explicit permission from the source.''
!!1.2 - Usage
# ''How to use TLP in messaging (such as email and chat)''
** TLP-labeled messaging MUST indicate the TLP label of the information, as well as any additional restrictions, directly prior to the information itself. The TLP label SHOULD be in the subject line of email. Where needed, also make sure to designate the end of the text to which the TLP label applies.
# ''How to use TLP in documents''
** TLP-labeled documents MUST indicate the TLP label of the information, as well as any additional restrictions, in the header and footer of each page. The TLP label SHOULD be in ''12-point type or greater'' for users with low vision. It is recommended to right-justify TLP labels.
# ''How to use TLP in automated information exchanges''
** TLP usage in automated information exchanges is not defined: this is left to the designers of such exchanges, but MUST be in accordance with this standard.
# ''TLP color-coding in RGB, CMYK and Hex''
| |!|>|>| ''RGB:font'' |!|>|>| ''RGB:background'' |!|>|>|>| ''CMYK:font'' |!|>|>|>| ''CMYK:background'' |!| ''Hex'' | ''Hex'' |!|
|~|~| R | G | B |~| R | G | B |~| C | M | Y | K |~| C | M | Y | K |~| ''font'' | ''background'' |~|
|!|~|>|>|!|~|>|>|!|~|>|>|>|!|~|>|>|>|!|~|>|!|~|
|color:#FF2B2B;bgcolor:#000000;''TLP:RED'' |~| 255 | 43 | 43 |~| 0 | 0 | 0 |~| 0 | 83 | 83 | 0 |~| 0 | 0 | 0 | 100 |~| #FF2B2B | #000000 |~|
|color:#FFC000;bgcolor:#000000;''TLP:AMBER'' |~| 255 | 192 | 0 |~| 0 | 0 | 0 |~| 0 | 25 | 100 | 0 |~| 0 | 0 | 0 | 100 |~| #FFC000 | #000000 |~|
|color:#33FF00;bgcolor:#000000;''TLP:GREEN'' |~| 51 | 255 | 0 |~| 0 | 0 | 0 |~| 79 | 0 | 100 | 0 |~| 0 | 0 | 0 | 100 |~| #33FF00 | #000000 |~|
|color:#FFFFFF;bgcolor:#000000;''TLP:CLEAR'' |~| 255 | 255 | 255 |~| 0 | 0 | 0 |~| 0 | 0 | 0 | 0 |~| 0 | 0 | 0 | 100 |~| #FFFFFF | #000000 |~|
|!|~|>|>|!|~|>|>|!|~|>|>|>|!|~|>|>|>|!|~|>|!|~|
Note on color-coding: when there is too little color contrast between text and background, those with low vision struggle to read text or cannot see it at all. TLP is designed to accommodate those with low vision. Sources SHOULD adhere to the TLP color-coding to ensure enough color contrast for such readers.
!!1.3 - TLP definitions
''Community:'' Under TLP, a //community// is a group who share common goals, practices, and informal trust relationships. A community can be as broad as all cybersecurity practitioners in a country (or in a sector or region).
''Organization:'' Under TLP, an //organization// is a group who share a common affiliation by formal membership and are bound by common policies set by the organization. An organization can be as broad as all members of an information sharing organization, but rarely broader.
''Clients:'' Under TLP, clients are those people or entities that receive cybersecurity services from an //organization//. Clients are by default included in TLP:AMBER so that the recipients may share information further downstream in order for clients to take action to protect themselves. For teams with national responsibility this definition includes stakeholders and constituents.
# ''@@font-size:125%;color:#FF2B2B;bgcolor:#000000;TLP:RED@@'' = For the eyes and ears of //individual// recipients only, no further disclosure.
** Sources may use TLP:RED when information cannot be effectively acted upon without significant risk for the privacy, reputation, or operations of the organizations involved. Recipients may therefore not share TLP:RED information with anyone else. In the context of a meeting, for example, TLP:RED information is limited to those present at the meeting. 
  # ''@@font-size:125%;color:#FFC000;bgcolor:#000000;TLP:AMBER@@'' = Limited disclosure, recipients can only spread this on a need-to-know basis within their //organization// and its //clients//. ** Note that ''@@font-size:125%;color:#FFC000;bgcolor:#000000;TLP:AMBER+STRICT@@'' restricts sharing to the //organization// only. ** Sources may use TLP:AMBER when information requires support to be effectively acted upon, yet carries risk to privacy, reputation, or operations if shared outside of the organizations involved. Recipients may share TLP:AMBER information with members of their own organization and its clients, but only on a need-to-know basis to protect their organization and its clients and prevent further harm. Note: if the source wants to restrict sharing to the organization ''only'', they must specify TLP:AMBER+STRICT.
  # ''@@font-size:125%;color:#33FF00;bgcolor:#000000;TLP:GREEN@@'' = Limited disclosure, recipients can spread this within their community. ** Sources may use TLP:GREEN when information is useful to increase awareness within their wider community. Recipients may share TLP:GREEN information with peers and partner organizations within their community, but not via publicly accessible channels. TLP:GREEN information may not be shared outside of the community. Note: when “community” is not defined, assume the cybersecurity/defense community.
  # ''@@font-size:125%;color:#FFFFFF;bgcolor:#000000;TLP:CLEAR@@'' = Recipients can spread this to the //world//, there is no limit on disclosure. ** Sources may use TLP:CLEAR when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:CLEAR information may be shared without restriction. ---- ^^__Notes:__ # This document uses MUST and SHOULD as defined by [[RFC-2119|https://tools.ietf.org/html/rfc2119]]. # Comments or suggestions on this document can be sent to //tlp-sig @ first . org//. ^^
!TLP Version 1.0 en français
|Extrait de la Charte de l'InterCERT-FR, version 2.8 du 21/06/2018 ([[version PDF|https://www.cert.ssi.gouv.fr/uploads/Charte-InterCERT-FR-v2.8a.pdf]])
Document de référence faisant foi : [[la page TLP du FIRST|https://first.org/tlp/]]|c |!Code|!Couleur|!Détails| |[img(80px,auto)[iCSIRT/TLP-Red.png]]|color:#FF2B2B;bgcolor:#404040;Red
Rouge|''Ne pas divulguer, information restreinte uniquement aux récipiendaires''
Les émetteurs peuvent utiliser TLP:RED lorsque l'information ne doit pas être partagée à d'autres parties que les récipiendaires, et dont la divulgation ou le mauvais usage implique des risques pour la vie privée, la réputation ou les opérations si elle est partagée en dehors des récipiendaires.
Les récipiendaires ne peuvent pas partager les informations TLP:RED avec des parties en dehors de l'échange, de la réunion ou de la conversation spécifique dans laquelle elles ont été divulguées à l'origine.
Dans le cadre d'une réunion, par exemple, les informations TLP:RED sont limitées aux personnes présentes à la réunion.
Dans la plupart des cas, TLP:RED doit être échangé verbalement ou en personne.| |[img(80px,auto)[iCSIRT/TLP-Amber.png]]|color:#FFC000;bgcolor:#404040;Amber
Ambre|''Divulgation limitée, information limitée aux organisations et aux parties prenantes des participants sur la base du besoin d'en connaître''
Les émetteurs peuvent utiliser TLP:AMBER lorsque l'information requiert un partage pour son usage, mais dont la divulgation ou le mauvais usage implique des risques pour la vie privée, la réputation ou les opérations si elle est partagée en dehors des organisations impliquées.
Les récipiendaires ne peuvent partager les informations TLP:AMBER qu'avec les membres de leur propre organisation et les clients qui doivent connaître l'information pour se protéger ou prévenir de dommages.
Les émetteurs sont libres de spécifier des limites supplémentaires au partage : celles-ci doivent être respectées par les récipiendaires.| |[img(80px,auto)[iCSIRT/TLP-Green.png]]|color:#33FF00;bgcolor:#404040;Green
Vert|''Divulgation limitée, information restreinte à la communauté''
Les émetteurs peuvent utiliser TLP:GREEN lorsque l'information est utile pour la sensibilisation de toutes les organisations participantes ainsi que des pairs dans la communauté ou le secteur en général.
Les récipiendaires peuvent partager des informations TLP:GREEN avec des pairs et des organisations partenaires dans leur secteur ou leur communauté, mais pas via des canaux accessibles au public.
L'information dans cette catégorie peut circuler largement dans une communauté particulière.
Les informations TLP: GREEN ne peuvent pas être diffusées en dehors de la communauté.| |[img(80px,auto)[iCSIRT/TLP-White.png]]|color:#FFFFFF;bgcolor:#404040;White
Blanc|''La divulgation de l'information n'est pas limitée''
Les émetteurs peuvent utiliser TLP:WHITE lorsque les informations comportent un risque prévisible ou inexistant d'utilisation abusive, conformément aux règles et procédures applicables à la publication publique.
Sous réserve des règles de droit d'auteur standard, les informations TLP:WHITE peuvent être distribuées sans restriction.| /% |Document de référence faisant foi : [[la page TLP du FIRST|https://first.org/tlp/]]|c |!Code|!Couleur|!Synthèse|!Quand|!Comment| |[img(100px,auto)[iCSIRT/TLP-Red.png]]|Red
Rouge|''SECRET''
informations strictement réservées aux destinataires directs|Lorsque la fuite d'information est suceptible
• de causer un préjudice majeur à l'entreprise
• d'entrainer les sanctions les plus graves prévues (ex. RGPD)
• de nuire de manière irréversible à la réputation de l'entreprise|L'information doit bénéficier des plus fortes mesures en matière de sécurité
Le plus grand soin doit être apporté lors de son partage| |~|~|>|>|Extrait de la Charte de l'InterCERT-FR, version 2.8 du 21/06/2018 ([[version PDF|https://www.cert.ssi.gouv.fr/uploads/Charte-InterCERT-FR-v2.8a.pdf]])| |~|~|//Ne pas divulguer, information restreinte uniquement aux récipiendaires//|>|//Les émetteurs peuvent utiliser TLP:RED lorsque l'information ne doit pas être partagée à d'autres parties que les récipiendaires, et dont la divulgation ou le mauvais usage implique des risques pour la vie privée, la réputation ou les opérations si elle est partagée en dehors des récipiendaires. Les récipiendaires ne peuvent pas partager les informations TLP:RED avec des parties en dehors de l'échange, de la réunion ou de la conversation spécifique dans laquelle elles ont été divulguées à l'origine. Dans le cadre d'une réunion, par exemple, les informations TLP:RED sont limitées aux personnes présentes à la réunion. Dans la plupart des cas, TLP:RED doit être échangé verbalement ou en personne//| |[img(100px,auto)[iCSIRT/TLP-Amber.png]]|Amber
Ambre|''CONFIDENTIEL''
informations réservées aux destinataires ayant le besoin d'en connaître|Lorsque la fuite d'information est suceptible
• d'entrainer des risques non négligeables pour l'entreprise
• de nuire de manière certaine à l'image de l'entreprise|Le partage doit se faire selon des procédures bien établies impliquant un accès restreint aux seules personnes ayant le besoin d'en connaître (//Need to know//)
En cas d'échange avec des membres externes, il doit faire l'objet d'un accord préalable de l'émetteur ou d'une autorité (ex. hiérarchique)| |~|~|>|>|Extrait de la Charte de l'InterCERT-FR, version 2.8 du 21/06/2018 ([[version PDF|https://www.cert.ssi.gouv.fr/uploads/Charte-InterCERT-FR-v2.8a.pdf]])| |~|~|//Divulgation limitée, information limitée aux organisations et aux parties prenantes des participants sur la base du besoin d'en connaître//|>|//Les émetteurs peuvent utiliser TLP:AMBER lorsque l'information requiert un partage pour son usage, mais dont la divulgation ou le mauvais usage implique des risques pour la vie privée, la réputation ou les opérations si elle est partagée en dehors des organisations impliquées. Les récipiendaires ne peuvent partager les informations TLP:AMBER qu'avec les membres de leur propre organisation et les clients qui doivent connaître l'information pour se protéger ou prévenir de dommages. Les émetteurs sont libres de spécifier des limites supplémentaires au partage : celles-ci doivent être respectées par les récipiendaires.//| |[img(100px,auto)[iCSIRT/TLP-Green.png]]|Green
Vert|RESTREINT
informations diffusables en interne, mais pas sur Internet|Lorsqu'il est utile de diffuser une information à un cercle de confiance prédéterminé|Lorsque les mesures nécessaires de protection de l'information contre un accès public sont prises| |~|~|>|>|Extrait de la Charte de l'InterCERT-FR, version 2.8 du 21/06/2018 ([[version PDF|https://www.cert.ssi.gouv.fr/uploads/Charte-InterCERT-FR-v2.8a.pdf]])| |~|~|//Divulgation limitée, information restreinte à la communauté//|>|//Les émetteurs peuvent utiliser TLP:GREEN lorsque l'information est utile pour la sensibilisation de toutes les organisations participantes ainsi que des pairs dans la communauté ou le secteur en général. Les récipiendaires peuvent partager des informations TLP:GREEN avec des pairs et des organisations partenaires dans leur secteur ou leur communauté, mais pas via des canaux accessibles au public. L'information dans cette catégorie peut circuler largement dans une communauté particulière. Les informations TLP: GREEN ne peuvent pas être diffusées en dehors de la communauté//| |[img(100px,auto)[iCSIRT/TLP-White.png]]|White
Blanc|LIBRE
informations diffusables, y compris sur Internet, dans la limite d'autres obligations courantes|L'information peut être diffusée dans le domaine public sans faire courir de risques à l'entreprise, ou avec un niveau de risque acceptable|Il n'y a pas de contraintes spécifiques quant à la diffusion ou l'utilisation de l'information| |~|~|>|>|Extrait de la Charte de l'InterCERT-FR, version 2.8 du 21/06/2018 ([[version PDF|https://www.cert.ssi.gouv.fr/uploads/Charte-InterCERT-FR-v2.8a.pdf]])| |~|~|//La divulgation de l'information n'est pas limitée//|>|//Les émetteurs peuvent utiliser TLP:WHITE lorsque les informations comportent un risque prévisible ou inexistant d'utilisation abusive, conformément aux règles et procédures applicables à la publication publique. Sous réserve des règles de droit d'auteur standard, les informations TLP:WHITE peuvent être distribuées sans restriction//| %/
|ssTabl2|k
|>| Il y a des débats sans fins sur la différence entre un ''CSIRT'' et un ''CERT''. Ici, la question vite tranchée : ce sont des termes ''similaires''. |
|!CERT (une marque) |!CSIRT (le terme générique) |
|<<tiddler CERT-Definition>> |<<tiddler CSIRT-Definition>> |
|>| !CERT ou CSIRT ? Une analogie |
|>| Un ''réfrigérateur''+++^*[»] https://fr.wikipedia.org/wiki/Réfrigérateur === est un terme ''générique''... comme l'est le terme ''CSIRT'' 
Un ''Frigidaire''+++^*[»] https://fr.wikipedia.org/wiki/Frigidaire === est un mot du langage courant, mais avant tout une marque... comme l'est le terme ''CERT''
Un ''frigo'' est un mot du langage courant, mais avant tout le diminutif d'une marque... comme l'est le terme ''CERT'' ^^
Le nom //Frigidaire// aussi familièrement appelé //frigo//, est devenu par antonomase+++^*[»] https://fr.wikipedia.org/wiki/Antonomase ===, un synonyme de //réfrigérateur//, comme pour des produits dont le nom commercial devient le nom générique^^ | |>| !__''Réfrigérateur''__ ou ''//Frigo//'' ?

Pour nous le choix est clair : __''réfrigérateur''__ et pas --frigo--, donc ''CSIRT'' et pas --CERT-- ! | |>| Pour vous amuser, poser la question à ceux qui vous vantent les mérites de "//leur CERT reconnu et certifié par les autorités américaines//" (oui, il y en a encore...) :
"//votre CERT est-il aussi un CSIRT ?//" |
''CERT'' est le sigle de ''Computer Emergency Response Team'' et est __''une marque déposée''__ par l'Université de Carnegie Mellon (Pittsburgh, Pennsylvanie, Etats-Unis).
C'est là que le premier CERT a été créé, le CERT/CC, à l'initiative de la DARPA.
Jusqu'en 2021, il était nécessaire de faire une demande à son service juridique pour avoir le droit de l'utiliser dans le nom de son équipe de réponse à incidents.
* ''En aucun cas'' la délivrance du droit d'utiliser le sigle CERT n'était une qualification, une validation, ou une certification de l'équipe, ou une reconnaissance de son expertise ou de son sérieux. 
Même si certaines personnes ont pu dire le contraire, ce n'est pas vrai. * L'accord n'était validé que par le ''service juridique''. __Depuis avril 2021__, le terme CERT est libre de droit ''en dehors des Etats-Unis''. ---- ^^→ https://www.sei.cmu.edu/our-work/cybersecurity-center-development/authorized-users/ ^^
''CSIRT'' est le sigle de ''Computer Security Incident Response Team''
''Il a été créé par Don Stikvoort en 1998 pour être le __terme générique__ permettant de ne pas devoir utiliser la marque CERT''.
La première utilisation du terme CSIRT se trouve dans le document "''Handbook for Computer Security Incident Response Teams (CSIRTs)''" co-rédigé par Moira J. West-Brown, Don Stikvoort, et Klaus-Peter Kossakowski.
----
^^→ https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=e878d38d04dd1717aaf9dd1e596ca9857756ad30
→ https://apps.dtic.mil/sti/pdfs/ADA358945.pdf
→ https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=6305 (mise à jour de 2003)^^
|<<showtoc>> |
!SIM3 - Security Incident Management Maturity Model
[>img(300px,auto)[iCSIRT/OpenCSIRT_Foundation.png][http://opencsirt.org/]]''SIM3'' est un ''modèle de maturité'' des CSIRTs qui vise à évaluer sur des critères objectifs leur organisation qui a été défini par l'''[[OpenCSIRT Foundation|https://opencsirt.org/]]''.
__L'openCSIRT Foundation :__
* Est une association à but non lucratif, basée aux Pays-Bas.
* A défini le modèle ''SIM3'', le maintient, en fait la promotion, et travaille sur ses évolutions.
__Historique :__
* ''SIM3'' a commencé à être utilisé par la TF-CSIRT en Europe à la fin des années 2000, puis par la [[Nippon CSIRT Association|https://www.nca.gr.jp/en/]] (Japon).
* Au milieu des années 2010, l'ENISA (Europe), le [[GFCE|https://thegfce.org/initiatives/csirt-maturity-initiative/]] (Monde), l'interCERT France, le FIRST (Monde) et différentes initiatives visant au développements de CSIRTs ont choisi d'utiliser le ''modèle SIM3''.
* ''SIM3'' est un modèle gratuit et téléchargeable sous la forme d'un fichier PDF →https://opencsirt.org/csirt-maturity/sim3-and-references/
* ''SIM3'' est aussi disponible sous la forme d'un outil ''d'auto-évaluation en ligne'' → https://sim3-check.opencsirt.org/
** Cet outil très pratique permet de conserver l'évaluation en cours grace à un URL réutilisable.
* ''SIM3 version 2.0 a été publiée début mars 2023.'' Les évolutions entre la version 1.0 et la version 2.0 sont synthétisées +++[ici]>
|>|>| //1 nouveau paramètre (O-6) et 11 changements d'intitulés// |
|!Pamatètres |!Version 1.0 |!Version 2.0 |
| O-6 | Non défini | Public Media Policy |
| O-9 | Integration in Existing CSIRT Systems | Participation in CSIRT Systems |
|>|>|!|
| H-2 | Personnel Resilience | Staff Resilience |
| H-4 | Internal Training | Staff Development |
| H-5 | (External) Technical Training | Technical Training |
| H-6 | (External) Communication Training | Soft SKills Training |
|>|>|!|
| T-1 | IT Resources List | IT Assets and Configurations |
| T-3 | Consolidated E-mail System | Consolidated Messaging System(s) |
| T-5 | Resilient Phone | Resilient Voice Calls |
| T-6 | Resilient E-mail | Resilient Messaging |
|>|>|!|
| P-14 | Reporting Process | Governance Reporting Process |
| P-15 | Statistics Process | Constituency Reporting Process |
| P-17 | Peer-to-Peer Process | Peer Colloboration Process |
|>|>|!|
=== 
!Présentation SIM3
[>img(180px,auto)[iCSIRT/SIM3.jpg][https://opencsirt.org/csirt-maturity/sim3-and-references/]]Les principales caractéristiques de ''SIM3'' sont :
* 4 domaines
** ''Organization'', ''Human'', ''Tools'', ''Processes''.
* 45 paramètres répartis sur ces 4 domaines
** Organization : 11 -- Human : 7 -- Tools : 10 -- Processes : 17
* 5 niveaux de maturité pour chaque paramètre :
| !Niveau | !Prise en compte | !Rédigé | !Formalisé | !Validé | !Revu / Contrôlé |!Langage courant |
| 0 | NON | NON | NON | NON | NON |Non pris en compte |
| 1 | Implicite | NON | NON | NON | NON |Bouche à oreille, artisanal |
| 2 | Explicite | !OUI | NON | NON | NON |Écrit |
| 3 | Explicite | !OUI | !OUI | !OUI | NON |Validé |
| ''4'' | Explicite | !OUI | !OUI | !OUI | !OUI |Audité, démarche qualité |
!Profils de maturité SIM3
Des profils de maturité ont été ajoutés par différents acteurs avec des niveaux d'exigences plus ou moins élevés. Ils sont classés ci-dessous par niveaux croissants d'exigences.
/%
* FIRST : niveau d'exigence faible sur une sous-ensemble de paramètres (11 sur 45, moyenne attendue ~2,6)
** Lien vers le profil //FIRST Membership Baseline// → https://sim3-check.opencsirt.org/#/v1/66C1o93t6-4FDFFafpy-veBVsiiM
* ENISA / CSIRTs Network : //Basic// (simple, moyenne attendue ~1,6)
** Lien vers le profil //ENISA / CSIRTs Network Basic// → https://sim3-check.opencsirt.org/#/v1/66C4NYDuL-58lMY2eRN-yofpzrfJ
* ENISA / CSIRTs Network : //Intermediate// (médian, moyenne attendue ~2,4)
** Lien vers le profil //ENISA / CSIRTs Network Intermediate// → https://sim3-check.opencsirt.org/#/v1/6CaesRqXY-5DCmaSzGi-BxRFXmVh
* TF-CSIRT : //Certified// (élevé, moyenne attendue ~2,5)
** Lien vers le profil //TF-CSIRT Certified// → https://sim3-check.opencsirt.org/#/v1/66CfIK5dt-5DCybjsrr-By3GohN4
* ENISA / CSIRTs Network : //Advanced// (très élevé, moyenne attendue ~2,9)
** Lien vers le profil //ENISA / CSIRTs Network Advanced// → https://sim3-check.opencsirt.org/#/v1/6CaezDrzT-662RVY0Wh-By3GoIke 

|>|>|>|>|>|>| !SIM3 v2.0 |
|!Identifier|!Description|!FIRST
Membership
Baseline|!ENISA
Basic|!ENISA
Intermediate|!TF-CSIRT
Certification|!ENISA
Advanced| %/ Afin de faciliter les comparaisons entre les exigences pour ces différents profils un tableau est disponible ci-dessous : |>|| !FIRST |>| !ENISA / CSIRTs Network | !TF-CSIRT | !ENISA | |!Identifiant|!Description| !Membership
Baseline | !     Basic      | !Intermediate | !Certification | ! Advanced  | |>| Niveau d'exigence| faible | simple | médian | élevé |très élevé | |>| Nombre de paramètres| 11 | tous | tous | tous | tous | |>| //Moyenne//| //2,64// | //1,59// | //2,36// | //2,48// | //2,89// | |>| Visualisation (site OpenCSIRT Foundation)| [[graphique|https://sim3-check.opencsirt.org/#/v1/66C1o93t6-4FDFFafpy-veBVsiiM]] | [[graphique|https://sim3-check.opencsirt.org/#/v1/66C4NYDuL-58lMY2eRN-yofpzrfJ]] | [[graphique|https://sim3-check.opencsirt.org/#/v1/6CaesRqXY-5DCmaSzGi-BxRFXmVh]] | [[graphique|https://sim3-check.opencsirt.org/#/v1/66CfIK5dt-5DCybjsrr-By3GohN4]] | [[graphique|https://sim3-check.opencsirt.org/#/v1/6CaezDrzT-662RVY0Wh-By3GoIke]] | |>|>|>|>|>|>|!Organisation| |O-1|Mandate| 3 | 3 | ''4'' | 3 | ''4'' | |O-2|Constituency| 3 | 3 | ''4'' | 3 | ''4'' | |O-3|Authority| 3 | 3 | ''4'' | 3 | ''4'' | |O-4|Responsibility| 3 | 3 | ''4'' | 3 | ''4'' | |O-5|Service Description| 3 | 3 | ''4'' | ''4'' | ''4'' | |O-6|Public Media Policy| s.o. | s.o. | s.o. | s.o. | s.o. | |O-7|Service Level Description| s.o. | 3 | 3 | 3 | 3 | |O-8|Incident Classification| s.o. | 1 | 2 | 1 | 3 | |O-9|Participation in CSIRT Systems| s.o. | 3 | ''4'' | 3 | ''4'' | |O-10|Organisational Framework| 3 | 3 | 3 | 3 | 3 | |O-11|Security Policy| s.o. | 1 | 2 | 2 | 3 | |>|//Total//| //18// | //26// | //34// | //28// | //36// | |>|>|>|>|>|>|!Human| |H-1|Code of Conduct/Practice/Ethics| 2 | 2 | 3 | 3 | 3 | |H-2|Staff Resilience| 2 | 2 | 3 | 3 | 3 | |H-3|Skillset Description| s.o. | 1 | 2 | 2 | 3 | |H-4|Staff Development| s.o. | 1 | 2 | 2 | 3 | |H-5|Technical Training| s.o. | 1 | 2 | 3 | 3 | |H-6|Soft SKills Training| s.o. | 1 | 2 | 2 | 3 | |H-7|External Networking| 2 | 2 | 3 | 3 | 3 | |>| //Total//| //6// | //10// | //17// | //18// | //21// | |>|>|>|>|>|>|!Tools| |T-1|IT Assets and Configurations| s.o. | 1 | 1 | 1 | 1 | |T-2|Information Sources List| s.o. | 1 | 2 | 2 | 3 | |T-3|Consolidated Messaging System(s)| s.o. | 1 | 2 | 3 | 3 | |T-4|Incident Tracking System| s.o. | 1 | 2 | 3 | 3 | |T-5|Resilient Voice Calls| s.o. | 1 | 2 | 2 | 3 | |T-6|Resilient Messaging| s.o. | 1 | 2 | 2 | 3 | |T-7|Resilient Internet Access| s.o. | 1 | 2 | 2 | 3 | |T-8|Incident Prevention Toolset| s.o. | 1 | 1 | 1 | 1 | |T-9|Incident Detection Toolset| s.o. | 1 | 1 | 1 | 1 | |T-10|Incident Resolution Toolset| s.o. | 1 | 1 | 2 | 2 | |>| //Total//| //0// | //10// | //16// | //19// | //23// | |>|>|>|>|>|>|!Processes| |P-1|Escalation to Governance Level| 3 | 3 | 3 | 3 | 3 | |P-2|Escalation to Press Function| s.o. | 1 | 2 | 3 | 3 | |P-3|Escalation to Legal Function| s.o. | 1 | 2 | 3 | 3 | |P-4|Incident Prevention Process| s.o. | 1 | 2 | 2 | 2 | |P-5|Incident Detection Process| s.o. | 1 | 2 | 2 | 2 | |P-6|Incident Resolution Process| s.o. | 1 | 2 | 2 | 2 | |P-7|Specific Incident Processes| s.o. | 1 | 2 | 3 | 3 | |P-8|Audit/Feedback Process| s.o. | 2 | 3 | ''4'' | ''4'' | |P-9|Emergency Reachability Process| s.o. | 2 | 3 | 3 | 3 | |P-10|Best Practice Internet Presence| s.o. | 2 | 2 | 2 | 2 | |P-11|Secure Information Handling Process| 2 | 2 | 3 | 3 | 3 | |P-12|Information Sources Process| s.o. | 1 | 2 | 2 | 3 | |P-13|Outreach Process| s.o. | 1 | 2 | 3 | 3 | |P-14|Governance Reporting Process| s.o. | 2 | 3 | 2 | ''4'' | |P-15|Constituency Reporting Process| s.o. | 1 | 2 | 3 | 3 | |P-16|Meeting Process| s.o. | 1 | 1 | 2 | 2 | |P-17|Peer Colloboration Process| s.o. | 1 | 1 | 2 | 2 | |>| //Total global//| //5// | //24// | //37// | //44// | //47// | |>|>|>|>|>|>|!| |>| !//Total//| //29// | //70// | //104// | //109// | //127// | |>| !//Moyenne//| //2,64// | //1,59// | //2,36// | //2,48// | //2,89// | |>|>|>|>|>|>|!| !Acteurs SIM3 Outre les membres de l'OpenCSIRT Foundation, ''SIM3'' s'appuie sur 2 types d'acteurs : # Les ''auditeurs'' (//SIM3 Certified Auditors//) qui le deviennent après une formation de 3 jours et un examen. ** Ils doivent respecter une charte, effectuer au moins un audit SIM3 par an, fournir un retour d'expérience, et participer à l'évolution de SIM3. ** La liste des auditeurs est disponible sur le site de l'OpenCSIRT Foundation → https://opencsirt.org/csirt-maturity/auditors/ ** En moyenne 2 formations certifiantes sont organisées par an en anglais, une en français et une en japonais. Elles durent 3 jours. # Les ''formateurs'' (//SIM3 Certified Trainers//) qui sont des auditeurs qui suivent un cursus dédié ** Il y a actuellement 6 formateurs certifiés : 4 en Europe (Allemagne, France, Pays-Bas, Pologne) et 2 au Japon. !SIM3 et l'ENISA * L'ENISA a retenu ''SIM3'' comme modèle de maturité pour le ''CSIRTs Network'' dès sa création et a défini 3 profils pour les CSIRTs nationaux et gouvernementaux. * L'ENISA a lancé un projet pour étendre ''SIM3'' aux aspects de gestion de crise. L'OpenCSIRT Foundation et plusieurs auditeurs ''SIM3'' ont participé à la constitution de ce document qui devrait être publié vers le milieu de l'année 2023. !SIM3 en français * [>img(100px,auto)[iCSIRT/NolimitSecu.png]] La traduction de SIM3 en français est en cours de réalisation et devrait être disponible durant l'été 2023. * //NoLimitSecu//, podcast en français, traite de ''SIM3'' dans son numéro 401 → https://www.nolimitsecu.fr/sim3/ !Liens SIM3 * Le référentiel SIM3 (''OpenCSIRT Foundation'') : https://opencsirt.org/csirt-maturity/sim3-and-references/ * L'outil d'auto-évaluation SIM3 (''OpenCSIRT Foundation'') : https://sim3-check.opencsirt.org/ * L'outil d'auto-évaluation SIM3 v1 (ENISA) : https://www.enisa.europa.eu/topics/incident-response/csirt-capabilities/csirt-maturity/csirt-survey * L'outil d'auto-évaluation SIM3 v2 (ENISA) : https://www.enisa.europa.eu/topics/incident-response/csirt-capabilities/csirt-maturity/sim3-v2i * Présentation 'ENISA Maturity Evaluation Methodology for CSIRTs' v2 (ENISA) : https://www.enisa.europa.eu/publications/study-on-csirt-maturity-evaluation-process * Document 'ENISA Maturity Evaluation Methodology for CSIRTs' v2 (ENISA) : https://www.enisa.europa.eu/publications/study-on-csirt-maturity-evaluation-process/@@download/fullReport * Présentation 'Maturity Reference for CSIRTs – Executive Summary' v1 (ENISA) : https://www.enisa.europa.eu/publications/maturity-reference-for-csirts-2013-executive-summary * Document 'Maturity Reference for CSIRTs – Executive Summary' v1 (ENISA) : https://www.enisa.europa.eu/publications/maturity-reference-for-csirts-2013-executive-summary/@@download/fullReport [img(99%,1px)[i/BluePixel.gif]]
|ssTabl2|k
|!Prochaines Formations CSIRT : TRANSITS et SIM3 |!Agenda des événements de la Communauté CSIRT|
|<<tiddler [[Prochaines Formations]]>> |<<tiddler [[Agenda]]>>|
/%
|<<tiddler [[VeilleQ]]>>|~|
|!Veille Quotidienne ^^(Mise à jour au @@color:#00F;'')''@@^^|
|Le formateur pour toutes les formations TRANSITS-I en français est [[Olivier CALEFF|T1FR-Formateur T1FR]]|~|
%/
!!Avril 2023
|''11 au 14 avril 2023'' : ''BotConf'' à Strasbourg 
+++*[détails »] [img(80%,auto)[i/Botconf-202304.png]]
ߦ Lien : https://www.botconf.eu/
ߦ Agenda : https://botconf2023.sched.com/
ߦ 11 avril 2023 après-midi : Workshops
ߦ 12 au 14 avril 2023 : Conférence === || |''18 au 20 avril 2023'' : ''FIRST'' Technical Colloquia, à Amsterdam, Pays-Bas
+++*[détails »]
[img(80%,auto)[i/FIRST-TC-AMS-202304.jpg]]
ߦ ߦ Lien : https://www.first.org/events/colloquia/amsterdam2023/
ߦ 18 avril 2023 : Formations
ߦ 19 et 20 avril 2023 : Technical Colloquia === |[img(50px,auto)[iCSIRT/FIRST_ico.png]]| !!Mai 2023 |''16 au 18 mai 2023'' : ''FIRST/DCAF Technical Colloquim / Balkan Cybersecurity Days 2023'' à Ohrid, Macédoine du Nord
+++*[détails »]
[img(80%,auto)[i/FIRST-BalkanSecDays-202305.jpg]]
ߦ https://www.first.org/events/colloquia/ohrid2023/
• https://www.dcaf.ch/balkan-cybersecurity-days-2023 === |[img(50px,auto)[iCSIRT/FIRST_ico.png]]| |''24 et 25 mai 2023'' : 69^^ème^^ réunion ''TF-CSIRT/TI'' à Bucarest, Roumanie
+++*[détails »] Lien : https://tf-csirt.org/tf-csirt/meetings/69th/ === |[img(50px,auto)[iCSIRT/Trusted_Introducer.jpg][https://www.trusted-introducer.org/]]| !!Juin 2023 |![[3 au 9 juin 2023 : 35ème conférence annuelle du FIRST, à Montréal, Canada|https://www.first.org/conference/2023/]] |[img(50px,auto)[iCSIRT/FIRST_ico.png]]| |+++*[» détails «]> [img(80%,auto)[i/FIRST-Annual-YUL-202306.png]]
__''Portail''__ :
ߦ https://www.first.org/conference/2023/
__''Programme''__ :
ߦ Publication prochaine : https://www.first.org/conference/2023/program
ߦ 3 juin 2023 : Formations
ߦ 4 (matin) au 9 juin : Conférence
__''Inscriptions''__
ߦ Ouvertes : https://www.first.org/conference/2023/registration === |~| |''15 juin 2023'' : Journée de l'''InterCERT France'' à Puteaux (sur invitation) |[img(50px,auto)[iCSIRT/InterCERT_France.png]]| !!Septembre 2023 |''26 et 27 septembre 2022'' : 67^^ème^^ réunion ''TF-CSIRT/TI'' à Stockholm, Suède |[img(50px,auto)[iCSIRT/Trusted_Introducer.jpg][https://www.trusted-introducer.org/]]| !!Novembre 2023 |''6 au 8 novembre 2023'' : ''FIRST'' Cyber Threat Intelligence Symposium, à Berlin, Allemagne |[img(50px,auto)[iCSIRT/FIRST_ico.png]]| !!Décembre 2023 |''14 décembre 2023'' : Journée de l'''InterCERT France'' à Puteaux (sur invitation) |[img(50px,auto)[iCSIRT/InterCERT_France.png]]| !!Juin 2024 |''9 au 14 juin 2024'' : 36^^ème^^ conférence annuelle du ''FIRST'' à Fukuoka, Japon |[img(50px,auto)[iCSIRT/FIRST_ico.png]]| /% !!Février 2023 ߦ ''28 février au 3 mars 2023'' : Symposium ''AfricaCERT et FIRST'' à Kigali, Rwanda
+++*[détails »]> Lien : https://www.first.org/events/symposium/africa-arab-regions2023/ ߦ 28 février 2023 : Formations ߦ 1^^er^^ mars 2023 : Formations ߦ 2 mars 2023 : Symposium ߦ 3 mars 2023 : Réunion AfricaCERT (sur invitation uniquement) === %/
!!Mars 2023
|''6 au 8 Mars 2023'' : Formation ''Auditeur SIM3'' en anglais à Cracovie, Pologne 
+++*[détails »]> https://opencsirt.org/csirt-maturity/sim3-certified-auditor-training/ === |[img(50px,auto)[iCSIRT/SIM3.jpg]]| |''--21 au 23 mars 2023--'' : 5^^ème^^ Formation TRANSITS-I en français
''REPORTÉE du 3 au 5 octobre 2023'' |[img(50px,auto)[iCSIRT/TRANSITS.jpg]]| !!Avril 2023 |''18 au 20 avril 2023'' : Formation ''TRANSITS-I'' en anglais à Haarlem, Pays-Bas
+++*[détails »]> https://tf-csirt.org/transits/transits-events/transits-i/ === |[img(50px,auto)[iCSIRT/TRANSITS.jpg]]| |![[21 avril 2023 : Formation SIM3-1 en français à Puteaux|S3FRN4]] → [[»détails«|S3FRN4]] |[img(50px,auto)[iCSIRT/SIM3.jpg]]| !!Octobre 2023 |''3 au 5 octobre 2023'' : 5^^ème^^ Formation TRANSITS-I en français à Paris |[img(50px,auto)[iCSIRT/TRANSITS.jpg]]| |''31 octobre au 2 novembre 2023'' : Formation ''TRANSITS-I'' en anglais à Prague, République Techèque |[img(50px,auto)[iCSIRT/TRANSITS.jpg]]|
* //15 au 17 novembre// : Formation //TRANSITS-I en anglais// à Prague (complet)
* //3 au 7 octobre 2022// : 4^^ème^^ Formation //TRANSITS-I en français//
* //18 au 22 octobre 2021// : 3^^ème^^ Formation //TRANSITS-I en français//
* //18 au 22 avril 2021// : 2^^ème^^ Formation //TRANSITS-I en français//
* //21 au 30 avril 2020// : 1^^ère^^ Formation //TRANSITS-I en français//
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
<<tiddler [[Prochaines Formations]]>>
!XXX [>img[iCSIRT/Niv4-Superieur.gif]] [>img[iCSIRT/Niv5-Extreme.gif]]
!!Synthèse
!!Cibles vulnérables
!!Correctifs
!!Impact
!!Exploitation
!!CVE
!!Contournement et résolution
!!Chronologie succincte
!!Facteurs aggravants
!!Liens
[img(99%,1px)[i/BluePixel.gif]]<<tiddler .ReplaceTiddlerTitle with: [[2021.03.20 - ALERTE : XXX]]>>
!Sources primaires : chercheurs en cybersécurité / Primary sources : cybersecurity researchers 
|>|>|>|bgcolor:#F5DF4D;Ce fond indique des mises à jour ''pertinentes'' du tableau depuis la semaine dernière |
|!Dates|!Sources|!Titres et Liens|
|!|>|>||
|2021.04...|//Talos//|[[https://blog.talosintelligence.com/2021/04/nsa-svr-coverage.html]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.04.06|//Checkpoint//|[[...|https://blog.checkpoint.com/2021/04/05/supply-chain-attacks-what-we-know-about-the-solarwinds-sunburst-exploit-and-why-it-still-matters/]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.03.23|//Proofpoint//|[[...|https://www.proofpoint.com/us/blog/cloud-security/oauth-abuse-think-solarwindssolorigate-campaign-focus-cloud-applications]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.03.19|//F-Secure//|[[...|https://blog.f-secure.com/microsoft-exchange-proxylogon/]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.02.26|//Microsoft//|[[Microsoft Open Sources CodeQL Queries Used To Hunt For Solorigate Activity|https://www.microsoft.com/security/blog/2021/02/25/microsoft-open-sources-codeql-queries-used-to-hunt-for-solorigate-activity/]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.02.22|//FireEye//|![[Light in the Dark: Hunting for SUNBURST|http://www.fireeye.com/blog/products-and-services/2021/02/light-in-the-dark-hunting-for-sunburst.html]] |
|!|>|>||
|bgcolor:#F5DF4D;2021.02.18|//Microsoft//|![[Microsoft Internal Solorigate Investigation – Final Update|https://msrc-blog.microsoft.com/2021/02/18/microsoft-internal-solorigate-investigation-final-update/]] |
|bgcolor:#F5DF4D;2021.02.18|//Microsoft//|![[Turning the page on Solorigate and opening the next chapter for the security community|https://www.microsoft.com/security/blog/?p=92881]] |
|!|>|>||
|bgcolor:#F5DF4D;2021.02.17|NetreseC|![[Targeting Process for the SolarWinds Backdoor|https://www.netresec.com/?page=Blog&month=2021-02&post=Targeting-Process-for-the-SolarWinds-Backdoor]] |
|!|>|>||
|bgcolor:#F5DF4D;2021.02.05|Bernard Ourghanlian|![[l'affaire Solarwinds et quelques réflexions sur la sécurité de la chaine d'approvisionnement du logiciel|https://www.linkedin.com/pulse/laffaire-solarwinds-et-quelques-r%C3%A9flexions-sur-la-de-du-ourghanlian/]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.02.05|SANS|![[SolarWinds - A SANS Lightning Summit Recap|https://www.sans.org/blog/solarwinds-sans-lightning-summit-recap]] |
|!|>|>||
|bgcolor:#F5DF4D;2021.02.04|//Duo Security//|[[SolarWinds Patches Two New Flaws in Orion|https://duo.com/decipher/solarwinds-patches-two-new-flaws-in-orion]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.02.03|Reuters|![[Exclusive: Suspected Chinese hackers used SolarWinds bug to spy on U.S. payroll agency – sources|https://www.reuters.com/article/us-cyber-solarwinds-china-idUSKBN2A22K8]] |
|bgcolor:#F5DF4D;2021.02.03|//Trustwave//|[[Full System Control with New SolarWinds Orion-based and Serv-U FTP Vulnerabilities|https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/full-system-control-with-new-solarwinds-orion-based-and-serv-u-ftp-vulnerabilities/]]|
|bgcolor:#F5DF4D;2021.02.03|//Checkpoint Software//|[[SolarWinds Explained|https://research.checkpoint.com/2021/solarwinds-explained/]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.02.02|Wall Street Journal|[[Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO Says|https://www.wsj.com/articles/hackers-lurked-in-solarwinds-email-system-for-at-least-9-months-ceo-says-11612317963]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.02.01|//Qualys//|[[Unpacking the CVEs in the FireEye Breach – Start Here First|https://blog.qualys.com/vulnerabilities-research/2021/02/01/unpacking-the-fireeye-breach-start-here-first]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.01.29|//SolarWinds//|![[SolarWinds Security Advisory|https://www.solarwinds.com/securityadvisory]] (màj)|
|bgcolor:#F5DF4D;2021.01.29|//Mnemonic//|[[Threat Advisory: SolarWinds Supply Chain Compromise|https://www.mnemonic.no/blog/threat-advisory-solarwinds/]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.01.28|//Checkpoint Software//|![[Deep into the SunBurst Attack|https://research.checkpoint.com/2021/deep-into-the-sunburst-attack/]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.01.27|CISA|![[Malware Analysis Report (AR21-027A) MAR-10319053-1.v1 - Supernova|https://us-cert.gov/ncas/analysis-reports/ar21-027a]], [[IOCs (MAR-10319053-1.v1.stix)|https://us-cert.cisa.gov/sites/default/files/publications/MAR-10319053-1.v1.WHITE_stix.xm]]|
|bgcolor:#F5DF4D;2021.01.27|MITRE ATT&CK|![[Identifying UNC2452-Related Techniques for ATT&CK|https://medium.com/mitre-attack/identifying-unc2452-related-techniques-9f7b6c7f3714]] (màj) |
|bgcolor:#F5DF4D;2021.01.27|//Domain Tools//|[[73. SUNBURST on the Scene|https://www.domaintools.com/resources/podcasts/73-sunburst-on-the-scene]] ([[podcast|https://soundcloud.com/breakingbadness/73-sunburst-on-the-scene]])|
|bgcolor:#F5DF4D;2021.01.27|//SentinelOne//|[[Inside the Mind of the SUNBURST Adversary|https://www.sentinelone.com/blog/inside-the-mind-of-the-sunburst-adversary/]] (podcast)|
|bgcolor:#F5DF4D;2021.01.27|//Checkpoint Software//|[[Are your Endpoints Affected by the SolarWinds Sunburst Attack?|https://blog.checkpoint.com/2021/01/27/are-your-endpoints-affected-by-the-solarwinds-sunburst-attack/]]|
|!|>|>||
|bgcolor:#F5DF4D;2021.01.26|Institute for Critical Infrastructure Technology|[[Lessons Learned from NASA: Operating in a Compromised Environment – Trusted Recovery from the SolarWinds Breach|https://icitech.org/operating-in-a-compromised-environment-solarwinds/]] ([[Rapport|https://secureservercdn.net/166.62.108.22/5kb.d9b.myftpupload.com/wp-content/uploads/2021/01/Operating-in-a-CompEnviron_SolarWinds_Case-Study_Jerry_Davis.pdf]])|
|!|>|>||
|bgcolor:#F5DF4D;2021.01.25|MITRE|![[UNC2452|https://attack.mitre.org/groups/G0118/]] (màj)|
|bgcolor:#F5DF4D;2021.01.25|//NetreseC//|![[Twenty-three SUNBURST Targets Identified|https://www.netresec.com/?page=Blog&month=2021-01&post=Twenty-three-SUNBURST-Targets-Identified]] |
|!|>|>||
|bgcolor:#F5DF4D;2021.01.22|//DomainTools//|[[Change in Perspective on the Utility of SUNBURST-related Network Indicators|https://www.domaintools.com/resources/blog/change-in-perspective-on-the-utility-of-sunburst-related-network-indicators]]|
|bgcolor:#F5DF4D;2021.01.22|SANS|[[Solar Winds of Change|http://www.sans.org/cyber-security-summit/archives/download/34615]] (après incription)|
|bgcolor:#F5DF4D;2021.01.22|SANS|[[SUNBURST: DGA or DNS Tunneling|http://www.sans.org/cyber-security-summit/archives/download/34740]] (après incription)|
|bgcolor:#F5DF4D;2021.01.22|SANS|[[Post Mortem: The First 72 Hours of SUNBURST Threat Intelligence Research|http://www.sans.org/cyber-security-summit/archives/download/34695]] (après incription)|
|bgcolor:#F5DF4D;2021.01.22|//Symantec//|![[SolarWinds: How Sunburst Sends Data Back to the Attackers|https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/solarwinds-sunburst-sending-data]]|
|bgcolor:#F5DF4D;2021.01.22|//SOC Prime//|[[New Raindrop Malware Connected to SolarWinds Breach|https://socprime.com/blog/new-raindrop-malware-connected-to-solarwinds-breach/]]|
|!|>|>||
|2021.01.21|//Zero Day Initiative//|[[Three Bugs in Orion's Belt: Chaining Multiple bugs for Unauthenticated RCE in the SolarWinds Orion Platform|https://www.thezdi.com/blog/2021/1/20/three-bugs-in-orions-belt-chaining-multiple-bugs-for-unauthenticated-rce-in-the-solarwinds-orion-platform]]|
|2021.01.21|//LogRythm//|[[Windows Certificate Export Detections Inspired By The Solarwinds Compromise By Fireeyes Identifier Unc2452|https://logrhythm.com/windows-certificate-export-detections-inspired-by-the-solarwinds-compromise-by-fireeyes-identifier-unc2452/]]|
|!|>|>||
|2021.01.20|//Microsoft//|[[Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop|https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/]]|
|2021.01.20|//Crowdstrike//|[[Stellar Performances: How CrowdStrike Machine Learning Handles the SUNSPOT Malware|https://www.crowdstrike.com/blog/stellar-performances-how-crowdstrike-machine-learning-handles-the-sunspot-malware/]]|
|!|>|>||
|2021.01.19|//FireEye//|![[Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452|https://www.fireeye.com/blog/threat-research/2021/01/remediation-and-hardening-strategies-for-microsoft-365-to-defend-against-unc2452.html]]|
|2021.01.19|//FireEye//| → Whitepaper [[Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452|https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/wp-m-unc2452-2021-000343-01.pdf]]|
|2021.01.19|//Malwarebytes//|[[Malwarebytes targeted by Nation State Actor implicated in SolarWinds breach. Evidence suggests abuse of privileged access to Microsoft Office 365 and Azure environments|https://blog.malwarebytes.com/malwarebytes-news/2021/01/malwarebytes-targeted-by-nation-state-actor-implicated-in-solarwinds-breach-evidence-suggests-abuse-of-privileged-access-to-microsoft-office-365-and-azure-environments/]]|
|2021.01.19|//Duo Security//|[[New Raindrop Tool Tied to SolarWinds Attackers|https://duo.com/decipher/new-raindrop-tool-tied-to-solarwinds-attackers]]|
|!|>|>||
|2021.01.18|//Symantec//|![[Raindrop: New Malware Discovered in SolarWinds Investigation|https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/solarwinds-raindrop-malware]]|
|!|>|>||
|2021.01.15|//Symantec//|![[SolarWinds: Insights into Attacker Command and Control Process|https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/solarwinds-sunburst-command-control]]|
|!|>|>||
|2021.01.14|//Domain Tools//|![[The Devil's in the Details: SUNBURST Attribution|https://www.domaintools.com/resources/blog/the-devils-in-the-details-sunburst-attribution]] |
|2021.01.14|//Trusted Sec//|[[RisingSun: Decoding SUNBURST C2 to Identify Infected Hosts Without Network Telemetry|https://www.trustedsec.com/blog/risingsun-decoding-sunburst-c2-to-identify-infected-hosts-without-network-telemetry/]]|
|2021.01.14|//Microsoft//|[[Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender|https://www.microsoft.com/security/blog/2021/01/14/increasing-resilience-against-solorigate-and-other-sophisticated-attacks-with-microsoft-defender/]]|
|!|>|>||
|2021.01.13|//Logrhythm//|[[Sunspot Malware Scoured Servers for SolarWinds Builds That it Could Weaponize|https://logrhythm.com/in-the-news/sunspot-malware-scoured-servers-for-solarwinds-builds-that-it-could-weaponize/]]|
|!|>|>||
|2021.01.13|//Domain Tools//|Podcast [[71. Throwing Caution to the SolarWinds|https://www.domaintools.com/resources/podcasts/71-throwing-caution-to-the-solarwinds]]|
|2021.01.13|//Domain Tools//|[[SolarWinds: Between The Clouds|https://blog.radware.com/security/cloudsecurity/2021/01/solarwinds-between-the-clouds/]]|
|!|>|>||
|2021.01.12|Brian Krebs|[[SolarWinds: What Hit Us Could Hit Others|https://krebsonsecurity.com/2021/01/solarwinds-what-hit-us-could-hit-others/]]|
|2021.01.12|//Cisco//|[[Cisco Event Response: SolarWinds Orion Platform Software Attack|https://tools.cisco.com/security/center/resources/solarwinds_orion_event_response]]|
|2021.01.12|//Rapid7//|[[Update on SolarWinds Supply-Chain Attack: SUNSPOT and New Malware Family Associations|https://blog.rapid7.com/2021/01/12/update-on-solarwinds-supply-chain-attack-sunspot-and-new-malware-family-associations/]]|
|!|>|>||
|2021.01.11|//SolarWinds//|![[New Findings From Our Investigation of SUNBURST|https://orangematter.solarwinds.com/2021/01/11/new-findings-from-our-investigation-of-sunburst/]] |
|2021.01.11|//Kaspersky//|![[Sunburst backdoor – code overlaps with Kazuar|https://securelist.com/sunburst-backdoor-kazuar/99981/]] |
|2021.01.11|//Threatpost//|[[SolarWinds Hack Potentially Linked to Turla APT|https://threatpost.com/solarwinds-hack-linked-turla-apt/162918/]]|
|2021.01.11|//CrowdStrike//|![[SUNSPOT: An Implant in the Build Process|https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/]] |
|2021.01.11|//Recorded Future//|[[SolarWinds: The CSO Perspective|https://www.recordedfuture.com/solarwinds-cso-perspective/]]|
|2021.01.11|//Recorded Future//|[[SolarWinds Orion Breach – What It Means for the Industry Writ Large|https://www.recordedfuture.com/podcast-episode-191/]] (podcast)|
|2021.01.11|//NetreseC//|![[Robust Indicators of Compromise for SUNBURST|https://www.netresec.com/?page=Blog&month=2021-01&post=Robust-Indicators-of-Compromise-for-SUNBURST]] |
|!|>|>||
|2021.01.08|//Splunk//|[[A Golden SAML Journey: SolarWinds Continued|https://www.splunk.com/en_us/blog/security/a-golden-saml-journey-solarwinds-continued.html]]|
|!|>|>||
|2021.01.07|Solarwinds|[[FAQ: Security Advisory|https://www.solarwinds.com/securityadvisory/faq]]|
|2021.01.07|//DarkTrace//|[[Dissecting the SolarWinds hack without the use of signatures|https://www.darktrace.com/en/blog/dissecting-the-solar-winds-hack-without-the-use-of-signatures/]]|
|2021.01.07|//SentinelOne//|[[SentinelOne Releases Free SUNBURST Attack Identification Assessment Tool|https://www.businesswire.com/news/home/20210105005647/en/SentinelOne-Releases-Free-SUNBURST-Attack-Identification-Assessment-Tool]]|
|2021.01.07|//SentinelOne//| → [[SolarWinds Countermeasures|https://github.com/SentineLabs/SolarWinds_Countermeasures]]|
|2021.01.07|//Symantec//|![[SolarWinds: How a Rare DGA Helped Attacker Communications Fly Under the Radar|https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/solarwinds-unique-dga]]|
|!|>|>||
|2021.01.04|//Qualys//|[[Technical Deep Dive Into SolarWinds Breach|https://blog.qualys.com/vulnerabilities-research/2021/01/04/technical-deep-dive-into-solarwinds-breach]]|
|2020.01.04|//Duo Security//|[[SolarWinds Attackers Accessed, But Did Not Modify, Microsoft Source Code|https://duo.com/decipher/solarwinds-attackers-accessed-but-did-not-modify-microsoft-source-code]]|
|!|>|>||
|2021.01.25|^^MITRE^^|!^^[[UNC2452|https://attack.mitre.org/groups/G0118/]]^^|
|2021.01.05|//Picus Security//|![[Six Stages of Dealing with a Global Security Incident|https://www.picussecurity.com/resource/blog/six-stages-of-dealing-with-a-global-security-incident]]|
|2021.01.05|//SecureWorks//|[[Update on SolarWinds Threat: Identity is the New Perimeter|https://www.secureworks.com/blog/update-on-solarwinds-threat-identity-is-the-new-perimeter]]|
|!|>|>||
|2021.01.04|//NetreseC//|[[Finding Targeted SUNBURST Victims with pDNS|https://www.netresec.com/?page=Blog&month=2021-01&post=Finding-Targeted-SUNBURST-Victims-with-pDNS]]|
|2021.01.04|//Duo Security//|[[CISA Identifies Multiple Vectors Used by SolarWinds Attackers|https://duo.com/decipher/cisa-identifies-multiple-vectors-used-by-solarwinds-attackers]]|
|2021.01.04|//SOC Prime//|[[Golden SAML Attack: Another Method Used by APT Group Behind SolarWinds Hack|https://socprime.com/blog/golden-saml-attack-method-used-by-apt-group-behind-solarwinds-hack/]]|
|!|>|>||
|2021.01.03|//Shift Left//|[[#Solorigate : SUPERNOVA forensics using Code Property Graph|https://blog.shiftleft.io/solorigate-supernova-forensics-using-code-property-graph-b92b56e48bb0]]|
|!|>|>||
|2020.12.31|MITRE ATT&CK|![[Identifying UNC2452-Related Techniques for ATT&CK|https://medium.com/mitre-attack/identifying-unc2452-related-techniques-9f7b6c7f3714]]|
|2020.12.31|//Microsoft//|![[Solorigate Resource Center|https://aka.ms/solorigate]] |
|2020.12.31|//Microsoft//|![[Solorigate Identity Indicators of Compromise|https://aka.ms/solorigateidentityiocs]] |
|2020.12.31|//Microsoft//|[[Microsoft Internal Solorigate Investigation Update|https://msrc-blog.microsoft.com/2020/12/31/microsoft-internal-solorigate-investigation-update/]]|
|2020.12.31|//Microsoft//|![[Azure AD workbook to help you assess Solorigate risk|https://techcommunity.microsoft.com/t5/azure-active-directory-identity/azure-ad-workbook-to-help-you-assess-solorigate-risk/ba-p/2010718]] |
|2020.12.31|//SolarWinds//|[[SolarWinds Security Advisory|https://www.solarwinds.com/securityadvisory]] (mise à jour)|
|2020.12.31|//BlackHills//|[[Podcast: Discussing Implications of the SolarWinds Breach(es)|https://content.blubrry.com/bhis/Implications_of_the_SolarWinds_Breach.mp3]]|
|2020.12.31|//BlackHills//|[[Webcast: Discussing Implications of the SolarWinds Breach(es)|https://www.blackhillsinfosec.com/webcast-discussing-implications-of-the-solarwinds-breaches/]] ([[YouTube|https://youtu.be/WtqDpH-g4rA]])|
|!|>|>||
|2020.12.30|//Recorded Future//|[[SolarWinds Attribution: Are We Getting Ahead of Ourselves?|https://www.recordedfuture.com/solarwinds-attribution/]]|
|2020.12.30|//Recorded Future//| → [[Are We Getting Ahead of Ourselves? An Analysis of UNC2452 Attribution|https://go.recordedfuture.com/hubfs/reports/pov-2020-1230.pdf]] (pdf)|
|!|>|>||
|2020.12.29|//SolarWinds//|[[Our Commitment to Cooperation|https://orangematter.solarwinds.com/2020/12/29/our-commitment-to-cooperation/]]|
|2020.12.29|//Zero Networks//|[[Examining the SolarWinds Supply Chain Attack - Executive Summary|https://zeronetworks.com/blog/examining_solarwinds_supply_chain_attack_summary/]]|
|2020.12.29|//Zero Networks//|![[Examining the SolarWinds Supply Chain Attack - Deep Dive|https://zeronetworks.com/blog/examining_solarwinds_supply_chain_attack/]]|
|2020.12.29|//NetreseC//|[[Extracting Security Products from SUNBURST DNS Beacons|https://www.netresec.com/?page=Blog&month=2020-12&post=Extracting-Security-Products-from-SUNBURST-DNS-Beacons]]|
|2020.12.29|//Anomali//|[[Actionable Threat Intelligence Available for Sunburst Cyber Attacks on SolarWinds|https://www.anomali.com/blog/actionable-threat-intelligence-available-for-sunburst-cyber-attacks-on-solarwinds]]|
|2020.12.29|//Anomali//|[[Download Actionable Sunburst Threat Intelligence Today!|https://www.anomali.com/learn/sunburst/download-actionable-sunburst-threat-intelligence]]|
|2020.12.29|//RiskRecon//|[[Entities Signaling to SUNBURST C2 Infrastructure|https://blog.riskrecon.com/entities-signaling-to-sunburst-c2-infrastructure]]|
|2020.12.29|//RiskRecon//| → [[Data File of Entities Signaling to SolarWinds SUNBURST C2 Infrastructure|https://www.riskrecon.com/analysis-of-sunburst-signaling-entities]]|
|2020.12.29|//Cloud Vector//|[[API vulnerabilities at the center of SolarWinds SUPERNOVA Malware|https://www.cloudvector.com/api-vulnerabilities-at-the-center-of-solarwinds-supernova-malware/]]|
|!|>|>||
|2020.12.28|//Microsoft//|![[Using Microsoft 365 Defender to protect against Solorigate|https://www.microsoft.com/security/blog/2020/12/28/using-microsoft-365-defender-to-coordinate-protection-against-solorigate/]] |
|2020.12.28|Dancho Danchez|[[Exposing the Solarwinds Malware Campaign - An OSINT Analysis|https://ddanchev.blogspot.com/2020/12/exposing-solarwinds-malware-campaign.html]]|
|2020.12.28|//Shift Left//|[[#Solorigate : A Month of Reckoning for SaaS software creators and consumers|https://blog.shiftleft.io/a-month-of-reckoning-for-saas-software-creators-and-consumers-da791a4189e9]]|
|2020.12.28|//Shift Left//|[[#Solorigate : SolarWinds SUNBRUST backdoor investigation using ShiftLeft's Code Property Graph|https://blog.shiftleft.io/solarwinds-sunbrust-backdoor-investigation-using-shiftlefts-code-property-graph-c7349ca65428]]|
|2020.12.28|//SOC Prime//|[[SUPERNOVA Backdoor: A Second APT Group Abused SolarWinds Flaw to Deploy Web Shell Malware|https://socprime.com/blog/supernova-backdoor-a-second-apt-group-abused-solarwinds-flaw-to-deploy-web-shell-malware/]]|
|>|>|>|!|
|2020.12.26|//Logrhythm//|[[How to Detect and Search for SolarWinds IOCs in LogRhythm|https://logrhythm.com/blog/how-to-detect-and-search-for-solarwinds-iocs-in-logrhythm/]]|
|>|>|>|!|
|20201.12.26|//Shift Left//|[[#Solorigate : SUNBURST SolarWinds BackDoor : Crime Scene Forensics and detection techniques|https://blog.shiftleft.io/sunburst-solarwinds-backdoor-crime-scene-forensics-part-2-continued-3bcd8361f055]]|
|>|>|>|!|
|2020.12.24|SolarWinds|![[Mitigate your Orion Platform environment from the risk of the SUPERNOVA vulnerability using a new PowerShell script|https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip]] (pdf à extraire) |
|2020.12.24|SwitHack|[[SolarWinds Supply-chain Compromises|https://gist.github.com/SwitHak/8b59e740b187511caad1bf06caa44df1]]|
|2020.12.24|//FireEye//|![[SUNBURST Additional Technical Details|https://www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.html]] |
|2020.12.24|//Zscaler//|[[The Hitchhiker's Guide to SolarWinds Incident Response|https://www.zscaler.com/blogs/security-research/hitchhikers-guide-solarwinds-incident-response]]|
|2020.12.24|//Cyfirma//|[[SOLARWINDS HACK – Sunburst, Supernova and more|https://www.cyfirma.com/solarwinds-hack-sunburst-supernova-and-more/]]|
|!|>|>||
|2020.12.23|//Sygnia//|![[Detection and Hunting of Golden SAML Attack|https://www.sygnia.co/golden-saml-advisory]] |
|2020.12.23|//Crowdstrike//|[[CrowdStrike Launches Free Tool to Identify and Help Mitigate Risks in Azure Active Directory|https://www.crowdstrike.com/blog/crowdstrike-launches-free-tool-to-identify-and-help-mitigate-risks-in-azure-active-directory/]]|
|2020.12.23|//Sentinel One//|[[SolarWinds - Understanding & Detecting the SUPERNOVA Webshell Trojan|https://labs.sentinelone.com/solarwinds-understanding-detecting-the-supernova-webshell-trojan/]]|
|2020.12.23|//Kaspersky//|[[How we protect our users against the Sunburst backdoor|https://securelist.com/how-we-protect-against-sunburst-backdoor/99959/]]|
|2020.12.23|//Palo Alto Networks//|![[A Timeline Perspective of the SolarStorm Supply-Chain Attack|https://unit42.paloaltonetworks.com/solarstorm-supply-chain-attack-timeline/]] |
|2020.12.23|//Ermetic//|![[Cloud infrastructure is not immune from the SolarWinds Orion breach|https://ermetic.com/whats-new/blog/cloud-infrastructure-is-not-immune-from-the-solarwinds-orion-breach/]] |
|2020.12.23|//KPMG//|[[SolarWinds Orion|https://advisory.kpmg.us/articles/2020/solarwinds-orion.html]] ([[avis|https://advisory.kpmg.us/content/dam/advisory/en/pdfs/2020/solarwinds-orion.pdf|]])|
|2020.12.23|//Kaspersky//|[[How we protect our users against the Sunburst backdoor|https://securelist.com/how-we-protect-against-sunburst-backdoor/99959/]]|
|2020.12.23|//Hunters.ai//|[[SUNBURST: How it Happened and How to Minimize the Risk of Future Nation-State Attacks|https://hunters.ai/blog/sunburst-how-it-happened-and-how-to-minimize-the-risk-of-future-nation-state-attacks/]]|
|2020.12.23|//Prevasio//|[[DNS Tunneling In The SolarWinds Supply Chain Attack|https://blog.prevasio.com/2020/12/dns-tunneling-in-solarwinds-supply.html]] |
|2020.12.23|//Recorded Future//|[[SolarWinds: What the Intelligence Tells Us |https://www.recordedfuture.com/solarwinds-attack-update/]]|
|!|>|>||
|2020.12.22|//Microsoft//|![[Azure AD workbook to help you assess Solorigate risk|https://techcommunity.microsoft.com/t5/azure-active-directory-identity/azure-ad-workbook-to-help-you-assess-solorigate-risk/ba-p/2010718]]|
|2020.12.22|MITRE ATT&CK|!^^[[Identifying UNC2452-Related Techniques for ATT&CK|https://medium.com/mitre-attack/identifying-unc2452-related-techniques-9f7b6c7f3714]] (obsolète)^^|
|2020.12.22|//Qualys//|[[Qualys Security Advisory: SolarWinds / FireEye|https://blog.qualys.com/qualys-insights/2020/12/22/qualys-security-advisory-solarwinds-fireeye]]|
|2020.12.22|//Infoblox//|[[SolarWinds and SUNBURST Update|https://blogs.infoblox.com/cyber-threat-intelligence/solarwinds-and-sunburst-update/]]|
|2020.12.22|//Checkpoint Software//|[[SUNBURST, TEARDROP and the NetSec New Normal|https://research.checkpoint.com/2020/sunburst-teardrop-and-the-netsec-new-normal/]]|
|2020.12.22|//Prevasio//|[[Sunburst Backdoor, Part III: DGA & Security Software|https://blog.prevasio.com/2020/12/sunburst-backdoor-part-iii-dga-security.html]]|
|!|>|>||
|2020.12.21|//Microsoft//|![[Understanding "Solorigate"'s Identity IOCs - for Identity Vendors and their customers|https://techcommunity.microsoft.com/t5/azure-active-directory-identity/understanding-quot-solorigate-quot-s-identity-iocs-for-identity/ba-p/2007610]] |
|2020.12.21|//Tripwire//|[[Continue Clean-up of Compromised SolarWinds Software|https://www.tripwire.com/state-of-security/security-data-protection/continue-clean-up-of-compromised-solarwinds-software/]]|
|2020.12.21|//Microsoft//|![[Advice for incident responders on recovery from systemic identity compromises |https://www.microsoft.com/security/blog/2020/12/21/advice-for-incident-responders-on-recovery-from-systemic-identity-compromises/]] |
|2020.12.21|//McAfee//|[[How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise|https://www.mcafee.com/blogs/other-blogs/mcafee-labs/how-a-device-to-cloud-architecture-defends-against-the-solarwinds-supply-chain-compromise/]]|
|2020.12.21|//CyberInt Research//|[[SolarWinds Supply Chain Attack|https://blog.cyberint.com/solarwinds-supply-chain-attack]]|
|2020.12.21|//Checkpoint Software//|![[Best Practice: Identifying And Mitigating The Impact Of Sunburst|https://blog.checkpoint.com/2020/12/21/best-practice-identifying-and-mitigating-the-impact-of-sunburst/]] |
|2020.12.21|//Carbon Black//|[[TAU Threat Analysis: Insights on the SolarWinds Breach|https://www.carbonblack.com/blog/tau-threat-analysis-insights-on-the-solarwinds-breach/]]|
|2020.12.21|//VMware//|[[https://www.vmware.com/company/news/updates/2020/vmware-statement-solarwinds-supply-chain-compromise.html|https://www.vmware.com/company/news/updates/2020/vmware-statement-solarwinds-supply-chain-compromise.html]]|
|>|>|>|!|
|2020.12.19|//VX-Underground//|//[[Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromis eMultiple Global Victims With SUNBURST Backdoor|https://vx-underground.org/samples/Exotic/DarkHalo/HighlyEvasiveAttackerLeveragesSolarWindsSupplyChaintoCompromiseMultipleGlobalVictimsWithSUNBURSTBackdoor.pdf]]// (pdf)|
|!|>|>||
|2020.12.18|//Cloudflare//|![[Trend data on the SolarWinds Orion compromise|https://blog.cloudflare.com/solarwinds-orion-compromise-trend-data/]] |
|2020.12.18|Krebs on Security|[[VMware Flaw a Vector in SolarWinds Breach?|https://krebsonsecurity.com/2020/12/vmware-flaw-a-vector-in-solarwinds-breach/]]|
|2020.12.18|Energy.gov|[[DOE Update on Cyber Incident Related to Solar Winds Compromise|https://www.energy.gov/articles/doe-update-cyber-incident-related-solar-winds-compromise]]|
|2020.12.18|//Tripwire//|[[VERT Alert: SolarWinds Supply Chain Attack|https://www.tripwire.com/state-of-security/vert/vert-alert-solar-winds-supply-chain-attack/]]|
|2020.12.18|//Sentinel One//|[[SolarWinds SUNBURST Backdoor: Inside the APT Campaign|https://labs.sentinelone.com/solarwinds-sunburst-backdoor-inside-the-stealthy-apt-campaign/]]|
|2020.12.18|//Kaspersky//|![[Sunburst: connecting the dots in the DNS requests|https://securelist.com/sunburst-connecting-the-dots-in-the-dns-requests/99862/]] |
|2020.12.18|//Palo Alto Networks//|[[Palo Alto Networks Rapid Response: Navigating the SolarStorm Attack|https://blog.paloaltonetworks.com/2020/12/solarwinds-statement-solarstorm/]]|
|2020.12.18|//Microsoft//|[[Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers|https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/]]|
|2020.12.18|//Cloudflare//|[[A quirk in the SUNBURST DGA algorithm|https://blog.cloudflare.com/a-quirk-in-the-sunburst-dga-algorithm/]]|
|2020.12.18|//Domain Tools//|[[Continuous Eruption: Further Analysis of the SolarWinds Supply Chain Incident|https://www.domaintools.com/resources/blog/continuous-eruption-further-analysis-of-the-solarwinds-supply-incident]]|
|2020.12.18|//Domain Tools//|Podcast [[70. Gone with the SolarWind|https://www.domaintools.com/resources/podcasts/70-gone-with-the-solarwind]]|
|2020.12.18|Pastebin|[[SolarWinds hacking DGA decoded|https://pastebin.com/f05i8B1Q]]|
|2020.12.18|Ntop|[[Efficiently Detecting and Blocking SunBurst Malware|https://www.ntop.org/ndpi/efficiently-detecting-and-blocking-sunburst-malware/]]|
|2020.12.18|//Qianxin//|[[First Disclosure of Target:Domain Name Generation Algorithm of SolarWinds Supply Chain Attack can be Cracked|https://ti.qianxin.com/blog/articles/First-Disclosure-of-Target:Domain-Name-Generation-Algorithm-of-SolarWinds-Supply-Chain-Attack-can-be-Cracked/]]|
|!|>|>||
|2020.12.17|//Prevasio//|![[Sunburst Backdoor, Part II: DGA & The List of Victims|https://blog.prevasio.com/2020/12/sunburst-backdoor-part-ii-dga-list-of.html]] |
|2020.12.17|//Palo Alto Networks//|[[SUPERNOVA: A Novel .NET Webshell|https://unit42.paloaltonetworks.com/solarstorm-supernova/]]|
|2020.12.17|//Microsoft//|[[A moment of reckoning: the need for a strong and global cybersecurity response|https://blogs.microsoft.com/on-the-issues/2020/12/17/cyberattacks-cybersecurity-solarwinds-fireeye/]]|
|2020.12.17|//McAfee//|[[Additional Analysis into the SUNBURST Backdoor|https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/]]|
|2020.12.17|//TrustedSec//|![[SolarWinds Backdoor (Sunburst) Incident Response Playbook|https://www.trustedsec.com/blog/solarwinds-backdoor-sunburst-incident-response-playbook/]] |
|2020.12.17|//CipherCloud//|[[Mitigating Cloud Supply-chain Risk: Office 365 and Azure Exploited in Massive U.S. Government Hack|https://www.ciphercloud.com/mitigating-cloud-supply-chain-risk-office-365-and-azure-exploited-in-massive-u-s-government-hack/]]|
|2020.12.17|//NetreseC//|![[Reassembling Victim Domain Fragments from SUNBURST DNS|https://www.netresec.com/?page=Blog&month=2020-12&post=Reassembling-Victim-Domain-Fragments-from-SUNBURST-DNS]] |
|2020.12.17|//Anomali//|[[FireEye, SolarWinds Hacks Show that Detection is Key to Solid Defense|https://www.anomali.com/blog/fireeye-solarwinds-hacks-show-that-detection-is-key-to-solid-defense]]|
|!|>|>||
|2020.12.16|Krebs on Security|[[Malicious Domain in SolarWinds Hack Turned into 'Killswitch'|https://krebsonsecurity.com/2020/12/malicious-domain-in-solarwinds-hack-turned-into-killswitch/]]|
|2020.12.16|//Volexity//|![[Responding to the SolarWinds Breach: Detect, Prevent, and Remediate the Dark Halo Supply Chain Attack|https://www.volexity.com/blog/2020/12/16/responding-to-the-solarwinds-breach/]] |
|2020.12.16|//Security Intelligence//|[[Update on Widespread Supply-Chain Compromise|https://securityintelligence.com/posts/update-widespread-supply-chain-compromise/]]|
|2020.12.16|//Reversing Labs//|[[SunBurst: the next level of stealth|https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth]]|
|2020.12.16|//Prevailion//|[[Cybersecurity Solarwinds Activity|https://www.linkedin.com/posts/karimhijazi_prevailionknows-cybersecurity-solarwinds-activity-6744862284868390912-BUb1/]]|
|2020.12.16|//McAfee//|[[SUNBURST Malware and SolarWinds Supply Chain Compromise|https://www.mcafee.com/blogs/other-blogs/mcafee-labs/sunburst-malware-and-solarwinds-supply-chain-compromise/]]|
|2020.12.16|//Deep Instinct//|[[Sunburst Trojan: What You Need to Know|https://www.deepinstinct.com/2020/12/16/sunburst-trojan-what-you-need-to-know/]]|
|2020.12.16|//Intsights//|[[The FireEye Breach and the SolarWinds Supply Chain Compromise Campaign|https://intsights.com/blog/the-fireeye-breach-and-the-solarwinds-supply-chain-compromise-campaign]]|
|2020.12.16|//Krypt3ia//|[[Supply Chain Attacks and Nation State Pwnage: A Primer|https://krypt3ia.wordpress.com/2020/12/16/supply-chain-attacks-and-nation-state-pwnage-a-primer/]]|
|!|>|>||
|2020.12.15|Mubix "Rob" Fuller|![[SolarFlare Release: Password Dumper for SolarWinds Orion|https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/]]|
|2020.12.15|Bruce Schneier|[[How the SolarWinds Hackers Bypassed Duo's Multi-Factor Authentication|https://www.schneier.com/blog/archives/2020/12/how-the-solarwinds-hackers-bypassed-duo-multi-factor-authentication.html]]|
|2020.12.15|//Microsoft//|[[Ensuring customers are protected from Solorigate|https://www.microsoft.com/security/blog/2020/12/15/ensuring-customers-are-protected-from-solorigate/]]|
|2020.12.15|//Symantec//|[[Sunburst: Supply Chain Attack Targets SolarWinds Users|https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/sunburst-supply-chain-attack-solarwinds]]|
|2020.12.15|//SonicWall//|[[Massive Supply-Chain Attack Targets SolarWinds Orion Platform |https://blog.sonicwall.com/en-us/2020/12/massive-supply-chain-attack-targets-solarwinds-orion-platform/]]|
|2020.12.15|//Prevasio//|[[Sunburst Backdoor: A Deeper Look Into The SolarWinds' Supply Chain Malware |https://blog.prevasio.com/2020/12/sunburst-backdoor-deeper-look-into.html]]|
|2020.12.15|//Picus Security//|[[Tactics, Techniques, and Procedures (TTPs) Used in the SolarWinds Breach|https://www.picussecurity.com/resource/blog/ttps-used-in-the-solarwinds-breach]]|
|2020.12.15|//SecureWorks//|[[Secureworks' Response to Recent Nation-State Cyberattacks|https://www.secureworks.com/blog/secureworks-response-to-recent-nation-state-cyberattacks]]|
|2020.12.15|//GuidePoint//|[[SUPERNOVA SolarWinds .NET Webshell Analysis|https://www.guidepointsecurity.com/supernova-solarwinds-net-webshell-analysis/]]|
|!|>|>||
|2020.12.14|SANS Handlers Diary|[[SolarWinds Breach Used to Infiltrate Customer Networks (Solarigate)|https://isc.sans.edu/diary/rss/26884]]|
|2020.12.14|Krebs on Security|[[U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise|https://krebsonsecurity.com/2020/12/u-s-treasury-commerce-depts-hacked-through-solarwinds-compromise/]]|
|2020.12.14|Krebs on Security|[[SolarWinds Hack Could Affect 18K Customers|https://krebsonsecurity.com/2020/12/solarwinds-hack-could-affect-18k-customers/]]|
|2020.12.14|//Volexity//|![[Dark Halo Leverages SolarWinds Compromise to Breach Organizations|https://www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/]]|
|2020.12.14|//Solarwinds//|[[Solarwinds Corporation report to SEC|https://d18rn0p25nwr6d.cloudfront.net/CIK-0001739942/57108215-4458-4dd8-a5bf-55bd5e34d451.pdf]]|
|2020.12.14|//RiskIQ//|[[SolarWinds Orion Hack: Know if You're Affected and Defend Your Attack Surface|https://www.riskiq.com/blog/external-threat-management/solarwinds-orion-hack/]]|
|2020.12.14|//Palo Alto Networks//|[[Threat Brief: SolarStorm and SUNBURST Customer Coverage|https://unit42.paloaltonetworks.com/fireeye-solarstorm-sunburst/]]|
|2020.12.14|//Malware Bytes//|[[SolarWinds advanced cyberattack: What happened and what to do now|https://blog.malwarebytes.com/threat-analysis/2020/12/advanced-cyber-attack-hits-private-and-public-sector-via-supply-chain-software-update/]]|
|2020.12.14|//SOC Prime//|[[Sunburst Backdoor Detection: Solarwinds Supply Chain Attack on FireEye and US Agencies|https://socprime.com/blog/sunburst-backdoor-detection-solarwinds-supply-chain-attack-on-fireeye-and-us-agencies/]]|
|2020.12.14|//Cisco//|[[Threat Advisory: SolarWinds supply chain attack|https://blog.talosintelligence.com/2020/12/solarwinds-supplychain-coverage.html]]|
|2020.12.14|//Cisco//|[[SolarWinds Orion Platform Supply Chain Attack|https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-solarwinds-supply-chain-attack]]|
|2020.12.14|//Cisco//|[[FireEye Breach Detection Guidance|https://blog.talosintelligence.com/2020/12/fireeye-breach-guidance.html]]|
|2020.12.14|//Tenable//|![[Solorigate: SolarWinds Orion Platform Contained a Backdoor Since March 2020 (SUNBURST)|https://www.tenable.com/blog/solorigate-solarwinds-orion-platform-contained-a-backdoor-since-march-2020-sunburst]]|
|2020.12.14|//Cado Security//|[[Responding to Solarigate|https://www.cadosecurity.com/post/responding-to-solarigate]]|
|2020.12.14|//Symantec//|[[Sunburst: Supply Chain Attack Targets SolarWinds Users|https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/sunburst-supply-chain-attack-solarwinds]]|
|2020.12.14|//Domain Tools//|[[Unraveling Network Infrastructure Linked to the SolarWinds Hack|https://www.domaintools.com/resources/blog/unraveling-network-infrastructure-linked-to-the-solarwinds-hack]]|
|2020.12.14|//True Sec//|![[SolarWinds Orion and UNC2452 – Summary and Recommendations|https://www.trustedsec.com/blog/solarwinds-orion-and-unc2452-summary-and-recommendations/]] |
|2020.12.14|//Splunk//|[[Using Splunk to Detect Sunburst Backdoor|https://www.splunk.com/en_us/blog/security/sunburst-backdoor-detections-in-splunk.html]]|
|2020.12.14|//Zero Day Initiative//|[[ZDI-21-063 SolarWinds Network Performance Monitor ExecuteExternalProgram Command Injection Remote Code Execution Vulnerability (CVE-2020-14005)|https://www.zerodayinitiative.com/advisories/ZDI-21-063/]]|
|2020.12.14|//Zero Day Initiative//|[[ZDI-21-064 SolarWinds Network Performance Monitor WriteToFile SQL Injection Privilege Escalation Vulnerability (CVE-2020-27869)|https://www.zerodayinitiative.com/advisories/ZDI-21-064/]]|
|2020.12.14|//Zero Day Initiative//|[[ZDI-21-065 SolarWinds Network Performance Monitor ExecuteVBScript Command Injection Remote Code Execution Vulnerability (CVE-2020-14005)|https://www.zerodayinitiative.com/advisories/ZDI-21-065/]]|
|2020.12.14|//Zero Day Initiative//|[[ZDI-21-066 SolarWinds Network Performance Monitor ExportToPDF Directory Traversal Information Disclosure Vulnerability (CVE-2020-27870)|https://www.zerodayinitiative.com/advisories/ZDI-21-066/]]|
|2020.12.14|//Zero Day Initiative//|[[ZDI-21-067 SolarWinds Network Performance Monitor VulnerabilitySettings Directory Traversal Arbitrary File Creation Vulnerability (CVE-2020-27871)|https://www.zerodayinitiative.com/advisories/ZDI-21-067/]]|
|2020.12.14|//Zero Day Initiative//|[[ZDI-21-06 (CVE-2020-tbd)|https://www.zerodayinitiative.com/advisories/ZDI-21-06/]]|
|>|>|>|!|
|2020.12.13|//TrueSec//|[[The SolarWinds Orion SUNBURST supply-chain Attack|https://blog.truesec.com/2020/12/17/the-solarwinds-orion-sunburst-supply-chain-attack/]]|
|2020.12.13|//SolarWinds//|[[SolarWinds Security Advisory|https://www.solarwinds.com/securityadvisory]] (obsolète)|
|2020.12.13|//Microsoft//|![[Important steps for customers to protect themselves from recent nation-state cyberattacks|http://blogs.microsoft.com/on-the-issues/2020/12/13/customers-protect-nation-state-cyberattacks/]] |
|2020.12.13|//Microsoft//|![[Customer Guidance on Recent Nation-State Cyber Attacks|https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/]] |
|2020.12.13|//Microsoft//|[[Trojan:MSIL/Solorigate.B!dha|https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:MSIL/Solorigate.B!dha]]|
|2020.12.13|//FireEye//|[[Global Intrusion Campaign Leverages Software Supply Chain Compromise|https://www.fireeye.com/blog/products-and-services/2020/12/global-intrusion-campaign-leverages-software-supply-chain-compromise.html]]|
|2020.12.13|//FireEye//|[[FireEye Mandiant SunBurst Countermeasures|https://github.com/fireeye/sunburst_countermeasures]] (Snort, Yara, IOC, ClamAV)|
|!|>|>||
|2020.12.12|//FireEye//|[[Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor|https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html]]|
|!|>|>||
|2020.12.11|//Picus Security//|[[It is Time to Take Action - How to Defend Against FireEye's Red Team Tools|https://www.picussecurity.com/resource/blog/how-to-defend-against-fireeye-s-red-team-tools]]|
|!|>|>||
|2020.12.10|//Picus Security//|[[Tactics, Techniques and Procedures (TTPs) Utilized by FireEye's Red Team Tools|https://www.picussecurity.com/resource/blog/techniques-tactics-procedures-utilized-by-fireeye-red-team-tools]]|
|2020.12.10|//SOC Prime//|[[FireEye Breach: Leaked Red Team Toolkit Detection|https://socprime.com/blog/fireeye-breach-leaked-red-team-toolkit-detection/]]|
|2020.12.10|//Malware Bytes//|[[Malwarebytes detects leaked tools from FireEye breach|https://blog.malwarebytes.com/malwarebytes-news/2020/12/malwarebytes-detects-leaked-tools-from-fireeye-breach/]]|
|2020.12.10|//Intsights//|[[Flash Alert: FireEye Breach|https://intsights.com/blog/flash-alert-fireeye-breach]]|
|!|>|>||
|2020.12.08|//FireEye//|![[FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community|https://www.fireeye.com/blog/products-and-services/2020/12/fireeye-shares-details-of-recent-cyber-attack-actions-to-protect-community.html]] |
|2020.12.08|//FireEye//|![[Unauthorized Access of FireEye Red Team Tools|https://www.fireeye.com/blog/threat-research/2020/12/unauthorized-access-of-fireeye-red-team-tools.html]] |
|>|>|>|!|
|2017.11.27|//CyberArk//|![[Golden SAML: Newly Discovered Attack Technique Forges Authentication to Cloud Apps|https://www.cyberark.com/resources/threat-research-blog/golden-saml-newly-discovered-attack-technique-forges-authentication-to-cloud-apps]] |
|2017.05.03|//Palo Alto Network//|[[Kazuar: Multiplatform Espionage Backdoor with API Access|https://unit42.paloaltonetworks.com/unit42-kazuar-multiplatform-espionage-backdoor-api-access/]]|
|2016.01.14|//Symantec//|[[The Waterbug attack group|https://docs.broadcom.com/doc/waterbug-attack-group]]|
!Sources secondaires / Secondary sources
|>|>|>|bgcolor:#F5DF4D;Ce fond indique des mises à jour ''pertinentes'' du tableau depuis la semaine dernière |
|!Dates|!Sources|!Titres et Liens|
|>|>|>||
|bgcolor:#F5DF4D;2021.02.19|//Risk Recon//|[[How the World Responded to SolarWinds Orion - Part 2|https://blog.riskrecon.com/how-the-world-responded-to-solarwinds-orion-a-view-from-the-internet-part-2]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.02.18|Bleeping Computer|[[Microsoft: SolarWinds hackers downloaded some Azure, Exchange source code|https://www.bleepingcomputer.com/news/microsoft/microsoft-solarwinds-hackers-downloaded-some-azure-exchange-source-code/]]|
|bgcolor:#F5DF4D;2021.02.18|JiPé|![[Incidents MindMaps / SOLORIGATE_SUNBURST|https://github.com/jipegit/IncidentsMindMaps/tree/main/SOLORIGATE_SUNBURST]] ([[image|https://github.com/jipegit/IncidentsMindMaps/raw/main/SOLORIGATE_SUNBURST/SOLORIGATE_SUNBURST.png]]) |
|bgcolor:#F5DF4D;2021.02.18|Dark Reading|[[Hiding in Plain Sight: What the SolarWinds Attack Revealed About Efficacy|https://www.darkreading.com/vulnerabilities---threats/hiding-in-plain-sight-what-the-solarwinds-attack-revealed-about-efficacy/a/d-id/1340140]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.02.16|//Akamai//|[[SolarWinds Hack and the Case of DNS Security|http://feedproxy.google.com/~r/TheAkamaiBlog/~3/NYBTmg4HS00/solarwinds-hack-and-the-case-of-dns-security.html]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.02.12|//Risk Recon//|[[How the World Responded to SolarWinds Orion – Part 1|https://blog.riskrecon.com/how-the-world-responded-to-solarwinds-orion-a-view-from-the-internet-part-1]]|
|bgcolor:#F5DF4D;2021.02.12|//Thinkst//|[[On SolarWinds, Supply Chains and Enterprise Networks|https://blog.thinkst.com/2021/02/on-solarwinds-supply-chains-and_12.html]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.02.10|//Infoblox//|[[TEARDROP Malware|https://blogs.infoblox.com/cyber-threat-intelligence/teardrop-malware/]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.02.09|//Trustwave//|[[Discussing the SolarWinds Discovery|https://www.trustwave.com/en-us/resources/blogs/trustwave-blog/discussing-the-solarwinds-discovery/]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.02.05|Security Week|[[Microsoft Says Its Services Not Used as Entry Point by SolarWinds Hackers|https://www.securityweek.com/microsoft-says-its-services-not-used-entry-point-solarwinds-hackers]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.02.03|Bleeping Computer|[[SolarWinds patches critical vulnerabilities in the Orion platform|https://www.bleepingcomputer.com/news/security/solarwinds-patches-critical-vulnerabilities-in-the-orion-platform/]]|
|bgcolor:#F5DF4D;2021.02.03|MSSP Alert|[[SolarWinds Patches 3 Vulnerabilities Discovered by MSSP Trustwave, SpiderLabs|https://www.msspalert.com/cybersecurity-news/solarwinds-patches-three-vulnerabilities/]]|
|bgcolor:#F5DF4D;2021.02.03|Security Week|[[China-Linked Hackers Exploited SolarWinds Flaw in U.S. Government Attack: Report|https://www.securityweek.com/china-linked-hackers-exploited-solarwinds-flaw-us-government-attack-report]]|
|bgcolor:#F5DF4D;2021.02.03|Security Week|[[SolarWinds Product Vulnerabilities Allow Hackers to Take Full Control of Systems|https://www.securityweek.com/solarwinds-product-vulnerabilities-allow-hackers-take-full-control-systems]]|
|bgcolor:#F5DF4D;2021.02.03|Dark Reading|[[SolarWinds Attackers Spent Months in Corporate Email System: Report|https://www.darkreading.com/perimeter/solarwinds-attackers-spent-months-in-corporate-email-system-report/d/d-id/1340047]]|
|bgcolor:#F5DF4D;2021.02.03|//Threatpost//|[[Second SolarWinds Attack Group Breaks into USDA Payroll|https://threatpost.com/second-solarwinds-attack-group-usda-payroll/163635/]]|
|bgcolor:#F5DF4D;2021.02.03|//Threatpost//|[[SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover|https://threatpost.com/solarwinds-orion-bug-remote-code-execution/163618/]]|
|bgcolor:#F5DF4D;2021.02.03|//Infocyte//|[[Responding to Microsoft 365 Attacks|https://www.infocyte.com/blog/2021/02/03/responding-to-microsoft-365-attacks/]]|
|bgcolor:#F5DF4D;2021.02.03|Bruce Schneier|[[More SolarWinds News|https://www.schneier.com/blog/archives/2021/02/more-solarwinds-news.html]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.02.01|No Limit Sécu|[[Solarwinds, illustration d'une attaque de type "supply chain"|https://www.nolimitsecu.fr/solarwinds/]] ([[podcast|https://www.nolimitsecu.fr/wp-content/uploads/NoLimitSecu-305-SolarWinds.mp3]])|
|bgcolor:#F5DF4D;2021.02.01|Security Week|[[CISA Says Many Victims of SolarWinds Hackers Had No Direct Link to SolarWinds|https://www.securityweek.com/cisa-says-many-victims-solarwinds-hackers-had-no-direct-link-solarwinds]]|
|>|>|>||
|2021.01.31|NoLimitSécu[>img[iCSIRT/flag_fr.png]]|[[Episode #305 : Solarwinds, illustration d'une attaque de type "supply chain"|https://www.nolimitsecu.fr/solarwinds/]] ([[podcast|https://www.nolimitsecu.fr/wp-content/uploads/NoLimitSecu-305-SolarWinds.mp3]])|
|>|>|>||
|2021.01.30|Ars Technica|[[30% of "SolarWinds hack" victims didn't actually use SolarWinds|https://arstechnica.com/information-technology/2021/01/30-of-solarwinds-hack-victims-didnt-actually-use-solarwinds/]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.01.29|//Hashed Out//|![[https://www.thesslstore.com/blog/all-you-need-to-know-about-the-solarwinds-hack/]]|
|bgcolor:#F5DF4D;2021.01.29|//Talos / Cisco//|[[Talos Takes Ep. #39: SolarWinds' implications for IoT and OT|https://blog.talosintelligence.com/2021/01/talos-takes-ep-39-solarwinds.html]] ([[podcast|https://talos-intelligence-site.s3.amazonaws.com/production/podcast_files/Talos%20Takes%20Ep.%20%2340%3A%20Lessons%20learned%20from%20our%20conversations%20with%20a%20ransomware%20operator/1612537053/TTEP40LockBitInterview.mp3]])|
|2021.01.29|//Aon//|[[Cloudy with a Chance of Persistent Email Access|https://www.aon.com/cyber-solutions/aon_cyber_labs/cloudy-with-a-chance-of-persistent-email-access/]]|
|>|>|>||
|2021.01.28|//Threatpost//|[[Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball|https://threatpost.com/mimecast-solarwinds-hack-security-vendor-victims/163431/]]|
|>|>|>||
|2021.01.27|Security Week|[[Hundreds of Industrial Organizations Received Sunburst Malware in SolarWinds Attack|https://www.securityweek.com/hundreds-industrial-organizations-received-sunburst-malware-solarwinds-attack]]|
|>|>|>||
|bgcolor:#F5DF4D;2021.01.26|//Forcepoint//|[[Inside the Mind of the #Sunburst Adversary - Ep. 117|https://www.forcepoint.com/resources/podcasts/inside-mind-sunburst-adversary-ep-117]]|
|bgcolor:#F5DF4D;2021.01.26|Bleeping Computer|[[Mimecast links security breach to SolarWinds hackers|https://www.bleepingcomputer.com/news/security/mimecast-links-security-breach-to-solarwinds-hackers/]]|
|2021.01.26|Dark Reading|[[Mimecast: Recent Certificate Compromise Tied to SolarWinds Attacks|https://www.darkreading.com/application-security/mimecast-recent-certificate-compromise-tied-to-solarwinds-attacks/d/d-id/1339984]]|
|>|>|>||
|2021.01.23|//TrapX//|[[Lessons from the solarwinds breach: there is nothing new under the sun?|https://www.trapx.com/lessons-from-the-solarwinds-breach-there-is-nothing-new-under-the-sun/]]|
|>|>|>||
|2021.01.22|GBHackers on Security|[[Microsoft Research Reveals SolarWinds Hackers Stealthily Evaded Detection|https://gbhackers.com/solarwinds-attack-chain/]]|
|>|>|>||
|2021.01.21|Robinson+Cole|[[SolarWinds Insured Losses Estimated at $90 Million|https://www.dataprivacyandsecurityinsider.com/2021/01/solarwinds-insured-losses-estimated-at-90-million/]]|
|2021.01.21|Security Week|[[Microsoft Details OPSEC, Anti-Forensic Techniques Used by SolarWinds Hackers|https://www.securityweek.com/microsoft-details-opsec-anti-forensic-techniques-used-solarwinds-hackers]]|
|>|>|>||
|2021.01.20|Bleeping Computer|[[Microsoft shares how SolarWinds hackers evaded detection|https://www.bleepingcomputer.com/news/security/microsoft-shares-how-solarwinds-hackers-evaded-detection/]]|
|2021.01.20|Dark Reading|[[Microsoft Releases New Info on SolarWinds Attack Chain|https://www.darkreading.com/attacks-breaches/microsoft-releases-new-info-on-solarwinds-attack-chain/d/d-id/1339940]]|
|2021.01.20|//Threatpost//|[[Malwarebytes Hit by SolarWinds Attackers|https://threatpost.com/malwarebytes-solarwinds-attackers/163190/]]|
|>|>|>||
|2021.01.19|Bleeping Computer|![[SolarWinds hackers used 7-Zip code to hide Raindrop Cobalt Strike loader|https://www.bleepingcomputer.com/news/security/solarwinds-hackers-used-7-zip-code-to-hide-raindrop-cobalt-strike-loader/]] |
|2021.01.19|Bleeping Computer|[[Malwarebytes says SolarWinds hackers accessed its internal emails|https://www.bleepingcomputer.com/news/security/malwarebytes-says-solarwinds-hackers-accessed-its-internal-emails/]]|
|2021.01.19|Dark Reading|[[SolarWinds Attack Underscores 'New Dimension' in Cyber-Espionage Tactics|https://www.darkreading.com/threat-intelligence/solarwinds-attack-underscores-new-dimension-in-cyber-espionage-tactics/d/d-id/1339928]]|
|2021.01.19|Security Week|[[FireEye Releases New Open Source Tool in Response to SolarWinds Hack|https://www.securityweek.com/fireeye-releases-new-open-source-tool-response-solarwinds-hack]]|
|2021.01.19|Security Week|[[SolarWinds Hackers Used 'Raindrop' Malware for Lateral Movement|https://www.securityweek.com/solarwinds-hackers-used-raindrop-malware-lateral-movement]]|
|2021.01.19|//Threatpost//|[[SolarWinds Malware Arsenal Widens with Raindrop|https://threatpost.com/solarwinds-malware-arsenal-raindrop/163153/]]|
|>|>|>||
|2021.01.18|//Zscaler//|[[Supply Chain Attacks|https://www.zscaler.com/blogs/product-insights/supply-chain-attack]]|
|2021.01.18|//Digital Shadows//|Podcast '[[ShadowTalk Update: Sunburst, Sunspot, and more on SolarWinds!|https://www.digitalshadows.com/blog-and-research/shadowtalk-update-sunburst-sunspot-and-more-on-solarwinds/]]'|
|>|>|>||
|2021.01.17|//WhoisXML API//|![[Cyber Threat Intel Analysis and Expansion of SolarWinds Identified IoCs|http://www.circleid.com/posts/20210117-cyberthreat-intel-analysis-expansion-of-solarwinds-identified-iocs/]] |
|>|>|>||
|2021.01.13|Dark Reading|[[SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns|https://www.darkreading.com/threat-intelligence/solarwinds-attackers-may-have-hit-mimecast-driving-new-concerns/d/d-id/1339895]]|
|>|>|>||
|2021.01.12|Wall Street Journal|[[SolarWinds Hackers' Attack on Email Security Company Raises New Red Flags|https://www.wsj.com/articles/solarwinds-hackers-attack-on-email-security-company-raises-new-red-flags-11610510375]]|
|2021.01.12|Bleeping Computer|![[New Sunspot malware found while investigating SolarWinds hack|https://www.bleepingcomputer.com/news/security/new-sunspot-malware-found-while-investigating-solarwinds-hack/]] |
|2021.01.12|Bleeping Computer|![[SolarLeaks site claims to sell data stolen in SolarWinds attacks|https://www.bleepingcomputer.com/news/security/solarleaks-site-claims-to-sell-data-stolen-in-solarwinds-attacks/]] |
|2021.01.12|Dark Reading|[[More SolarWinds Attack Details Emerge|https://www.darkreading.com/threat-intelligence/more-solarwinds-attack-details-emerge/d/d-id/1339885]]|
|bgcolor:#F5DF4D;2021.01.12|GBHackers on Security|[[SolarWinds Hack – Multiple Similarities Found Between Sunburst Backdoor and Turla's Backdoor|https://gbhackers.com/solarwinds-backdoor-similarities/]]|
|2021.01.11|Security Week|[[Kaspersky Connects SolarWinds Attack Code to Known Russian APT Group|https://www.securityweek.com/malware-used-solarwinds-attack-linked-backdoor-attributed-turla-cyberspies]]|
|2021.01.11|Secplicity|[[The Hack of the Decade|https://www.secplicity.org/2021/01/11/the-hack-of-the-decade/]] ([[podcast|https://media.blubrry.com/the_443/content.blubrry.com/the_443/The_443-131-The_Hack_of_the_Decade.mp3]])|
|>|>|>||
|2021.01.07|Dark Reading|![[FireEye's Mandia: 'Severity-Zero Alert' Led to Discovery of SolarWinds Attack|https://www.darkreading.com/threat-intelligence/fireeyes-mandia-severity-zero-alert-led-to-discovery-of-solarwinds-attack/d/d-id/1339851]] |
|2021.01.07|Dark Reading|[[DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks|Investigation Launched Into Role of JetBrains Product in SolarWinds Hack: Reportssed-in-solarwinds-attacks/d/d-id/1339842]]|
|2021.01.06|Bruce Schneier|[[Russia's SolarWinds Attack and Software Security|https://www.schneier.com/blog/archives/2021/01/russias-solarwinds-attack-and-software-security.html]]|
|2021.01.05|Bruce Schneier|[[Latest on the SVR's SolarWinds Hack|https://www.schneier.com/blog/archives/2021/01/latest-on-the-svrs-solarwinds-hack.html]]|
|>|>|>||
|2020.12.31|Bleeping Computer|[[Microsoft: SolarWinds hackers accessed our source code|https://www.bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-accessed-our-source-code/]]|
|2020.12.31|Dark Reading|[[Microsoft Reveals That Russian Attackers Accessed Some of Its Source Code|https://www.darkreading.com/attacks-breaches/microsoft-reveals-that-russian-attackers-accessed-some-of-its-source-code/d/d-id/1339816]]|
|>|>|>||
|2020.12.30|01 Net[>img[iCSIRT/flag_fr.png]]|[[SolarWinds : le mystère du hack de l'année élucidé par Microsoft ?|https://www.01net.com/actualites/solarwinds-le-mystere-du-hack-de-l-annee-elucide-par-microsoft-2026032.html]]|
|2020.12.30|GBHackers on Security|[[SolarWinds Hackers Aimed to Access Victim Cloud Assets after deploying the Solorigate Backdoor|https://gbhackers.com/solarsinds-targets-cloud-assets/]]|
|2020.12.30|Bleeping Computer|[[DHS orders federal agencies to update SolarWinds Orion platform|https://www.bleepingcomputer.com/news/security/dhs-orders-federal-agencies-to-update-solarwinds-orion-platform/]]|
|2020.12.30|Security Week|[[Shields Up: How to Tackle Supply Chain Risk Hazards|https://www.securityweek.com/shields-how-tackle-supply-chain-risk-hazards]]|
|>|>|>||
|2020.12.29|Bleeping Computer|[[Microsoft: SolarWinds hackers' goal was the victims' cloud data|https://www.bleepingcomputer.com/news/security/microsoft-solarwinds-hackers-goal-was-the-victims-cloud-data/]]|
|>|>|>||
|2020.12.28|Bleeping Computer|[[CISA releases Azure, Microsoft 365 malicious activity detection tool|https://www.bleepingcomputer.com/news/security/cisa-releases-azure-microsoft-365-malicious-activity-detection-tool/]]|
|>|>|>|!|
|2020.12.27|Forbes|[[Dissecting The SolarWinds Hack For Greater Insights With A Cybersecurity Evangelist|https://www.forbes.com/sites/louiscolumbus/2021/12/27/dissecting-the-solarwinds-hack-for-greater-insights-with-a-cybersecurity-evangelist/]]|
|>|>|>||
|2020.12.26|Bleeping Computer|[[SolarWinds releases updated advisory for new SUPERNOVA malware|https://www.bleepingcomputer.com/news/security/solarwinds-releases-updated-advisory-for-new-supernova-malware/]]|
|2020.12.26|Bleeping Computer|[[VMware latest to confirm breach in SolarWinds hacking campaign|https://www.bleepingcomputer.com/news/security/vmware-latest-to-confirm-breach-in-solarwinds-hacking-campaign/]]|
|>|>|>||
|2020.12.25|Washington Post|[[Russian hackers compromised Microsoft cloud customers through third party, putting emails and other data at risk|https://www.washingtonpost.com/national-security/russia-hack-microsoft-cloud/2020/12/24/dbfaa9c6-4590-11eb-975c-d17b8815a66d_story.html]]|
|2020.12.25|Reuters|[[Suspected Russian hackers used Microsoft vendors to breach customers|https://reuters.com/article/us-global-cyber-usa/suspected-russian-hackers-made-failed-attempt-to-breach-crowdstrike-company-says-idUSKBN28Y1BF]]|
|2020.12.25|Bleeping Computer|[[CrowdStrike releases free Azure security tool after failed hack|https://www.bleepingcomputer.com/news/security/crowdstrike-releases-free-azure-security-tool-after-failed-hack/]]|
|2020.12.25|Security Boulevard|[[SUNBURST SolarWinds BackDoor : Crime Scene Forensics Part 2 (continued)|https://securityboulevard.com/2020/12/sunburst-solarwinds-backdoor-crime-scene-forensics-part-2-continued/]]|
|>|>|>||
|2020.12.24|The Hill|[[Hackers accessed Microsoft cloud customers' information through third party: report|https://thehill.com/policy/technology/531649-hackers-accessed-microsoft-cloud-customers-information-through-third-party]]|
|2020.12.24|Reuters|[[U.S. cyber agency says SolarWinds hackers are 'impacting' state, local governments|https://www.reuters.com/article/us-global-cyber-usa/u-s-cyber-agency-says-solarwinds-hackers-are-impacting-state-local-governments-idUSKBN28Y09L]]|
|2020.12.24|Reuters|[[Suspected Russian hackers used Microsoft vendors to breach customers|https://www.reuters.com/article/us-global-cyber-usa-idUSKBN28Y1BF]]|
|2020.12.24|The Intercept|[[SolarWinds Hack Infected Critical Infrastructure, Including Power Industry|https://theintercept.com/2020/12/24/solarwinds-hack-power-infrastructure/]]|
|>|>|>||
|2020.12.23|Security Week|[[Millions of Devices Affected by Vulnerabilities Used in Stolen FireEye Tools|https://www.securityweek.com/millions-devices-affected-vulnerabilities-used-stolen-fireeye-tools]]|
|2020.12.23|Bleeping Computer|[[UK privacy watchdog warns SolarWinds victims to report data breaches|https://www.bleepingcomputer.com/news/security/uk-privacy-watchdog-warns-solarwinds-victims-to-report-data-breaches/]]|
|2020.12.23|//Security Risk Advisors//|[[SolarWinds Breach: How do we stop this from happening again?|https://sra.io/blog/solarwinds-breach-how-do-we-stop-this-from-happening-again/]]|
|2020.12.23|//XM Cyber//|[[Here's How the Recent SolarWinds Supply Chain Attack Could Be Easily Stopped|https://www.xmcyber.com/heres-how-the-recent-solarwinds-supply-chain-attack-could-be-easily-stopped/]]|
|2020.12.23|GeekWire|[[How the SolarWinds hackers are targeting cloud services in unprecedented cyberattack|https://www.geekwire.com/2020/solarwinds-hackers-targeting-cloud-services-unprecedented-cyberattack/]]|
|>|>|>||
|2020.12.22|//McAfee//|[[How A Device to Cloud Architecture Defends Against the SolarWinds Supply Chain Compromise|https://www.mcafee.com/blogs/other-blogs/mcafee-labs/how-a-device-to-cloud-architecture-defends-against-the-solarwinds-supply-chain-compromise/]]|
|2020.12.22|Reuters|[['Dozens of email accounts' were hacked at U.S. Treasury -Senator Wyden|https://www.reuters.com/article/us-global-cyber/u-s-treasury-confirms-solarwinds-hack-as-more-officials-blame-russia-idUSKBN28V2DX]]|
|2020.12.22|Hack Read|[[The ongoing investigation into the SolarWinds supply chain cyberattack indicates the involvement of another APT group|https://www.hackread.com/two-groups-breached-solarwinds-orion-software-microsoft/]]|
|2020.12.22|Dark Reading|[[SolarWinds Campaign Focuses Attention on 'Golden SAML' Attack Vector|https://www.darkreading.com/attacks-breaches/solarwinds-campaign-focuses-attention-on-golden-saml-attack-vector/d/d-id/1339794]]|
|2020.12.22|Bleeping Computer|[[SolarWinds victims revealed after cracking the Sunburst malware DGA|https://www.bleepingcomputer.com/news/security/solarwinds-victims-revealed-after-cracking-the-sunburst-malware-dga/]]|
|2020.12.22|Bleeping Computer|[[SolarWinds hackers breached US Treasury officials' email accounts|https://www.bleepingcomputer.com/news/security/solarwinds-hackers-breached-us-treasury-officials-email-accounts/]]|
|2020.12.22|GBHakers on Security|[[NSA Warns of Cloud Attacks on Authentication Mechanisms|https://gbhackers.com/nsa-warns-of-cloud-attacks/]]|
|>|>|>||
|2020.12.21|The Register|[[Well, on the bright side, the SolarWinds Sunburst attack will spur the cybersecurity field to evolve all over again|https://www.theregister.com/2020/12/21/solarwinds_sunburst_evolve/]]|
|2020.12.21|Security Week|[[VMware, Cisco Reveal Impact of SolarWinds Incident|https://www.securityweek.com/vmware-cisco-reveal-impact-solarwinds-incident]]|
|2020.12.21|Reuters|[[U.S. Treasury has not seen any damage from widespread hack-CNBC|https://www.reuters.com/article/us-usa-cyber-breach-treasury/u-s-treasury-has-not-seen-any-damage-from-widespread-hack-cnbc-idUSKBN28V1X0]]|
|2020.12.21|Help Net Security|[[SolarWinds is the tip of the iceberg|https://www.helpnetsecurity.com/2020/12/21/solarwinds-cybersecurity/]]|
|2020.12.21|Dark Reading|[[We Have a National Cybersecurity Emergency -- Here's How We Can Respond|https://www.darkreading.com/vulnerabilities---threats/we-have-a-national-cybersecurity-emergency----heres-how-we-can-respond/a/d-id/1339766]]|
|2020.12.21|Dark Reading|[[Cisco, Intel, Deloitte Among Victims of SolarWinds Breach: Report|https://www.darkreading.com/threat-intelligence/cisco-intel-deloitte-among-victims-of-solarwinds-breach-report/d/d-id/1339780]]|
|2020.12.21|CSO Online|[[How to prepare for the next SolarWinds-like threat|https://www.csoonline.com/article/3601796/how-to-prepare-for-the-next-solarwinds-like-threat.html]]|
|2020.12.21|Bleeping Computer|[[VMware latest to confirm breach in SolarWinds hacking campaign|https://www.bleepingcomputer.com/news/security/vmware-latest-to-confirm-breach-in-solarwinds-hacking-campaign/]]|
|2020.12.21|Bleeping Computer|[[New SUPERNOVA backdoor found in SolarWinds cyberattack analysis|https://www.bleepingcomputer.com/news/security/new-supernova-backdoor-found-in-solarwinds-cyberattack-analysis/]]|
|2020.12.21|//Cyjax//|[[SolarWinds Supply Chain Attack - Summary and Analysis|https://www.cyjax.com/2020/12/21/solarwinds-supply-chain-attack-summary-and-analysis/]]|
|>|>|>|!|
|2020.12.19|Bleeping Computer|[[The SolarWinds cyberattack: The hack, the victims, and what we know|https://www.bleepingcomputer.com/news/security/the-solarwinds-cyberattack-the-hack-the-victims-and-what-we-know/]]|
|>|>|>||
|2020.12.18|Dark Reading|[[Microsoft Confirms Its Network Was Breached With Tainted SolarWinds Updates|https://www.darkreading.com/attacks-breaches/microsoft-confirms-its-network-was-breached-with-tainted-solarwinds-updates/d/d-id/1339769]]|
|2020.12.18|Dark Reading|[[5 Key Takeaways From the SolarWinds Breach|https://www.darkreading.com/5-key-takeaways-from-the-solarwinds-breach/d/d-id/1339764]]|
|2020.12.18|Bleeping Computer|[[US think tank breached three times in a row by SolarWinds hackers|https://www.bleepingcomputer.com/news/security/us-think-tank-breached-three-times-in-a-row-by-solarwinds-hackers/]]|
|2020.12.18|Bleeping Computer|[[Microsoft identifies 40+ victims of SolarWinds hack, 80% from US|https://www.bleepingcomputer.com/news/security/microsoft-identifies-40-plus-victims-of-solarwinds-hack-80-percent-from-us/]]|
|2020.12.18|Bleeping Computer|[[Microsoft confirms breach in SolarWinds hack, denies infecting others|https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-breach-in-solarwinds-hack-denies-infecting-others/]]|
|2020.12.18|Help Net Security|[[Microsoft was also a victim of the SolarWinds supply chain hack|https://www.helpnetsecurity.com/2020/12/18/microsoft-solarwinds/]]|
|2020.12.18|Security Week|[[Microsoft, Energy Department and Others Named as Victims of SolarWinds Attack|https://www.securityweek.com/microsoft-energy-department-and-others-named-victims-solarwinds-attack]]|
|2020.12.18|The New Stack|[[SolarWinds, the World's Biggest Security Failure and Open Source's Better Answer|https://thenewstack.io/solarwinds-the-worlds-biggest-security-failure-and-open-sources-better-answer/]]|
|2020.12.18|//Security Scorecard//|[[SolarWinds Compromise May Have Begun 5 Months Earlier Than Suspected|https://securityscorecard.com/blog/solarwinds-compromise-may-have-begun-5-months-earlier-than-suspected]]|
|>|>|>||
|2020.12.17|//Radware//|[[FireEye Hack Turns into a Global Supply Chain Attack|https://blog.radware.com/security/2020/12/fireeye-hack-turns-into-a-global-supply-chain-attack/]]|
|2020.12.17|Dark Reading|[[CISA: SolarWinds Not the Only Initial Attack Vector in Massive Breach|https://www.darkreading.com/attacks-breaches/cisa-solarwinds-not-the-only-initial-attack-vector-in-massive-breach/d/d-id/1339755]]|
|2020.12.17|Bleeping Computer|[[SolarWinds hackers breach US nuclear weapons agency|https://www.bleepingcomputer.com/news/security/solarwinds-hackers-breach-us-nuclear-weapons-agency/]]|
|2020.12.17|Bleeping Computer|[[US think tank breached three times in a row by SolarWinds hackers|https://www.bleepingcomputer.com/news/security/nation-state-hackers-breached-us-think-tank-thrice-in-a-row/]]|
|2020.12.17|Bleeping Computer|[[FBI, CISA officially confirm US govt hacks after SolarWinds breach|https://www.bleepingcomputer.com/news/security/fbi-cisa-officially-confirm-us-govt-hacks-after-solarwinds-breach/]]|
|2020.12.17|Bleeping Computer|[[CISA: Hackers breached US govt using more than SolarWinds backdoor|https://www.bleepingcomputer.com/news/security/cisa-hackers-breached-us-govt-using-more-than-solarwinds-backdoor/]]|
|2020.12.17|//Lacework//|[[SolarWinds & the Software Supply Chain|https://www.lacework.com/solarwinds-the-software-supply-chain/]]|
|2020.12.17|//Anomali//|[[The FireEye, SolarWinds Hacks: Adversaries Want Access, How To Protect Your Organization|https://www.anomali.com/resources/podcasts/the-fireeye-solarwinds-hacks-adversaries-want-access-how-to-protect-your-organization]] (podcast)|
|202012.17|//Shift Left//|[[#Solorigate : SUNBURST SolarWinds BackDoor : Crime Scene Forensics|https://medium.com/swlh/sunburst-solarwinds-breach-crime-scene-forensics-continued-aef0ab568e03]]|
|>|>|>||
|2020.12.16|Help Net Security|[[SolarWinds hackers' capabilities include bypassing MFA|https://www.helpnetsecurity.com/2020/12/16/solarwinds-hackers-capabilities/]]|
|2020.12.16|Dark Reading|[[FireEye Identifies Killswitch for SolarWinds Malware as Victims Scramble to Respond|https://www.darkreading.com/attacks-breaches/fireeye-identifies-killswitch-for-solarwinds-malware-as-victims-scramble-to-respond/d/d-id/1339746]]|
|2020.12.16|Bleeping Computer|[[FireEye, Microsoft create kill switch for SolarWinds backdoor|https://www.bleepingcomputer.com/news/security/fireeye-microsoft-create-kill-switch-for-solarwinds-backdoor/]]|
|2020.12.16|//RedSeal//|[[Lessons for All of Us From the SolarWinds Orion Compromise |https://www.redseal.net/responding-to-the-solarwinds-orion-compromise/]]|
|>|>|>||
|2020.12.15|SANS|[[What You Need to Know About the SolarWinds Supply-Chain Attack|https://www.sans.org/blog/what-you-need-to-know-about-the-solarwinds-supply-chain-attack/]]|
|2020.12.15|Reuters|[[U.S. Homeland Security, thousands of businesses scramble after suspected Russian hack|https://www.reuters.com/article/global-cyber/u-s-homeland-security-thousands-of-businesses-scramble-after-suspected-russian-hack-idUSKBN28O1Z3]]|
|2020.12.15|Dark Reading|[[Concerns Run High as More Details of SolarWinds Hack Emerge|https://www.darkreading.com/attacks-breaches/concerns-run-high-as-more-details-of-solarwinds-hack-emerge/d/d-id/1339726]]|
|2020.12.15|Bleeping Computer|[[Microsoft to quarantine compromised SolarWinds binaries tomorrow|https://www.bleepingcomputer.com/news/security/microsoft-to-quarantine-compromised-solarwinds-binaries-tomorrow/]]|
|2020.12.15|//Cycode//|[[Six AppSec Learnings from Solar Winds|https://cycode.com/blog/six-appsec-learnings-from-solar-winds/]]|
|2020.12.15|//Shift Left//|[[Visual Notes Solarwinds Supply Chain Compromise Using Sunburst Backdoor Detected by Fireeye|https://blog.shiftleft.io/visual-notes-solarwinds-supply-chain-compromise-using-sunburst-backdoor-detected-by-fireeye-561e097fff3c]]|
|>|>|>||
|2020.12.14|Politico|[[Massively disruptive' cyber crisis engulfs multiple agencies|https://www.politico.com/news/2020/12/14/massively-disruptive-cyber-crisis-engulfs-multiple-agencies-445376]]|
|2020.12.14|Help Net Security|[[Hackers breached U.S. government agencies via compromised SolarWinds Orion software|https://www.helpnetsecurity.com/2020/12/14/compromised-solarwinds-orion/]]|
|2020.12.14|Dark Reading|[[18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack |https://www.darkreading.com/attacks-breaches/18000-organizations-possibly-compromised-in-massive-supply-chain-cyberattack-/d/d-id/1339716]]|
|2020.12.14|Bleeping Computer|[[US govt, FireEye breached after SolarWinds supply-chain attack|https://www.bleepingcomputer.com/news/security/us-govt-fireeye-breached-after-solarwinds-supply-chain-attack/]]|
|2020.12.15|//Malwarebytes//|[[SolarWinds advanced cyberattack: What happened and what to do now|https://blog.malwarebytes.com/threat-analysis/2020/12/advanced-cyber-attack-hits-private-and-public-sector-via-supply-chain-software-update/]]|
|>|>|>|!|
|2020.12.13|Washington Post|[[Russian government hackers are behind a broad espionage campaign that has compromised U.S. agencies, including Treasury and Commerce|https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html]]|
|2020.12.13|The Hacker News|[[US Agencies and FireEye Were Hacked Using SolarWinds Software Backdoor|https://thehackernews.com/2020/12/us-agencies-and-fireeye-were-hacked.html]]|
|2020.12.13|The Guardian|[[US treasury hacked by foreign government group - report|https://www.theguardian.com/technology/2020/dec/13/us-treasury-hacked-group-backed-by-foreign-government-report]]|
|2020.12.13|Security Week|[[US Investigating Computer Hacks of Government Agencies|https://www.securityweek.com/us-investigating-computer-hacks-government-agencies]]|
|2020.12.13|New York Times|[[Russian Hackers Broke Into Federal Agencies, U.S. Officials Suspect|https://www.nytimes.com/2020/12/13/us/politics/russian-hackers-us-government-treasury-commerce.html]]|
|>|>|>||
|2020.12.10|Dark Reading|[[FireEye Breach Fallout Yet to Be Felt|https://www.darkreading.com/threat-intelligence/fireeye-breach-fallout-yet-to-be-felt/d/d-id/1339680]]|
|>|>|>||
|2020.12.08|Dark Reading|[[Nation-State Hackers Breached FireEye, Stole Its Red Team Tools|https://www.darkreading.com/attacks-breaches/nation-state-hackers-breached-fireeye-stole-its-red-team-tools/d/d-id/1339652]]|
|>|>|>|!|
!Autres Sources / Other sources
|>|>|>|Ce fond indique des mises à jour ''pertinentes'' du tableau depuis la semaine dernière |
|!Dates|!Sources|!Titres et Liens|
|2021.04...|New York Times|[[...|https://www.nytimes.com/2021/04/15/world/europe/us-russia-sanctions.html]]|
|2021.04...|Bleeping Computer|[[U.S. government confirms Russian SVR behind the SolarWinds hack and issues sanctions|https://www.bleepingcomputer.com/news/security/us-government-confirms-russian-svr-behind-the-solarwinds-hack/]]|
|2021.04...|Dark Reading|[[...|https://www.darkreading.com/attacks-breaches/us-formally-attributes-solarwinds-attack-to-russian-intelligence-agency/d/d-id/1340690]]|
|2021.04...|Security Week|[[...|https://www.securityweek.com/months-after-hack-us-poised-announce-sanctions-russia]]|
|2021.04...|Security Week|[[...|https://www.securityweek.com/us-expels-russian-diplomats-imposes-new-round-sanctions]]|
|2021.04...|The Register|[[...|https://www.theregister.com/2021/04/15/solarwinds_hack_russia_apt29_positive_technologies_sanctions/]]|
|2021.04...|Bleeping Computer|[[...|https://www.bleepingcomputer.com/news/security/nsa-top-5-vulnerabilities-actively-abused-by-russian-govt-hackers/]]|
|2021.04...|Security Week|[[...|https://www.securityweek.com/nsa-russian-hackers-exploiting-vpn-vulnerabilities-patch-immediately]]|
|2021.03.29|ISC2|[[...|https://blog.isc2.org/isc2_blog/2021/03/survey-cybersecurity-community-increasingly-concerned-about-solarwinds-breach.html]]|
|2021.02.26|Security Week|[[Microsoft Releases Open Source Resources for Solorigate Threat Hunting|https://www.securityweek.com/microsoft-releases-open-source-resources-solorigate-threat-hunting]]|
|2021.02.23|Dark Reading|[[SolarWinds Attackers Lurked for 'Several Months' in FireEye's Network|https://www.darkreading.com/threat-intelligence/solarwinds-attackers-lurked-for-several-months-in-fireeyes-network/d/d-id/1340239]]|
|2021.02.15|The Register|[[Microsoft says it found 1,000-plus developers' fingerprints on the SolarWinds attack|https://www.theregister.com/2021/02/15/solarwinds_microsoft_fireeye_analysis/]]|
|2021.02.12|//Thinkst//|[[On SolarWinds, Supply Chains and Enterprise Networks|https://blog.thinkst.com/2021/02/on-solarwinds-supply-chains-and_12.html]]|
|2021.02.14|CBS News|[[SolarWinds: How Russian spies hacked the Justice, State, Treasury, Energy and Commerce Departments|https://www.cbsnews.com/news/solarwinds-hack-russia-cyberattack-60-minutes-2021-02-14/]]|
|2021.02.11|Dark Reading|[[7 Things We Know So Far About the SolarWinds Attacks|https://www.darkreading.com/attacks-breaches/7-things-we-know-so-far-about-the-solarwinds-attacks/d/d-id/1340134]]|
|2021.02.07|E-Hacking News|[[SolarWinds CEO: "SolarWinds Orion Development Program was Exploited by the Hackers"|https://www.ehackingnews.com/2021/02/solarwinds-ceo-solarwinds-orion.html]]|
|2021.02.05|//McAfee//|[[6 Best Practices for SecOps in the Wake of the Sunburst Threat Campaign|https://www.mcafee.com/blogs/enterprise/security-operations/6-best-practices-for-secops-in-the-wake-of-the-sunburst-threat-campaign/]]|
|2021.02.03|//Perimeter 81//|[[Make Sure the Next SolarWinds Isn't In Your Supply Chain|https://www.perimeter81.com/blog/cloud/how-to-make-sure-the-next-solarwinds-isnt-in-your-supply-chain/]]|
|2021.01.29|Wall Street Journal|[[tbd|https://www.wsj.com/articles/suspected-russian-hack-extends-far-beyond-solarwinds-software-investigators-say-11611921601]]|
|2021.01.27|//Cybereason//|[[SolarWinds Attacks Highlight Advantage of Indicators of Behavior for Early Detection|https://www.cybereason.com/blog/solarwinds-attacks-highlight-advantage-of-indicators-of-behavior-for-early-detection]]|
|2021.01.26|Security Week|[[More Cybersecurity Firms Confirm Being Hit by SolarWinds Hack|https://www.securityweek.com/more-cybersecurity-firms-confirm-being-hit-solarwinds-hack]]|
|2021.01.20|Security Week|[[Malwarebytes Targeted by SolarWinds Hackers|https://www.securityweek.com/malwarebytes-targeted-solarwinds-hackers]]|
|2021.01.15|//Varonis//|[[Threat Update 21 – SolarLeaks|https://www.varonis.com/blog/threat-update-21-solarleaks/]] ([[vidéo|https://www.youtube.com/watch?v=TSAbkRAM1qo]])|
|2021.01.15|//Avast//|[[Microsoft source code allegedly for sale on SolarLeaks site|https://blog.avast.com/solarleaks-selling-alleged-source-code-from-microsoft-cisco-avast]]|
|2021.01.14|//eSentire//|[[The SolarWinds supply chain compromise (Part 2)|https://www.esentire.com/blog/the-solarwinds-supply-chain-compromise-part-2]]|
|2021.01.14|Wall Street Journal|[[SolarWinds Hack Forces Reckoning With Supply-Chain Security|https://www.wsj.com/articles/solarwinds-hack-forces-reckoning-with-supply-chain-security-11610620200]]|
|2021.01.13|Security Week|[[SolarLeaks: Files Allegedly Obtained in SolarWinds Hack Offered for Sale|https://www.securityweek.com/solarleaks-files-allegedly-obtained-solarwinds-hack-offered-sale]]|
|2021.01.13|Security Week|[[Mimecast Discloses Certificate Incident Possibly Related to SolarWinds Hack|https://www.securityweek.com/mimecast-discloses-certificate-incident-possibly-related-solarwinds-hack]]|
|2021.01.12|//RiskRecon//|[[Three key questions and answers surrounding the SolarWinds Breach|https://blog.riskrecon.com/securing-the-supply-chain-next-steps-following-the-solarwinds-event]]|
|2021.01.12|//Cloud Passage//|[[SolarWinds Orion Compromise Vulnerability Mitigation|https://www.cloudpassage.com/articles/solarwinds-orion-compromise-mitigation/]]|
|2021.01.12|Wall Street Journal|[[SolarWinds Discloses Earlier Evidence of Hack|https://www.wsj.com/articles/solarwinds-discloses-earlier-evidence-of-hack-11610473937]]|
|2021.01.07|Security Week|[[Continuous Updates: Everything You Need to Know About the SolarWinds Attack|https://www.securityweek.com/continuous-updates-everything-you-need-know-about-solarwinds-attack]]|
|2021.01.07|Wall Street Journal|[[Federal Judiciary's Systems Likely Breached in SolarWinds Hack|https://www.wsj.com/articles/federal-judiciarys-systems-likely-breached-in-solarwinds-hack-11610040175]]|
|2021.01.07|Reuters|[[Hacking victim SolarWinds hires ex-Homeland Security official Krebs as consultant|https://www.reuters.com/article/global-cyber-solarwinds/hacking-victim-solarwinds-hires-ex-homeland-security-official-krebs-as-consultant-idUSL1N2JJ069]]|
|2021.01.07|Dark Reading| → [[SolarWinds Hires Chris Krebs and Alex Stamos for Breach Recovery|https://www.darkreading.com/threat-intelligence/solarwinds-hires-chris-krebs-and-alex-stamos-for-breach-recovery/d/d-id/1339861]]|
|2021.01.07|Tech Beacon|[[SolarWinds hack: Who's to blame? It's complicated|https://techbeacon.com/security/solarwinds-hack-whos-blame-its-complicated]]|
|2021.01.07|JetBrains|[[An Update on SolarWinds|https://blog.jetbrains.com/blog/2021/01/07/an-update-on-solarwinds/]]|
|2021.01.07|Bleeping Computer| &rarrd; [[JetBrains denies involvement in the SolarWinds supply-chain hack|https://www.bleepingcomputer.com/news/security/jetbrains-denies-involvement-in-the-solarwinds-supply-chain-hack/]]|
|2021.01.07|Dark Reading|[[Investigation Launched Into Role of JetBrains Product in SolarWinds Hack: Reports|https://www.securityweek.com/investigation-launched-role-jetbrains-product-solarwinds-hack-reports]]|
|2021.01.07|DZone|[[API Security Weekly / Vulnerability: SolarWinds|https://dzone.com/articles/api-security-weekly-issue-115]]|
|2021.01.06|Wall Street Journal|[[SolarWinds Hack Breached Justice Department System|https://www.wsj.com/articles/solarwinds-hack-breached-justice-department-systems-11609958761]]|
|2021.01.06|New York Times|[[Widely Used Software Company May Be Entry Point for Huge U.S. Hacking|https://www.nytimes.com/2021/01/06/us/politics/russia-cyber-hack.html]]|
|2021.01.06|Reuters|[[FBI probe of major hack includes project-management software from JetBrains: sources|https://www.reuters.com/article/us-global-cyber-jetbrains/fbi-probe-of-major-hack-includes-project-management-software-from-jetbrains-sources-idUSKBN29B2RR]]|
|2021.01.06|JetBrains|[[Statement on the Story from The New York Times Regarding JetBrains and SolarWinds|https://blog.jetbrains.com/blog/2021/01/06/statement-on-the-story-from-the-new-york-times-regarding-jetbrains-and-solarwinds/]]|
|2021.01.06|Bleeping Computer|[[SolarWinds hackers had access to over 3,000 US DOJ email accounts|https://www.bleepingcomputer.com/news/security/solarwinds-hackers-had-access-to-over-3-000-us-doj-email-accounts/]]|
|2021.01.06|Security Week|[[Class Action Lawsuit Filed Against SolarWinds Over Hack|https://www.securityweek.com/class-action-lawsuit-filed-against-solarwinds-over-hack]]|
|2021.01.05|Dark Reading|[[FBI, CISA, NSA & ODNI Cite Russia in Joint Statement on 'Serious' SolarWinds Attacks|https://www.darkreading.com/risk/fbi-cisa-nsa-and-odni-cite-russia-in-joint-statement-on-serious-solarwinds-attacks/d/d-id/1339829]]|
|2021.01.05|Dark Reading|[[SolarWinds Hit With Class-Action Lawsuit Following Orion Breach|https://www.darkreading.com/threat-intelligence/solarwinds-hit-with-class-action-lawsuit-following-orion-breach/d/d-id/1339831]]|
|2021.01.04|Security Week|[[Over 250 Organizations Breached via SolarWinds Supply Chain Hack: Report|https://www.securityweek.com/over-250-organizations-breached-solarwinds-supply-chain-hack-report]]|
|2021.01.04|The Telegraph|[[SolarWinds Hack 'May Have Started in Eastern Europe', US Investigators Believe|https://www.telegraph.co.uk/technology/2021/01/04/solarwinds-hack-may-have-started-eastern-europe-us-investigators/]]|
|2021.01.03|Romain du Marais[img[iCSIRT/flag_fr.png]]|[[Décryptage : Finir 2020 avec un énorme piratage - SolarWinds et FireEye|https://www.youtube.com/watch?v=_mb32hajks4]]|
|2021.01.02|New York Times|[[As Understanding of Russian Hacking Grows, So Does Alarm|https://www.nytimes.com/2021/01/02/us/politics/russian-hacking-government.html]]|
|2020.12.31|//Palo Alto Networks//|[[Cortex XDR: Fortify the SOC Against SolarStorm, Variants and Imitators|https://blog.paloaltonetworks.com/2020/12/cortex-solarstorm-variants-imitators/]]|
|2020.12.31|//XM Cyber//|[[Lessons Learned from the SolarWinds SUNBURST Attack|https://www.xmcyber.com/lessons-learned-from-the-solarwinds-sunburst-attack/]]|
|2020.12.29|//CyCognito//|[[SUNBURST exposes supply chain security risks|https://www.cycognito.com/blog/cyber-risks-and-the-importance-of-attack-surface-management]]|
|2020.12.28|GeekWire|[[How hacked is hacked? Here's a ‘hack scale' to better understand the SolarWinds cyberattacks|https://www.geekwire.com/2020/hacked-hacked-heres-hack-scale-better-understand-solarwinds-cyberattacks/]]|
|2020.12.28|//eSentire//|[[The SolarWinds supply chain compromise|https://www.esentire.com/blog/threat-intelligence-the-solarwinds-compromise]]|
|2020.12.22|//VIPRE//|[[FireEye/SolarWinds/SUNBURST Hack – What You Need to Know|https://www.vipre.com/blog/fireeye-solarwinds-sunburst-hack-what-you-need-to-know/]]|
|2020.12.22|//Cybereason//|[[Cybereason vs. SolarWinds Supply Chain Attack|https://www.cybereason.com/blog/cybereason-vs-solarwinds-supply-chain-attack]]|
|2020.12.21|Wall Street Journal|[[SolarWinds Hack Hit Office Home to Top Treasury Department Officials|https://www.wsj.com/articles/barr-points-finger-at-russia-for-solarwinds-hack-11608573971]]|
|2020.12.18|//Shared Assessments//|[[Resolve to Prepare for Supply Chain Cyber Attacks with Better Vendor Risk Management Practices in 2021|https://sharedassessments.org/blog/resolve-to-prepare-for-supply-chain-cyber-attacks-with-better-vendor-risk-management-practices-in-2021/]]|
|2020.12.17|//FireEye//|[[DebUNCing Attribution: How Mandiant Tracks Uncategorized Threat Actors|https://www.fireeye.com/blog/products-and-services/2020/12/how-mandiant-tracks-uncategorized-threat-actors.html]]|
|2020.12.17|Security Week|[[Supply Chain Attack: CISA Warns of New Initial Attack Vectors Posing 'Grave Risk'|https://www.securityweek.com/supply-chain-attack-cisa-warns-new-initial-attack-vectors-posing-grave-risk]]|
|2020.12.17|Fedscoop|[[SolarWinds recap: All of the federal agencies caught up in the Orion breach|https://www.fedscoop.com/solarwinds-recap-federal-agencies-caught-orion-breach/]]|
|2020.12.17|Reuters|[[Exclusive : Microsoft Breached in Suspected Russian Hack Using SolarWinds|https://www.reuters.com/article/global-cyber-microsoft-exclusive-int-idUSKBN28R3BW]]|
|2020.12.17|The Intercept|[[Russian Hackers Have Been Inside Austin City Network for Months|https://theintercept.com/2020/12/17/russia-hack-austin-texas/]]|
|2020.12.16|GeekWire|[[Microsoft unleashes ‘Death Star' on SolarWinds hackers in extraordinary response to breach|https://www.geekwire.com/2020/microsoft-unleashes-death-star-solarwinds-hackers-extraordinary-response-breach/]]|
|2020.12.15|Wall Street Journal|[[Suspected Russian Cyberattack Began With Ubiquitous Software Company|https://www.wsj.com/articles/suspected-russian-cyberattack-began-with-a-little-known-but-ubiquitous-software-company-11608036495]]|
|2020.12.15|Security Week|[[Group Behind SolarWinds Hack Bypassed MFA to Access Emails at US Think Tank|https://www.securityweek.com/group-behind-solarwinds-hack-bypassed-mfa-access-emails-us-think-tank]]|
|2020.12.14|Reuters|[[Scope of Russian Hack Becomes Clear : Multiple U.S. Agencies Were Hit|https://www.nytimes.com/2020/12/14/us/politics/russia-hack-nsa-homeland-security-pentagon.html]]|
|2020.12.14|Reuters|[[Suspected Russian Hackers Spied on U.S. Treasury Emails|https://www.reuters.com/article/us-usa-cyber-treasury-exclusive-idUSKBN28N0PG]]|
|2020.12.14|Reuters|[[Suspected Russian Hackers Breached U.S. Department of Homeland Security|https://www.reuters.com/article/us-global-cyber-usa-dhs-idUSKBN28O2LY]]|
|2020.12.14|Reuters|[[Global Security Teams Assess Impact of Suspected Russian Cyber Attack|https//www.reuters.com/article/us-usa-cyber-treasury-britain-idUSKBN28O1K3]]|
|2020.12.14|Lawfare|[[Quick Thoughts on the Russia Hack|https://www.lawfareblog.com/quick-thoughts-russia-hack]]|
|2020.12.14|Lawfare|[[The SolarWinds Breach: Why Your Work Computers Are Down Today|https://www.lawfareblog.com/solarwinds-breach-why-your-work-computers-are-down-today]]|
|2020.12.14|The Register|[[Backdoored SolarWinds Software, Linked to US Govt Hacks, in Wide Use throughout the British Public Sector|https://www.theregister.com/2020/12/14/solarwinds_public_sector/]]|
|2020.12.13|New York Times|[[Russian Hackers Broke Into Federal Agencies, U.S. Officials Suspect|https://www.nytimes.com/2020/12/13/us/politics/russian-hackers-us-government-treasury-commerce.html]]|
|2020.12.08|Reuters|[[U.S. Cybersecurity Firm FireEye Discloses Breach, Theft of Hacking Tools|https://www.reuters.com/article/us-fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-hacking-tools-idUSKBN28I31E]]|
!Outils et codes d'exploitation disponibles
|>|>|>|bgcolor:#F5DF4D;Ce fond indique les mises à jour les plus récentes du tableau |
|!Dates|!Sources|!Titres et Liens|
|bgcolor:#F5DF4D;2021.02.16|//NetreseC//|[[SunburstDomainDecoder v2.0|https://www.netresec.com/files/SunburstDomainDecoder.zip]] (zip)|
|>|>|>||
|2021.01.12|//FireEye//|[[Mandiant Azure AD Investigator: Focusing on UNC2452 TTPs|https://github.com/fireeye/Mandiant-Azure-AD-Investigator]]|
|>|>|>||
|2021.01.07|//SentinelOne//|[[SolarWinds Countermeasures|https://github.com/SentineLabs/SolarWinds_Countermeasures]]|
|>|>|>||
|2020.12.24|CISA|![[Sparrow.ps1|https://github.com/cisagov/Sparrow]] aide à détecter des comptes et des applications potentiellement compromis dans l'environnement Azure/M365|
|2020.12.24|//CrowdStrike//|![[CrowdStrike Reporting Tool for Azure (CRT)|https://github.com/CrowdStrike/CRT]]|
|2020.12.24|//SolarWinds//|![[Mitigate-TestAction.ps1|https://downloads.solarwinds.com/solarwinds/Support/SupernovaMitigation.zip]] met à jour la 'web.config' pour contrer l'exploitation de code à distance (RCE) via TestAction (script powershell à extraire) |
|>|>|>||
|2020.12.22|//True Sec//|[[Sunburst Decoder|https://github.com/Truesec/sunburst-decoder]]|
|>|>|>||
|2020.12.16|Rohit Bansal|[[subdomain & #DGA domain names, #SolarWinds, attacked by #UNC2452 @0xrb|https://pastebin.com/6EDgCKxd]]|
|>|>|>||
|2020.12.15|//Microsoft//|[[Outil de détection Microsoft|https://github.com/Azure/Azure-Sentinel/blob/master/Detections/SigninLogs/AzureAADPowerShellAnomaly.yaml]]|
|2020.12.15|//QiAnXin//|[[SunBurst DGA Decode Script|https://github.com/RedDrip7/SunBurst_DGA_Decode]]|
|>|>|>|!|
|2017.11.27|//CyberArk//|[[shimit|https://github.com/cyberark/shimit]] : script en python tool qui lance l'attaque 'Golden SAML'|
!Indicateurs de compromission/IOCs et marqueurs disponibles
|>|>|>|bgcolor:#F5DF4D;Ce fond indique les mises à jour les plus récentes du tableau |
|!Dates|!Sources|!Titres et Liens|
|2021.01.17|//WhoisXML API//|![[Cyber Threat Intel Analysis and Expansion of SolarWinds Identified IoCs|http://www.circleid.com/posts/20210117-cyberthreat-intel-analysis-expansion-of-solarwinds-identified-iocs/]] |
|>|>|>|!|
|2021.01.11|//CrowdStrike//|![[SUNSPOT: An Implant in the Build Process|https://www.crowdstrike.com/blog/sunspot-malware-technical-analysis/]] |
|2021.01.11|Malpedia|![[Kazuar|https://malpedia.caad.fkie.fraunhofer.de/details/win.kazuar]] ([[règles YARA|https://malpedia.caad.fkie.fraunhofer.de/yara/win.kazuar]])|
|>|>|>|!|
|2021.01.07|CISA|![[AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations|https://us-cert.cisa.gov/ncas/alerts/aa20-352a]] (mise à jour) |
|>|>|>|!|
|2021.01.04|Itay Cohen|[[SUNBURST Cracked|https://github.com/ITAYC0HEN/SUNBURST-Cracked]]: Sunburst modified version of the malicious backdoor in a class named OrionImprovementBusinessLayer, decompiled with some modifications|
|>|>|>|!|
|2020.12.29|Jin Wook Kim|[[CVE-2020-10148 SolarWinds Orion local file disclosure & PoC (Tested)|https://twitter.com/wugeej/status/1343792263806164997?s=21]]|
|2020.12.29|0xsha|[[Solarwinds_Orion_LFD.py|https://gist.github.com/0xsha/75616ef6f24067c4fb5b320c5dfa4965]]: Code de démonstration CVE-2020-10148|
|>|>|>|!|
|2020.12.23|//Palo Alto Networks//|![[A Timeline Perspective of the SolarStorm Supply-Chain Attack|https://unit42.paloaltonetworks.com/solarstorm-supply-chain-attack-timeline/]] |
|2020.12.22|etlownoise|[[fakesunburst: Defanged version of sunburst backdoor|https://github.com/etlownoise/fakesunburst]]|
|2020.12.22|//Checkpoint Software//|[[SUNBURST, TEARDROP and the NetSec New Normal|https://research.checkpoint.com/2020/sunburst-teardrop-and-the-netsec-new-normal/]]|
|>|>|>|!|
|2020.12.19|Bleeping Computer|[[The SolarWinds cyberattack: The hack, the victims, and what we know|https://www.bleepingcomputer.com/news/security/the-solarwinds-cyberattack-the-hack-the-victims-and-what-we-know/]]|
|2020.12.18|//Microsoft//|[[Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers|https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/]]|
|2020.12.18|//Sentinel One//|[[SolarWinds SUNBURST Backdoor: Inside the APT Campaign|https://labs.sentinelone.com/solarwinds-sunburst-backdoor-inside-the-stealthy-apt-campaign/]]|
|2020.12.17|CISA|![[AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations|https://us-cert.cisa.gov/ncas/alerts/aa20-352a]] |
|2020.12.17|//Palo Alto Networks//|[[SUPERNOVA: A Novel .NET Webshell|https://unit42.paloaltonetworks.com/solarstorm-supernova/]]|
|2020.12.17|//McAfee//|[[Additional Analysis into the SUNBURST Backdoor|https://www.mcafee.com/blogs/other-blogs/mcafee-labs/additional-analysis-into-the-sunburst-backdoor/]]|
|2020.12.16|//Reversing Labs//|[[SunBurst: the next level of stealth|https://blog.reversinglabs.com/blog/sunburst-the-next-level-of-stealth]]|
|2020.12.16|Rohit Bansal|[[subdomain & #DGA domain names, #SolarWinds, attacked by #UNC2452 @0xrb|https://pastebin.com/6EDgCKxd]]|
|2020.12.15|OS Context|[[SUNBURST: Unredacted pDNS information available|https://ioc.oscontext.io/]]|
|2020.12.15||[[SolarWinds/SunBurst FNV-1a-XOR hash founds analysis|https://docs.google.com/spreadsheets/d/1u0_Df5OMsdzZcTkBDiaAtObbIOkMa5xbeXdKk_k0vWs/edit#gid=0]]|
|2020.12.15|//Symantec//|[[Sunburst: Supply Chain Attack Targets SolarWinds Users|https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/sunburst-supply-chain-attack-solarwinds]]|
|2020.12.15|//Sophos//|[[Threathunt for the Solarwinds Compromise|https://github.com/sophos-cybersecurity/solarwinds-threathunt]]|
|2020.12.15|//Netskope//|[[Netskope Threat Coverage: SUNBURST & FireEye Red Team (Offensive Security) Tools|https://www.netskope.com/blog/netskope-threat-coverage-sunburst-fireeye-red-team-offensive-security-tools]]|
|2020.12.15|//Picus Security//|[[Tactics, Techniques, and Procedures (TTPs) Used in the SolarWinds Breach|https://www.picussecurity.com/resource/blog/ttps-used-in-the-solarwinds-breach]]|
|2020.12.15|//Elastic//|[[Elastic Security provides free and open protections for SUNBURST|https://www.elastic.co/fr/blog/elastic-security-provides-free-and-open-protections-for-sunburst]]|
|2020.12.15|Pastebin|[[Compromised systems according to RedDrip|https://pastebin.com/raw/G7mnW5Zk]]|
|2020.12.14|John Bambenek|[[Sunburst Indicators|https://github.com/bambenek/research/tree/main/sunburst]]|
|2020.12.14|//Volexity//|![[Dark Halo Leverages SolarWinds Compromise to Breach Organizations|https://www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/]]|
|2020.12.14|//Cado Security//|[[Responding to Solarigate|https://www.cadosecurity.com/post/responding-to-solarigate]]|
|2020.12.14|//Sophos//|[[TEARDROP IOCs|https://github.com/sophos-cybersecurity/solarwinds-threathunt/blob/master/iocs.csv]]|
|2020.12.13|Malware Bazaar|[[sunburst|https://bazaar.abuse.ch/browse.php?search=tag%3Asunburst]] (@@màj: 28.12.2020@@)|
|2020.12.13|//Microsoft//|![[Customer Guidance on Recent Nation-State Cyber Attacks|https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/]] |
|2020.12.13|//FireEye//|![[FireEye Mandiant SunBurst Countermeasures|https://github.com/fireeye/sunburst_countermeasures]]|
|2020.12.13|Joe Slowik|[[CNAME records associated with the #SUNBURST malware C2 beacon via @DomainTools Iris|https://twitter.com/jfslowik/status/1338321984527228928]] ([[pastebin|https://pastebin.com/T0SRGkWq]]))|
|>|>|>|!|
|2020.12.12|//FireEye//|[[Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor|https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html]]|
|2020.12.11|//Picus Security//|[[It is Time to Take Action - How to Defend Against FireEye's Red Team Tools|https://www.picussecurity.com/resource/blog/how-to-defend-against-fireeye-s-red-team-tools]]|
|2020.12.10|//Picus Security//|[[Tactics, Techniques and Procedures (TTPs) Utilized by FireEye's Red Team Tools|https://www.picussecurity.com/resource/blog/techniques-tactics-procedures-utilized-by-fireeye-red-team-tools]]|
|2020.12||[[SunBurst2|https://docs.google.com/spreadsheets/d/1fpyFt0GL2Swxn0Ihw43eu-kM7HlJXni0EvFYqqMRTz8/edit#gid=339435444]]|
|>|>|>|!|
!Source: MITRE ATT&CK [[G0118|https://attack.mitre.org/groups/G0118/]]
{{ss2col{
* [[T1003|https://attack.mitre.org/techniques/T1003]] OS Credential Dumping: DCSync
* [[T1005|https://attack.mitre.org/techniques/T1005]] Data from Local System
* [[T1018|https://attack.mitre.org/techniques/T1018]] Remote System Discovery
* [[T1021|https://attack.mitre.org/techniques/T1021]] Remote Services: Windows Remote Management
* [[T1027|https://attack.mitre.org/techniques/T1027]] Obfuscated Files or Information
* [[T1036|https://attack.mitre.org/techniques/T1036]] Masquerading
* [[T1047|https://attack.mitre.org/techniques/T1047]] Windows Management Instrumentation
* [[T1048|https://attack.mitre.org/techniques/T1048]] Exfiltration Over Alternative Protocol: Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
* [[T1053|https://attack.mitre.org/techniques/T1053]] Scheduled Task/Job: Scheduled Task
* [[T1057|https://attack.mitre.org/techniques/T1057]] Process Discovery
* [[T1059|https://attack.mitre.org/techniques/T1059]] Command and Scripting Interpreter: PowerShell
* [[T1069|https://attack.mitre.org/techniques/T1069]] Permission Groups Discovery
* [[T1070|https://attack.mitre.org/techniques/T1070]] Indicator Removal on Host
* [[T1071|https://attack.mitre.org/techniques/T1071]] Application Layer Protocol: Web Protocols
* [[T1074|https://attack.mitre.org/techniques/T1074]] Data Staged: Remote Data Staging
* [[T1078|https://attack.mitre.org/techniques/T1078]] Valid Accounts
* [[T1082|https://attack.mitre.org/techniques/T1082]] System Information Discovery
* [[T1083|https://attack.mitre.org/techniques/T1083]] File and Directory Discovery
* [[T1087|https://attack.mitre.org/techniques/T1087]] Account Discovery
* [[T1090|https://attack.mitre.org/techniques/T1090]] Proxy: Internal Proxy
* [[T1098|https://attack.mitre.org/techniques/T1098]] Account Manipulation: Exchange Email Delegate Permissions
* [[T1105|https://attack.mitre.org/techniques/T1105]] Ingress Tool Transfer
* [[T1114|https://attack.mitre.org/techniques/T1114]] Email Collection: Remote Email Collection
* [[T1140|https://attack.mitre.org/techniques/T1140]] Deobfuscate/Decode Files or Information
* [[T1190|https://attack.mitre.org/techniques/T1190]] Exploit Public-Facing Application
* [[T1195|https://attack.mitre.org/techniques/T1195]] Supply Chain Compromise: Compromise Software Supply Chain
* [[T1218|https://attack.mitre.org/techniques/T1218]] Signed Binary Proxy Execution: Rundll32
* [[T1482|https://attack.mitre.org/techniques/T1482]] Domain Trust Discovery
* [[T1484|https://attack.mitre.org/techniques/T1484]] Domain Policy Modification: Domain Trust Modification
* [[T1546|https://attack.mitre.org/techniques/T1546]] Event Triggered Execution: Windows Management Instrumentation Event Subscription
* [[T1550|https://attack.mitre.org/techniques/T1550]] Use Alternate Authentication Material
* [[T1552|https://attack.mitre.org/techniques/T1552]] Unsecured Credentials: Private Keys
* [[T1553|https://attack.mitre.org/techniques/T1553]] Subvert Trust Controls: Code Signing
* [[T1555|https://attack.mitre.org/techniques/T1555]] Credentials from Password Stores
* [[T1558|https://attack.mitre.org/techniques/T1558]] Steal or Forge Kerberos Tickets: Kerberoasting
* [[T1560|https://attack.mitre.org/techniques/T1560]] Archive Collected Data: Archive via Utility
* [[T1562|https://attack.mitre.org/techniques/T1562]] Impair Defenses: Disable or Modify System Firewall
* [[T1568|https://attack.mitre.org/techniques/T1568]] Dynamic Resolution
* [[T1587|https://attack.mitre.org/techniques/T1587]] Develop Capabilities: Malware
* [[T1606|https://attack.mitre.org/techniques/T1606]] Forge Web Credentials: Web Cookies
}}}
<<tiddler [[S3FRN4]]>>
Date : le ''vendredi 21 avril 2023 de 9h à 17h''. La formation ''SIM3-1 en français'' se déroulera ''uniquement en présentiel'' au Campus Cyber.
|<<showtoc>> |
!1 - Participants et pré-requis
<<tiddler [[S3FR1-Cibles]]>>
!2 - Contenu de la formation 
<<tiddler [[S3FR1-Contenu]]>>
!3 - Moyens pédagogiques
<<tiddler [[S3FR1-Moyens]]>>
!4 - Différences avec les formation SIM3 en 1 jour et en 3 jours
<<tiddler [[S3FR1-vs-S3FR3]]>>
!5 - Conditions pratiques
<<tiddler [[S3FR1-Conditions-N4]]>>
!6 - Présentation des formateurs
<<tiddler [[S3FR1-Formateur Caleff]]>>
!7 - Contact
<<tiddler [[S3FR1-Contact]]>>
!8 - Inscription
<<tiddler [[S3FR1-Inscription-N4]]>>
<<tiddler .ReplaceTiddlerTitle with: [[Formation SIM3-1 - Avril 2023]]>>
La formation SIM3-1 s'adresse :
* aux personnels des équipes d'intervention et de traitement des incidents de sécurité informatique de CSIRT/CERT et de SOC
* aux responsables sécurité et RSSI
Les pré-requis pour les participants sont :
* Faire partie de l'InterCERT France, la TF-CSIRT ou le FIRST ou avoir l'intention de rejoindre un tel réseau de confiance
* Avoir un rôle opérationnel dans une équipe de type CSIRT/CERT ou SOC ou //a minima// avoir une expérience dans le domaine
* Respecter la confidentialité des échanges : toute la formation est ''TLP-AMBER''
* Connaître le principe du ''Traffic Light Protocol'' (//TLP//)
''Si l'une des conditions ci-dessus n'est pas respectée, un entretien préliminaire de 30 minutes pourra être organisé afin de valider la demande d'inscription à la formation.''
Les 5 parties de la formation SIM3-1 en 1 jour sont les suivantes :
''1 - Présentation SIM3''
* Notion de maturité et principes des modèles 
* Modèle de maturité SIM3, historique de SIM3
* Les échelles de valeurs et niveaux de maturité
''2 - Détails SIM3''
* Domaines, paramètres, niveaux
* Paramètres organisationnels
* Paramètres humains
* Paramètres outillage
* Paramètres de processus
''3 - Études de cas''
* Analyses concrêtes de certains paramètres
''4 - Auto-évaluation SIM3 et erreurs à éviter''
* Démarche d'auto-évaluation
* Outils d'auto-évaluation de l'OpenCSIRT et de l'ENISA
* Erreurs à éviter
''5 - Démarche globale SIM3''
* Profils FIRST, TF-CSIRT, ENISA/CSIRTs Network
* Cas d’utilisation de SIM3 (InterCERT-France, NCA, TF-CSIRT, FIRST, projets)
[img(99%,1px)[i/BluePixel.gif]]
* Séance de formation présentiel
* Pédagogie basée sur des présentations et des ateliers en groupe
* La formation de 1 journée est donnée en français
* Les supports de la formation SIM3-1 sont distribués à l'avance sous forme électrique (fichiers PDF) et à télécharger par les participants.
* ''Tous les supports de formation SIM3-1 (slides, documents annexes) sont exclusivement rédigés en anglais''.
* ''Aucun support de formation SIM3-1 (slides, documents annexes) ne sera rédigé en français''.
Les différences avec la formation SIM3 sur 3 jours sont les suivantes :
| !Formation SIM3 | !En __1__ jour | !En __3__ jours |
|Possibilité de passer l'examen de certification ''SIM3 Certified Auditor'' | ''NON'' | ''OUI'' |
|Analyse des paramètres SIM3 | ''8'' paramètres | ''Tous'' les paramètres |
|Ateliers de groupes | ''1 à 2'' | ''4 à 6'' |
|Durée des ateliers | ''15 à 30'' minutes | ''30 à 60'' minutes |
* Minimum de 12 participants, et maximum de 24 participants
** Si nécessaire un entretien individuel d'un maximum de 30 minutes sera organisé pour valider la demande d'inscription d'un participant.

* Montant de la formation de 1 journée :
** Membre InterCERT FRANCE : ''500 €uros HT / 600 €uros TTC par participant''.
** Autres : ''800 €uros HT / 960 €uros TTC par participant''.

* Horaires
** ''9h00 à 17h00'' avec 2 pauses par demie-journée et une pause déjeuner
[img(99%,1px)[i/BluePixel.gif]]
Pour réserver une place à cette formation : télécharger le formulaire d'inscription, le (faire) remplir et le renvoyer à l'adresse de contact.
* Formulaire au format PDF : https://csirt.fr/SIM3/202304-SIM3-1-Inscription.pdf
* Formulaire au format DOCX : https://csirt.fr/SIM3/202304-SIM3-1-Inscription.docx 
<<tiddler [[CV Olivier Caleff]]>>
<<tiddler [[CV Marc-Frédéric Gomez]]>>
!!Olivier CALEFF
<<<
[>img(150px,auto)[i/OlivierCaleff.jpg]]Olivier CALEFF travaille dans le domaine de la sécurité informatique depuis le début des années 90, et traite plus spécifiquement des problèmatiques de veille et de traitement des incidents de sécurité depuis la fin des années 90. Il est maintenant spécialisé dans le domaine de la cyber-résilience.
Il anime des sessions de formation SIM3 en anglais depuis 2015 et en français depuis 2020 avec plus de 300 personnes formées.
!!Résumé de carrière
* En 1986, il débute au sein de la société ''Dassault Electronique'' comme ingénieur réseau.
* En 1992, il et l'un des co-fondateurs de la société de services ''APOGEE Communications''+++^*[»] [img(300px,auto)[i/APOGEE-Communications.png]] ===, et il y lance l'activité sécurité en 1994.
* En 1997, il participe au lancement de l'activité de Veille Sécurité ''APOGEE SecWatch'' et de réponse aux incidents.
* Après le rachat de la société par le groupe COLT puis par le groupe DEVOTEAM, l'activité devient le ''CERT DEVOTEAM'' et rejoint l'''InterCERT-FR''+++^*[»] Voir https://www.cert.ssi.gouv.fr/csirt/intercert-fr/ maintenant https://www.intercert-france.fr/ ===.
* Il intervient auprès de clients français pour la mise en œuvre d'équipes CSIRT de réponse aux incidents de sécurité et de veille.
* En 2013, il rejoint l'''ANSSI''+++^*[»] Voir https://www.ssi.gouv.fr/ === en tant que responsable des relations internationales du ''CERT-FR''+++^*[»] Voir https://cert.ssi.gouv.fr/ ===.
* En 2018, il rejoint le groupe ''SANOFI''+++^*[»] Voir https://www.sanofi.com/ ===  comme responsable groupe "Cyber Résilience" au sein de l'équipe Cyber Sécurité et intervient notamment sur l'organisation d'exercices cyber, de gestion d'incidents et de gestion de crise.
* Depuis 2022, Olivier Caleff est responsable ''"Cyber Résilience et Gestion de Crises"'' et associé au sein de la société ''[[ERIUM|https://www.ERIUM.fr/]]''+++^*[»] Voir https://www.ERIUM.fr/ === .
Plus d'informations sont disponibles sur son profil ''LinkedIN''+++^*[»] Voir https://www.linkedin.com/in/caleff/ ===.
!Compléments
Plus de détails sont disponibles sur le cursus et les activités d'Olivier CALEFF. Elles couvrent :
* Les activités liées aux formations : TRANSITS, SIM3, en Mastère Spécialisé Cyber Sécurité...
* Les activités liées aux communautés de CSIRTs et associations : FIRST, TF-CSIRT, InterCERT France, OpenCSIRT Foundation...
* Les activités liées aux communautés de CISO : CESIN, ECSO...
* Les activités liées à la cyber sécurité en Europe : ENISA, Commission Européenne...
* Autres activités : Évaluateur Technique COFRAC, Chapitre français de la Cloud Security Alliance...
* Certifications en (Cyber) Sécurité

+++[Plus de détails »]> <<tiddler [[CV Olivier Caleff - Détails]]>> === 
[img(99%,1px)[i/BluePixel.gif]]
<<<
!!Formations SIM3
* En septembre 2018, suivi de la formation SIM3 puis passage avec succès de l'examen pour devenir ''SIM3 Certified Auditor''.
* En juin 2019 et en juin 2022, il co-anime des demies jourénes de formations sur SIM3 en marge des conférences annuelles du FIRST (respectivement, à Edimbourg et à Dublin).
* En avril 2023, co-animation d'une session de formation SIM3 de 1 jour en français (région parisienne)
* En juillet 2022, co-animation d'une session de formation SIM3 de 3 jours en anglais (Dublin, Irlande)
* En septembre 2022, animation d'une session de formation SIM3 de 3 jours en français (région parisienne)
!!Formations TRANSITS
* En 2010, suivi de la formation ''TRANSITS-I''+++^*[»] Voir http://www.geant.org/Services/Trust_identity_and_security/Pages/TRANSITS-I.aspx ===.
* En 2014, suivi de la formation ''Train the Trainer'' afin de devenir formateur TRANSITS.
* En 2015, il commence à délivrer des formations ''TRANSITS-I''+++^*[»] Voir https://stage.tf-csirt.org/transits/transits-events/transits-i/ === en anglais notamment pour l'''AfricaCERT''+++^*[»] Voir https://www.africacert.org/ ===, et rédige une nouvelle version du module "Opérationnel".
* Entre 2018 et 2022, il est l'un des deux ''Head Trainer''+++^*[»] Voir https://opencsirt.org/our-projects/transits-head-trainer/ === avec ''Don Stikvoort''+++^*[»] Voir https://www.first.org/hof/inductees#don-stikvoort === pour les formations ''TRANSITS-I''+++^*[»] Voir https://www.geant.org/Services/Trust_identity_and_security/Pages/TRANSITS-I.aspx === et ''TRANSITS-II''+++^*[»] Voir https://www.geant.org/Services/Trust_identity_and_security/Pages/TRANSITS_II.aspx === dans le cadre de l'''OpenCSIRT Foundation''+++^*[»] Voir https://opencsirt.org/ ===.
* A ce titre, il enseigne tous les modules ''TRANSITS-I''+++^*[»] Voir https://tf-csirt.org/transits/transits-events/transits-i/ ===, ainsi que les modules "Forensique" et "Communication" de ''TRANSITS-II''+++^*[»] Voir https://tf-csirt.org/transits/transits-events/transits-ii/ ===.
TRANSITS est le sigle de "TRAining of Network Security Incident Teams Staff"+++^*[»] Voir https://tf-csirt.org/transits/ === 
!!TF-CSIRT / Trusted Introducer
TF-CSIRT / Trusted Introducer : +++^*[détails »] Task Force of Computer Security and Incident Response Teams - https://tf-csirt.org 
Trusted Introducer https://www.trusted-introducer.org/ === * En 2007, il rejoint la TF-CSIRT en tant que représentant du CERT-DEVOTEAM. * En 2013, il rejoint la TF-CSIRT en tant que représentant du CERTA (renommé en CERT-FR en 2014). * Depuis 2018, il participe à la TF-CSIRT //ad personam// comme ''Associate''+++^*[»] Voir https://www.trusted-introducer.org/processes/associates.html ===. * Il a participé au groupe de travail "''Future of TF-CSIRT Future of TF-CSIRT Working Group''". * Depuis 2021, il réalise des audit SIM3 pour la certification d'équipes CSIRT. !!FIRST FIRST : +++^*[détails »] Forum of Incident Response Security Teams - https://first.org/ === * En 2013, il rejoint le FIRST en tant que représentant du CERTA, qui sera renommé en CERT-FR en 2014. * Il y réalise 8 évaluations ''Site Visits'' de CSIRT candidats à l'entrée au FIRST. * Depuis 2018, il participe au FIRST //ad personam// comme ''FIRST Liaison''+++^*[»] Voir https://www.trusted-introducer.org/processes/associates.html ===. * Jusqu'en 2022, il est co-animateur des groupes de travail (SIG) : ''Membership Committee''+++^*[»] Voir https://www.first.org/about/organization/committees ===, ''Malware Analysis''+++^*[»] Voir https://www.first.org/global/sigs/malware/ ===. * Il est co-animateur du groupe de travail (SIG) ''Cyber Exercises''. * Il participe activement à deux autres groupes de travail : ''CSIRT Framework Development''+++^*[»] Voir https://www.first.org/global/sigs/csirt/ === qui a notamment publié le nouveau ''Computer Security Incident Response Team (CSIRT) Services Framework''+++^*[»] Voir https://www.first.org/standards/frameworks/csirts/csirt_services_framework_v2.1 === et ''Traffic Light protocol (TLP)''+++^*[»] Voir https://www.first.org/global/sigs/tlp/ ===. * Il a été élu en Juin 2022 au Conseil d'Administration du FIRST (''FIRST Board of Directors'') pour un mandat de 2 ans. !!InterCERT France InterCERT France : +++^*[détails »] https://www.intercert-france.fr/ === * En 2005, il rejoint l'interCERT-FR encore embryonnaire en tant que co-représentant APOGEE Communications, puis du CERT DEVOTEAM * Entre 2013 et 2018, il co-anime l'InterCERT-FR en tant que représentant du CERTA puis du CERT-FR, participe à sa structuration et organise les premières élections. * En 2022, il rejoint l'InterCERT France en tant que membre Liaison. !!OpenCSIRT Foundation OpenCSIRT Foundation : +++^*[détails »] https://opencsirt.org/ === * Depuis 2014, il travaille avec le modèle de maturité ''SIM3''+++^*[»] Voir https://opencsirt.org/csirt-maturity/sim3-and-references/ ===. * Depuis 2018, il est certifié ''SIM3 Auditor''+++^*[»] Voir http://opencsirt.org/auditors-france/ ===. * Depuis 2022, il est certifié ''SIM3 Trainer''+++^*[»] Voir https://opencsirt.org/csirt-maturity/sim3-certified-auditor-training/ ===. * Il participe au groupe de travail sur l'évolution et l'extension de ''SIM3''. !!ENISA ENISA : +++^*[détails »] European Network and Information Security Agency - https://enisa.europa.eu/ === * Depuis 2014, il participe à la rédaction de documents de l'ENISA notamment sur l'''évaluation de la maturité des CSIRT basé sur SIM3''+++^*[»] Voir https://www.enisa.europa.eu/publications/study-on-csirt-maturity-evaluation-process === et ''Good Practice Guide on Training Methodologies''+++^*[»] Voir https://www.enisa.europa.eu/publications/good-practice-guide-on-training-methodologies ===. * Depuis 2019, il participe //ad personam// à 3 groupes de travail de type ''Informal Expert Group'' : "''Informal Expert Group on Technical Trainings''"+++^*[»] Voir https://www.enisa.europa.eu/news/enisa-news/technical-trainings-expert-group ===, "''Informal Expert Group on EU Member States Incident Response Development''"+++^*[»] Voir https://www.enisa.europa.eu/topics/csirts-in-europe/csirt-capabilities/informal-expert-group-on-eu-ms-incident-response-development === et "''Informal Expert Group on CSIRT and SOC Set Up''"+++^*[»] Voir https://www.enisa.europa.eu/publications/how-to-set-up-csirt-and-soc ===. * Depuis 2021, il participe //ad personam// à un groupe de travail comme ''Subject Matter Expert'' !!Commission Européenne / INEA INEA : +++^*[détails »] Innovation and Networks Executive Agency - https://ec.europa.eu/inea/en/ === * Entre 2018 et 2020, il a participé //ad personam// comme expert évaluateur aux dépouillements d'appels d'offres ''CEF Telecom Call - Cybersecurity'' de la Commission Européenne : ** CEF-TC-2018-3+++^*[détails »] Voir https://ec.europa.eu/inea/en/connecting-europe-facility/cef-telecom/apply-funding/2018-cyber-security ===, CEF-TC-2019-2+++^*[»] Voir https://ec.europa.eu/inea/en/connecting-europe-facility/cef-telecom/apply-funding/2019-cybersecurity === et CEF-TC-2020-2+++^*[»] Voir https://ec.europa.eu/inea/en/connecting-europe-facility/cef-telecom/apply-funding/2020-cybersecurity ===. !!Cloud Security Alliance Cloud Security Alliance : +++^*[détails »] Voir https://cloudsecurityalliance.org/ === * En 2010, il a co-fondé et anime le ''Chapitre Français de la Cloud Security Alliance''+++^*[»] Voir http://cloudsecurityalliance.fr ===. !!CESIN CESIN : +++^*[détails »] Club des Experts de la Sécurité de l'Information et du Numérique - https://cesin.fr/ === * Depuis 2018, il est membre du ''CESIN''. * Il co-anime un groupe de travail sur les aspects de gestion de crise cyber, ainsi que le LAB CESIN "''Vulnérabilités et Incidents''". * Il publie une veille quotidienne en anglais sur la cyber sécurité depuis septembre 2021 !!ECSO ECSO : +++^*[détails »] European Cyber Security Organisation - https://ecs-org.eu/ === * Depuis 2022, il est membre de ''ECSO''. * Il est l'un des "ECSO Ambassadors" pour la France. * Il republie la veille quotidienne en anglais sur la cyber sécurité déjà diffusée au CESIN depuis février 2022. !!Enseignement * Il a commencé à enseigner en 1985 au CNAM, puis dans différentes écoles d'ingénieurs sur des spécialités réseaux puis sécurité (ISEP, EPITA, ECE...). * Il a enseigné plusieurs matières dans les 3 Mastères Spécialisés de l'''ISEP'' (Cloud, Cyber-Sécurité, Management et Protection des Données à Caractère Personnel) * Il n'enseigne plus aujourd'hui que dans les Mastères Spécialisés de l'''EGE'' (MRSIC/MaCYB) pour les promotions en France et au Maroc. !!Certifications * Certifié TRANSITS-I (2010). * Certifié ISO 27005 Risk Management (2010). * Certifié EBIOS Risk Management (2010). * Formateur Certifié TRANSITS-I (2015). * Évaluateur Technique COFRAC (2018). * Auditeur Certifié SIM3 (2018). * Formateur Certifié SIM3 (2022). [img(99%,1px)[i/BluePixel.gif]]
!!Marc-Frédéric GOMEZ
<<<
[>img(150px,auto)[i/MarcFredericGomez.jpg]]Marc-Frédéric GOMEZ est responsable du CERT du Groupe Crédit Agricole (CERT-AG).
Il a conduit la mise en place de la ''Certification SIM3'' par la TF-CSIRT du CERT du Groupe Crédit Agricole.
Depuis 2019, il est ''SIM3 Certified Auditor''. Il est membre ''Liaison'' au FIRST à titre individuel en sus de ces fonctions officiels ainsi que contributeur au podcast francophone ''NoLimitSecu''.
Il enseigne à l'''Ecole de Guerre Economique'' la veille sur la menace au sein de l’entreprise.
Plus d'informations sont disponibles sur son profil ''LinkedIN''+++^*[»] Voir https://www.linkedin.com/in/marcfredericgomez/ ===.
<<<
[img(99%,1px)[i/BluePixel.gif]]
Pour tout renseignement, l'adresse de contact est ''SIM3 @ CSIRT . FR''
[img(99%,1px)[i/BluePixel.gif]]
!Téléchargement des supports
Les supports en sont pas encore disponibles au téléchargement.
Un email parviendra aux participants sont l'inscription aura été validée quelques jours avant la formation
Si nécessaire, un fichier complémentaire sera mis à disposition à léissue de la session de formation.
[img(99%,1px)[i/BluePixel.gif]]
La formation TRANSITS-I s'adresse :
* aux personnels des équipes d'intervention et de traitement des incidents de sécurité informatique de CSIRT/CERT et de SOC de toute origine : services, commerciale, gouvernementale, recherche, éducation ou industrielle.
* aux responsables sécurité et RSSI
[img(99%,1px)[i/BluePixel.gif]]
^^Mise à jour le 2 février 2023^^
Cette formation est ANNULÉE
|{{ss2col{<<showtoc>>}}} |
!Personnes concernées par cette formation 
<<tiddler [[T1FR-Cibles]]>>
!Contenu de la formation 
<<tiddler [[T1FR-Contenu]]>>
!Pré-requis pour les participants
<<tiddler [[T1FR-Pré-requis]]>>
!Moyens pédagogiques
<<tiddler [[T1FR-Moyens]]>>
!TRANSITS-I en français : Spécificités des sessions en distanciel
<<tiddler [[T1FR-Distanciel]]>>
!TRANSITS-I en français : Conditions pratiques de la session en octobre 2022
<<tiddler [[T1FR-Session T1FR-LA]]>>
!TRANSITS-I en français : Réservation pour la session en octobre 2022
<<tiddler [[T1FR-Réservation T1FR]]>>
!TRANSITS-I en français : Programme de la formation en octobre 2022
<<tiddler [[T1FR-Programme T1FR-LA]]>>
!TRANSITS-I en français : Présentation du formateur, Olivier Caleff
<<tiddler [[T1FR-Formateur T1FR]]>>
!Liens
<<tiddler [[T1FR-Liens]]>>
!Contact
<<tiddler [[T1FR-Contact]]>>
<<tiddler .ReplaceTiddlerTitle with: [[Formation TRANSITS-I - Octobre 2022]]>>
|{{ss2col{<<showtoc>>}}} |
!Personnes concernées par cette formation 
<<tiddler [[T1FR-Cibles]]>>
!Contenu de la formation 
<<tiddler [[T1FR-Contenu]]>>
!Pré-requis pour les participants
<<tiddler [[T1FR-Pré-requis]]>>
!Moyens pédagogiques
<<tiddler [[T1FR-Moyens]]>>
!TRANSITS-I en français : Spécificités des sessions en distanciel
<<tiddler [[T1FR-Distanciel]]>>
!TRANSITS-I en français : Conditions pratiques de la session en octobre 2022
<<tiddler [[T1FR-Session T1FR-LA]]>>
!TRANSITS-I en français : Réservation pour la session en octobre 2022
<<tiddler [[T1FR-Réservation T1FR]]>>
!TRANSITS-I en français : Programme de la formation en octobre 2022
<<tiddler [[T1FR-Programme T1FR-LA]]>>
!TRANSITS-I en français : Présentation du formateur, Olivier Caleff
<<tiddler [[T1FR-Formateur T1FR]]>>
!Liens
<<tiddler [[T1FR-Liens]]>>
!Contact
<<tiddler [[T1FR-Contact]]>>
<<tiddler .ReplaceTiddlerTitle with: [[Formation TRANSITS-I - Octobre 2022]]>>
<<tiddler [[T1FRLA]]>>
La formation TRANSITS-I s'adresse :
* aux personnels des équipes d'intervention et de traitement des incidents de sécurité informatique de CSIRT/CERT et de SOC de toute origine : services, commerciale, gouvernementale, recherche, éducation ou industrielle.
* aux responsables sécurité et RSSI
[img(99%,1px)[i/BluePixel.gif]]
Les 6 composantes de la formation TRANSITS-I sont les suivantes
''1 - EXC (//Exercise//)''
** Le ''Module Exercice'' est constitué d'un scénario d'incident que les participants doivent traiter de façon commune, en jouant différents rôles.
** Il permet aux participants de partager leurs expériences et de comprer leurs modes d'action
** //A noter : en distanciel, cet exercice est modifié pour traiter les aspects de communication et de travail en équipe.//
''2 - ORG (//Organisational//)''
** Le ''Module Organisationnel'' décrit des modèles d'organisation des CSIRT et comment ils s'intègrent dans la structure informatique ou de management d'une entreprise ou organisme.
** Il aborde aussi les aspects de planification de l'équipe, la définition de la couverture de son périmètre, la détermination des services à offrir, la dotation en personnel, la communication avec les acteurs internes ou externes, et son financement.
''3 - OPS (//Operational//)''
** Le ''Module Opérationnel'' décrit le processus de traitement des incidents, depuis les signalements et le triage, jusqu'à la clôture et le RETEX, en passant par les phases d'investigation et d'analyse.
''4 - TEC (//Technical//)''
** Le ''Module Technique'' passe en revue quelques familles d'attaquants et leurs motivations, puis certaines des techniques utilisées affectant les couches réseaux ou système.
** Il permet ‘entamer une réflexion sur les actions à mettre en œuvre pour la détection, la protection et le traitement des incidents de sécurité qui en résultent.
''5 - LEG (//Legal//)''
** Le ''Module Juridique'' couvre des domaines de la législation européenne ou de certains pays susceptibles d'affecter les CSIRT ou les SOC dans leur travail quotidien, et que leurs membres doivent connaître, y compris la protection des données, la surveillance des équipements connectés, la collecte de preuves et la collaboration avec les entités en charge d'appliquer les lois. 
** Il comprend plusieurs études de cas.
''6 - SCM (//Secure Communications//)''
** Depuis Février 2021, ce module remaplace le module ''KSP (//Key Signing Party//)'' qui comprennait plusieurs parties : une première théorique sur les principes de PGP/OpenGPG et une seconde pratique en présentiel de signature croisée de clés entre les participants.
** Le module ''Communications Sécurisées'' est étendu aux communications entre membres d'une même équipe, ou avec des tiers : des pairs, des victimes ou des autorités.

Tous ces modules incluent des exercices pratiques ou des sessions de discussion.

Depuis sa création, elle accueille principalement des membres de la TF-CSIRT, qu'ils soient des membres opérationnels de CSIRT ou de SOC, leurs responsables d'équipe et responsables sécurité. Elle fait l'objet de mise à jour régulières afin de s'adapter au contexte de la cybersécurité.
[img(99%,1px)[i/BluePixel.gif]]
!!Recommandé
* Avoir un rôle opérationnel dans une équipe de type CSIRT/CERT ou SOC ou //a minima// avoir une expérience dans le domaine
!!Impératif
* [>img(60px,auto)[TLP-AMBER|iCSIRT/TLP-Amber.png]]Avoir une expérience avérée en matière de sécurité informatique et de réseaux TCP/IP
* Connaître le principe du ''Traffic Light Protocol'' (//TLP//)
* Respecter la confidentialité des échanges, sachant que toute la formation est ''TLP-AMBER''
* Faire partie d'un réseau de confiance comme l'InterCERT-FR, la TF-CSIRT ou le FIRST ou avoir l'intention de rejoindre un tel réseau de confiance

''Si l'une des conditions impératives n'est pas respectée, un entretien préliminaire de 30 minutes pourra être organisé afin de valider la demande d'inscription à la formation.''
[img(99%,1px)[i/BluePixel.gif]]
* Séance de formation en distanciel, via le logiciel Zoom ou par téléphone
* Pédagogie basée sur des présentations, et des exercices de groupe
* La formation de 5 demi-journées est donnée en français
* Les supports de la formation TRANSITS-I sont distribués à l'avance sous forme électrique (fichiers PDF) et à télécharger par les participants.
* Tous les supports de formations TRANSITS-I sont exclusivement rédigés en anglais. Ils ne seront donc pas communiqués en français.
[img(99%,1px)[i/BluePixel.gif]]
Les différences avec les sessions organisées en présentiel sont les suivantes :
* La formation est délivrée ''en français'' et non en anglais
* La formation étant en mode distanciel et non présentiel, ''les frais d'hébergement et de repas le soir sont exclus''
* Le module ''EXC'' (//Exercise//) n'est pas réalisé
* Le module ''SCM'' (//Secure Communications//) remplace le module ''KSP'' depuis février 2021.
* La formation est délivrée par ''un seul intervenant'', Olivier CALEFF.
[img(99%,1px)[i/BluePixel.gif]]
* Minimum de 6 participants, et maximum de 20 participants
** Si nécessaire un entretien individuel d'un maximum de 30 minutes sera organisé pour valider la demande d'inscription d'un participant.

* Montant de la formation de 5 demi-journées :
** Membre InterCERT-FRANCE : ''675 €uros HT par participant''.
** Autres : ''975 €uros HT par participant''.

* Horaires
** ''9h00 à 12h30'' avec deux pauses de 15 minutes

* Sessions organisées en distanciel au travers du logiciel Zoom
** En cas de problème ou d'impossibilité d'accès à Zoom, par téléphone
** Les slides seront distribuées à l'avance

* Contacts
** Pour toute demande d'inscription, ou réception de la fiche d'inscription utisez l'adresse email suivante :
[img[i/emailTransits.jpg]] [img(99%,1px)[i/BluePixel.gif]]
Afin de réserver une place à cette formation, et recevoir un formulaire d'inscription, faire une demande par email à ~~[img[TRANSITS à CSIRT point FR|i/emailTransits.jpg]]~~
[img(99%,1px)[i/BluePixel.gif]]
|>|Lundi 3 mai 2021 |!|>|Mardi 4 mai 2021 |!|>|Mercredi 5 mai 2021 |!|>|Jeudi 6 mai 2021 |!|>|Vendredi 7 mai 2021 |!|
|09h00 – 10h15 |Module SCM |~|09h00 – 10h15 |Module ORG |~|09h00 – 10h15 |Module OPS |~|9h00 – 10h15 |Module OPS |~|9h00 – 10h15 |Module TEC |~|
|10h15 – 10h30 |^^Pause^^ |~|10h15 – 10h30 |^^Pause^^ |~|10h15 – 10h30 |^^Pause^^ |~|10h15 – 10h30 |^^Pause^^ |~|10h15 – 10h30 |^^Pause^^ |~|
|10h30 – 11h45 |Module SCM |~|10h30 – 11h45 |Module ORG |~|10h30 – 11h45 |Module OPS |~|10h30 – 11h45 |Module TEC |~|10h30 – 11h45 |Module LEG |~|
|11h45 – 12h00 |^^Pause^^ |~|11h45 – 12h00 |^^Pause^^ |~|11h45 – 12h00 |^^Pause^^ |~|11h45 – 12h00 |^^Pause^^ |~|11h45 – 12h00 |^^Pause^^ |~|
|12h00 – 13h00 |Module ORG |~|12h00 – 13h00 |Module ORG |~|12h00 – 13h00 |Module OPS |~|12h00 – 13h00 |Module TEC |~|12h00 – 13h00 |Module LEG |~|
[img(99%,1px)[i/BluePixel.gif]]
|!|>|!Lundi 3 octobre 2022 ||>|!Mardi 4 octobre 2022 ||>|!Mercredi 5 octobre 2022 ||>|!Jeudi 6 octobre 2022 ||>|!Vendredi 7 octobre 2022 |!|
|~|09h00 – 10h15 |Module SCM |!|09h00 – 10h15 |Module ORG |!|09h00 – 10h15 |Module OPS |!|9h00 – 10h15 |Module OPS |!|9h00 – 10h15 |Module TEC |~|
|~|10h15 – 10h30 |^^Pause^^ |~|10h15 – 10h30 |^^Pause^^ |~|10h15 – 10h30 |^^Pause^^ |~|10h15 – 10h30 |^^Pause^^ |~|10h15 – 10h30 |^^Pause^^ |~|
|~|10h30 – 11h45 |Module SCM |~|10h30 – 11h45 |Module ORG |~|10h30 – 11h45 |Module OPS |~|10h30 – 11h45 |Module TEC |~|10h30 – 11h45 |Module LEG |~|
|~|11h45 – 12h00 |^^Pause^^ |~|11h45 – 12h00 |^^Pause^^ |~|11h45 – 12h00 |^^Pause^^ |~|11h45 – 12h00 |^^Pause^^ |~|11h45 – 12h00 |^^Pause^^ |~|
|~|12h00 – 12h30 |Module ORG |~|12h00 – 12h30 |Module ORG |~|12h00 – 12h30 |Module OPS |~|12h00 – 12h30 |Module TEC |~|12h00 – 12h30 |Module LEG |~|
|~|>|!||>|!||>|!||>|!||>|!|~|
[img(99%,1px)[i/BluePixel.gif]]
<<tiddler [[T1FR-Formateur Olivier Caleff]]>>
|<<showtoc>> |
[>img(150px,auto)[i/OlivierCaleff.jpg]]Olivier CALEFF travaille dans le domaine de la sécurité informatique depuis le début des années 90, et traite plus spécifiquement des problèmatiques de veille et de traitement des incidents de sécurité depuis la fin des années 90. Il est maintenant spécialisé dans le domaine de la cyber-résilience.
Il anime des sessions de formation TRANSITS-I en anglais depuis 2015 et en français depuis 2020 avec plus de 300 personnes formées.
!Résumé de carrière
* En 1986, il débute au sein de la société ''Dassault Electronique'' comme ingénieur réseau.
* En 1992, il et l'un des co-fondateurs de la société de services ''APOGEE Communications''+++^*[»] [img(300px,auto)[i/APOGEE-Communications.png]] ===, et il y lance l'activité sécurité en 1994.
* En 1997, il participe au lancement de l'activité de Veille Sécurité ''APOGEE SecWatch'' et de réponse aux incidents.
* Après le rachat de la société par le groupe COLT puis par le groupe DEVOTEAM, l'activité devient le ''CERT DEVOTEAM'' et rejoint l'''InterCERT-FR''+++^*[»] Voir https://www.cert.ssi.gouv.fr/csirt/intercert-fr/ ===.
* Il intervient auprès de clients français pour la mise en œuvre d'équipes CSIRT de réponse aux incidents de sécurité et de veille.
* En 2013, il rejoint l'''ANSSI''+++^*[»] Voir https://www.ssi.gouv.fr/ === en tant que responsable des relations internationales du ''CERT-FR''+++^*[»] Voir https://cert.ssi.gouv.fr/ ===.
* En 2018, il rejoint le groupe ''SANOFI''+++^*[»] Voir https://www.sanofi.com/ ===  comme responsable groupe "Cyber Résilience" au sein de l'équipe Cyber Sécurité et intervient notamment sur l'organisation d'exercices cyber, de gestion d'incidents et de gestion de crise.
* ''Depuis 2022, Olivier Caleff est responsable "Cyber Résilience et Gestion de Crises" au sein de la société'' ''ERIUM''+++^*[»] Voir https://www.ERIUM.fr/ === .
Plus d'information sont disponibles sur ''LinkedIN''+++^*[»] Voir https://www.linkedin.com/in/caleff/ ===.
!Formations TRANSITS
+++^*[»] TRAining of Network Security Incident Teams Staff - https://tf-csirt.org/transits/ ===.
* En 2010, il suit la formation ''TRANSITS-I''+++^*[»] Voir http://www.geant.org/Services/Trust_identity_and_security/Pages/TRANSITS-I.aspx ===, puis en 2014 la formation ''Train the Trainer'' afin de devenir formateur TRANSITS.
* En 2015, il commence à délivrer des formations ''TRANSITS-I''+++^*[»] Voir https://stage.tf-csirt.org/transits/transits-events/transits-i/ === en anglais notamment pour l'''AfricaCERT''+++^*[»] Voir https://www.africacert.org/ ===, et rédige une nouvelle version du module "Opérationnel".
* Depuis 2018, il est l'un des deux ''Head Trainer''+++^*[»] Voir https://opencsirt.org/our-projects/transits-head-trainer/ === avec ''Don Stikvoort''+++^*[»] Voir https://www.first.org/hof/inductees#don-stikvoort === pour les formations ''TRANSITS-I''+++^*[»] Voir https://www.geant.org/Services/Trust_identity_and_security/Pages/TRANSITS-I.aspx === et ''TRANSITS-II''+++^*[»] Voir https://www.geant.org/Services/Trust_identity_and_security/Pages/TRANSITS_II.aspx === dans le cadre de l'''OpenCSIRT Foundation''+++^*[»] Voir https://opencsirt.org/ ===.
* A ce titre, il enseigne tous les modules ''TRANSITS-I''+++^*[»] Voir https://tf-csirt.org/transits/transits-events/transits-i/ ===, ainsi que les modules "Forensique" et "Communication" de ''TRANSITS-II''+++^*[»] Voir https://tf-csirt.org/transits/transits-events/transits-ii/ ===.
!TF-CSIRT / Trusted Introducer
TF-CSIRT / Trusted Introducer : +++^*[détails »] Task Force of Computer Security and Incident Response Teams - https://tf-csirt.org 
Trusted Introducer https://www.trusted-introducer.org/ === * En 2007, il rejoint la TF-CSIRT en tant que représentant du CERT-DEVOTEAM. * En 2013, il rejoint la TF-CSIRT en tant que représentant du CERTA (renommé en CERT-FR en 2014). * Depuis 2018, il participe à la TF-CSIRT //ad personam// comme ''Associate''+++^*[»] Voir https://www.trusted-introducer.org/processes/associates.html ===. * Il a participé au groupe de travail "''Future of TF-CSIRT Future of TF-CSIRT Working Group''". !FIRST FIRST : +++^*[détails »] Forum of Incident Response Security Teams - https://first.org/ === * En 2013, il rejoint le FIRST en tant que représentant du CERTA, qui sera renommé en CERT-FR en 2014. * Il y réalise 8 évaluations ''Site Visits'' de CSIRT candidats à l'entrée au FIRST. * Depuis 2018, il participe au FIRST //ad personam// comme ''FIRST Liaison''+++^*[»] Voir https://www.trusted-introducer.org/processes/associates.html ===. * Jusqu'en 2022, il est co-animateur des groupes de travail (SIG) : ''Membership Committee''+++^*[»] Voir https://www.first.org/about/organization/committees ===, ''Malware Analysis''+++^*[»] Voir https://www.first.org/global/sigs/malware/ ===. * Il est co-animateur du groupe de travail (SIG) ''Cyber Exercises''. * Il participe activement à deux autres groupes de travail : ''CSIRT Framework Development''+++^*[»] Voir https://www.first.org/global/sigs/csirt/ === qui a notamment publié le nouveau ''Computer Security Incident Response Team (CSIRT) Services Framework''+++^*[»] Voir https://www.first.org/standards/frameworks/csirts/csirt_services_framework_v2.1 === et ''Traffic Light protocol (TLP)''+++^*[»] Voir https://www.first.org/global/sigs/tlp/ ===. * Il a été élu en Juin 2022 au Conseil d'Administration du FIRST (''FIRST Board of Directors'') pour un mandat de 2 ans. !OpenCSIRT Foundation OpenCSIRT Foundation : +++^*[détails »] https://opencsirt.org/ === * Depuis 2014, il travaille avec le modèle de maturité ''SIM3''+++^*[»] Voir https://opencsirt.org/csirt-maturity/sim3-and-references/ ===. * Depuis 2018, il est certifié ''SIM3 Auditor''+++^*[»] Voir http://opencsirt.org/auditors-france/ ===. * Depuis 2018, il délivre des formations ''SIM3'' en anglais et en français. * Depuis 2022, il est certifié ''SIM3 Trainer''+++^*[»] Voir https://opencsirt.org/csirt-maturity/sim3-certified-auditor-training/ ===. * Il participe au groupe de travail sur l'évolution de ''SIM3''. !ENISA ENISA : +++^*[détails »] European Network and Information Security Agency - https://enisa.europa.eu/ === * Depuis 2014, il participe à la rédaction de documents de l'ENISA notamment sur l'''évaluation de la maturité des CSIRT basé sur SIM3''+++^*[»] Voir https://www.enisa.europa.eu/publications/study-on-csirt-maturity-evaluation-process === et ''Good Practice Guide on Training Methodologies''+++^*[»] Voir https://www.enisa.europa.eu/publications/good-practice-guide-on-training-methodologies ===. * Depuis 2019, il participe //ad personam// à 3 groupes de travail de type ''Informal Expert Group'' : "''Informal Expert Group on Technical Trainings''"+++^*[»] Voir https://www.enisa.europa.eu/news/enisa-news/technical-trainings-expert-group ===, "''Informal Expert Group on EU Member States Incident Response Development''"+++^*[»] Voir https://www.enisa.europa.eu/topics/csirts-in-europe/csirt-capabilities/informal-expert-group-on-eu-ms-incident-response-development === et "''Informal Expert Group on CSIRT and SOC Set Up''"+++^*[»] Voir https://www.enisa.europa.eu/publications/how-to-set-up-csirt-and-soc ===. * Depuis 2021, il participe //ad personam// à un groupe de travail comme ''Subject Matter Expert'' !Commission Européenne / INEA INEA : +++^*[détails »] Innovation and Networks Executive Agency - https://ec.europa.eu/inea/en/ === * Depuis 2018, il participe //ad personam// comme expert évaluateur aux dépouillements d'appels d'offres ''CEF Telecom Call - Cybersecurity'' de la Commission Européenne : ** CEF-TC-2018-3+++^*[détails »] Voir https://ec.europa.eu/inea/en/connecting-europe-facility/cef-telecom/apply-funding/2018-cyber-security ===, CEF-TC-2019-2+++^*[»] Voir https://ec.europa.eu/inea/en/connecting-europe-facility/cef-telecom/apply-funding/2019-cybersecurity === et CEF-TC-2020-2+++^*[»] Voir https://ec.europa.eu/inea/en/connecting-europe-facility/cef-telecom/apply-funding/2020-cybersecurity ===. !Cloud Security Alliance Cloud Security Alliance : +++^*[détails »] Voir https://cloudsecurityalliance.org/ === * En 2010, il a co-fondé et anime le ''Chapitre Français de la Cloud Security Alliance''+++^*[»] Voir http://cloudsecurityalliance.fr ===. !CESIN CESIN : +++^*[détails »] Club des Experts de la Sécurité de l'Information et du Numérique - https://cesin.fr/ === * Depuis 2018, il est membre du ''CESIN''. * Il co-anime un groupe de travail sur les aspects de gestion de crise cyber, ainsi que le LAB CESIN "''Vulnérabilités et Incidents''". * Il publie une veille quotidienne en anglais sur la cyber sécurité depuis septembre 2021 !ECSO ECSO : +++^*[détails »] European Cyber Security Organisation - https://ecs-org.eu/ === * Depuis 2022, il est membre de ''ECSO''. * Il est l'un des "ECSO Ambassadors" pour la France. * Il republie la veille quotidienne en anglais sur la cyber sécurité déjà diffusée au CESIN depuis février 2022. !!Enseignement * Il enseigne depuis 1985 d'abord au CNAM, puis dans différentes écoles d'ingénieurs sur des spécialités réseaux puis sécurité (ISEP, EPITA, ECE...). * Il n'enseigne plus aujourd'hui que dans 2 Mastères Spécialisés de l'''ISEP'' (Cyber-Sécurité) et de l'''EGE'' (MRSIC/MaCYB). !Certifications * TRANSITS-I (2010). * ISO 27005 Risk Management (2010). * EBIOS Risk Management (2010). * TRANSITS-I Certified Trainer (2015). * COFRAC Technical Evaluator (2018). * OpenCSIRT Foundation Certified SIM3 Auditor (2018). * OpenCSIRT Foundation Certified SIM3 Trainer (2022). [img(99%,1px)[i/BluePixel.gif]]
Liens
* la formation ''TRANSITS-I'' sur le site de GÉANT → http://www.geant.org/Services/Trust_identity_and_security/Pages/TRANSITS-I.aspx
* la formation ''TRANSITS-I'' → sur le site de la TF-CSIRT → https://stage.tf-csirt.org/transits/transits-events/transits-i/
* la formation ''TRANSITS-II'' → sur le site de la TF-CSIRT → https://tf-csirt.org/transits/transits-events/transits-ii/
[img(99%,1px)[i/BluePixel.gif]]
Pour tout renseignement, l'adresse de contact est ~~[img[TRANSITS à CSIRT point FR|i/emailTransits.jpg]]~~
[img(99%,1px)[i/BluePixel.gif]]
!Téléchargement des supports
Vous pouvez :
* Soit télécharger tous les supports au format PDF sous la forme d'un ficher ZIP : ''[[TRANSITS-I-Slides-L5.zip|T1L5/TRANSITS-I-Slides-L5.zip]]'' de 25,5 Mo

* Soit télécharger tous les supports au format PDF les uns après les autres :
** Introduction : Fichier ''[[0-TRANSITS-1-Welcome-L5.pdf|T1L5/0-TRANSITS-1-Welcome-L5.pdf]]'' de 0,9 Mo
** Module SCM : Fichier ''[[1-TRANSITS-I-SCM-L5.pdf|T1L5/1-TRANSITS-I-SCM-L5.pdf]]'' de 2,4 Mo
** Module ORG : Fichier ''[[2-TRANSITS-I-ORG-L5.pdf|T1L5/2-TRANSITS-I-ORG-L5.pdf]]'' de 13,8 Mo
** Module OPS : Fichier ''[[3-TRANSITS-I-OPS-L5.pdf|T1L5/3-TRANSITS-I-OPS-L5.pdf]]'' de 2,2 Mo
** Module TEC : Fichier ''[[4-TRANSITS-I-TEC-L5.pdf|T1L5/4-TRANSITS-I-TEC-L5.pdf]]'' de 4,5 Mo
** Module LEG : Fichier ''[[5-TRANSITS-I-LEG-L5.pdf|T1L5/5-TRANSITS-I-LEG-L5.pdf]]'' de 4,8 Mo
** Bibliographie (2018) : Fichier ''[[6-TRANSITS-I-BIBLIO-2018.pdf|T1L5/6-TRANSITS-I-BIBLIO-2018.pdf]]'' de 0,3 Mo

* Ce fichier sera remis à jour avec les liens mentionnés durant la session de formation.
[img(99%,1px)[i/BluePixel.gif]]
!Téléchargement des supports
les supports ne sont pas encore disponibles au téléchargement
[img(99%,1px)[i/BluePixel.gif]]
|{{ss3col{<<showtoc>>}}} |
!Suivi cyber
|!SANS|[[Nouvelles|https://isc.sans.edu/]], [[flux RSS|https://isc.sans.edu/rssfeed_full.xml]]|
!Nouvelles Sécurité
|!Bleeping Computer|[[Nouvelles|https://www.bleepingcomputer.com/]], [[flux RSS|https://www.bleepingcomputer.com/feed/]]|
|>|!|
|Dark Reading|[[Nouvelles|https://www.darkreading.com/]], [[liste des RSS|https://www.darkreading.com/rss_feeds.asp]]|
|>|!|
|Security Week|[[Nouvelles|]]
!Threat Intelligence
|//Recorded Future//|[[Blog|https://www.recordedfuture.com/blog/]]|
[img(99%,1px)[i/BluePixel.gif]]
<html><i class="fa fa-lock" aria-hidden="true"></i></html> Uniquement sur la partie privée du site
/% MASQU3D
|ssTabl99|k
| !Nouvelle partie du site, en cours de rédaction |
|{{ss3col{<<showtoc>>}}} |
!Forensique
|[[IRMA|https://github.com/codeyourweb/irma]]|Jean-Pierre Garnier|IRMA - Incident Response - Minimal Analysis|
!YARA
|[[IRMA|https://github.com/codeyourweb/irma]]|Jean-Pierre Garnier|IRMA - Incident Response - Minimal Analysis|
|[[YARA Rules|https://blog.didierstevens.com/programs/yara-rules/]]|[[Didier Stevens|https://blog.didierstevens.com/]]|Règles YARA de Didier Stevens en 2015 ([[v0.0.8|https://didierstevens.com/files/software/yara-rules-V0.0.8.zip]])|
MASQU3D %/
|{{ss3col{<<showtoc>>}}} |
!2021
|2021.03.25|Koen van Impe|[[Staying in control of MISP correlations|https://www.vanimpe.eu/2021/03/25/staying-in-control-of-misp-correlations/]]|
[img(99%,1px)[i/BluePixel.gif]]
|{{ss3col{<<showtoc>>}}} |
!2021
|2021.03.23|//Digital Brand Insider//|[[Four-Pronged Approach to Keep Your Domain Names and DNS Secure from Cyberattacks|https://www.cscdbs.com/blog/approach-to-keep-your-domain-names-and-dns-secure/]]|
[img(99%,1px)[i/BluePixel.gif]]
|{{ss3col{<<showtoc>>}}} |
!RETEX
|2021.03.25|ZDnet|[[This company was hit by ransomware. Here's what they did next, and why they didn't pay up|https://www.zdnet.com/article/this-company-was-hit-with-ransomware-heres-what-they-did-next-and-why-they-didnt-pay-up/]]|
||//Spectre Logic//|[[Any organization is vulnerable to a Ransomware Attack. That includes yours|https://spectralogic.com/industry-solutions/ransomware/]]|
|2020.11.04|//Spectre Logic//|[[We Are Publicly Discussing our Experience of Being Attacked by Ransomware: Here's Why It's Important|https://spectralogic.com/2020/11/04/we-are-publicly-discussing-our-experience-of-being-attacked-by-ransomware-heres-why-its-important-blog/]]|
[img(99%,1px)[i/BluePixel.gif]]
|{{ss3col{<<showtoc>>}}} |
!Contexte
||Ready.gov|[[Exercices|https://www.ready.gov/exercises]]|
[img(99%,1px)[i/BluePixel.gif]]
|{{ss3col{<<showtoc>>}}} |
!USB
||//Beyond Logic//|[[USB in a NutShell: Making sense of the USB standard|https://www.beyondlogic.org/usbnutshell/usb1.shtml]]|
|2013.05.28|The Linux Juggernaut|[[Find USB device details in Linux/Unix using lsusb command|https://www.linuxnix.com/find-usb-device-details-in-linuxunix-using-lsusb-command/]]|
[img(99%,1px)[i/BluePixel.gif]]
|ssTabl99|k
| !Nouvelle partie du site, en cours de rédaction |
|{{ss3col{<<showtoc>>}}} |
!Sites bienveillants effecuant des scans
|!Origine|!Adresses IPv4|
|ANSSI / [[CERT-FR|https://cert.ssi.gouv.fr/]]|[[Adresses|https://cert.ssi.gouv.fr/scans/]] : 54.38.103.0/31, 92.154.95.236/32, 137.74.246.152/32, 147.135.160.230/32, 185.50.66.1/32|
|[[Shodan|https://www.shodan.io]]|Adresses : 71.6.128.0/20 |
|[[Censys|https://censys.io/ipv4]]|[[Adresses|https://support.censys.io/hc/en-us/articles/360038378552-Frequently-Asked-Questions-FAQ]] : 74.120.14.0/24, 162.142.125.0/24, 167.248.133.0/24, 192.35.168.0/23 |
|[[Net Systems Research|http://www.netsystemsresearch.com]]||
|[[IPIP|https://security.ipip.net/]]||

[6] https://isc.sans.edu/ipinfo.html?ip=71.6.158.166 (Shodan RESEARCHER: THIS IP IS USED FOR INTERNET WIDE RESEARCH SCANS)
|ssTabl99|k
| !Nouvelle partie du site, en cours de rédaction |
|{{ss3col{<<showtoc>>}}} |
!Liste de sites pour voir les routes et les annonces
* Liste des sites de ''Looking-Glass'' : https://whois.ipip.net/looking-glass/
/% ==== Veille-START ==== %/
<<forEachTiddler where 'tiddler.tags.containsAny(["$1"])' sortBy 'tiddler.title.toUpperCase()' descending write '" [["+tiddler.title.substr(7,7)+"]] \""+tiddler.title+"\" [["+tiddler.title+"]] "' begin '"<<tabs tAutoTab "' end '">"+">"' none '"////"'>>
<<forEachTiddler where 'tiddler.tags.containsAll(["$1"])' sortBy 'tiddler.title.toUpperCase()' descending write '" [["+tiddler.title.substr(6,6)+"]] \""+tiddler.title+"\" [["+tiddler.title+"]] "' begin '"<<tabs tAutoTab "' end '">"+">"' none '"////"'>>
<<forEachTiddler where 'tiddler.tags.containsAll(["$1"])' sortBy 'tiddler.title.toUpperCase()' ascending write '" [["+tiddler.title+"]] \""+tiddler.title+"\" [["+tiddler.title+"]] "' begin '"<<tabs tAutoTab "' end '">"+">"' none '"////"'>>
<<forEachTiddler where 'tiddler.tags.containsAny(["$1"])' sortBy 'tiddler.title.toUpperCase()' ascending write '" [["+tiddler.title+"]] \""+tiddler.title+"\" [["+tiddler.title+"]] "' begin '"<<tabs tAutoTab "' end '">"+">"' none '"////"'>>
<<forEachTiddler where 'tiddler.tags.containsAny(["$1"])' sortBy 'tiddler.title' ascending write '"* [["+tiddler.title+"]] "' begin '""' end '""' none '"////"'>>
<<tiddler fAll2Tabs7_7 with: '_MM_M'>>
<<tiddler fAll2Tabs7_7 with: '_MM_L'>>
|background-color:#B31D18;|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|background-color:#B31D18;|background-color:#B31D18;|
|background-color:#B31D18;| [[2022|Veille 2022]] |background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|background-color:#B31D18;|
|background-color:#B31D18;|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|background-color:#B31D18;|background-color:#B31D18;|
|background-color:#B31D18;|[[2022.08|Veille 2022.08]]|background-color:#B31D18;|[[01|Veille 01.08.2022]]|[[02|Veille 02.08.2022]]|[[03|Veille 03.08.2022]]|[[04|Veille 04.08.2022]]|[[05|Veille 05.08.2022]]|06|07|background-color:#B31D18;|[[08|Veille 08.08.2022]]|[[09|Veille 09.08.2022]]|[[10|Veille 10.08.2022]]|[[11|Veille 11.08.2022]]|[[12|Veille 12.08.2022]]|13|14|background-color:#B31D18;|[[15|Veille 15.08.2022]]|[[16|Veille 16.08.2022]]|[[17|Veille 17.08.2022]]|[[18|Veille 18.08.2022]]|[[19|Veille 19.08.2022]]|20|21|background-color:#B31D18;|[[22|Veille 22.08.2022]]|[[23|Veille 23.08.2022]]|[[24|Veille 24.08.2022]]|[[25|Veille 25.08.2022]]|[[26|Veille 26.08.2022]]|27|28|background-color:#B31D18;|[[29|Veille 29.08.2022]]|[[30|Veille 30.08.2022]]|[[31|Veille 31.08.2022]]|!|!|!|!|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|[[2022.07|Veille 2022.07]]|background-color:#B31D18;|!|!|!|!|[[01|Veille 01.07.2022]]|02|03|background-color:#B31D18;|[[04|Veille 04.07.2022]]|[[05|Veille 05.07.2022]]|[[06|Veille 06.07.2022]]|[[07|Veille 07.07.2022]]|[[08|Veille 08.07.2022]]|09|10|background-color:#B31D18;|[[11|Veille 11.07.2022]]|[[12|Veille 12.07.2022]]|[[13|Veille 13.07.2022]]|[[14|Veille 14.07.2022]]|[[15|Veille 15.07.2022]]|16|17|background-color:#B31D18;|[[18|Veille 18.07.2022]]|[[19|Veille 19.07.2022]]|[[20|Veille 20.07.2022]]|[[21|Veille 21.07.2022]]|[[22|Veille 22.07.2022]]|23|24|background-color:#B31D18;|[[25|Veille 25.07.2022]]|[[26|Veille 26.07.2022]]|[[27|Veille 27.07.2022]]|[[28|Veille 28.07.2022]]|[[29|Veille 29.07.2022]]|30|31|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|background-color:#B31D18;|background-color:#B31D18;|
|background-color:#B31D18;|[[2022.06|Veille 2022.06]]|background-color:#B31D18;|!|!|[[01|Veille 01.06.2022]]|[[02|Veille 02.06.2022]]|[[03|Veille 03.06.2022]]|04|05|background-color:#B31D18;|[[06|Veille 06.06.2022]]|[[07|Veille 07.06.2022]]|[[08|Veille 08.06.2022]]|[[09|Veille 09.06.2022]]|[[10|Veille 10.06.2022]]|11|12|background-color:#B31D18;|[[13|Veille 13.06.2022]]|[[14|Veille 14.06.2022]]|[[15|Veille 15.06.2022]]|[[16|Veille 16.06.2022]]|[[17|Veille 17.06.2022]]|18|19|background-color:#B31D18;|[[20|Veille 20.06.2022]]|[[21|Veille 21.06.2022]]|[[22|Veille 22.06.2022]]|[[23|Veille 23.06.2022]]|[[24|Veille 24.06.2022]]|25|26|background-color:#B31D18;|[[27|Veille 27.06.2022]]|[[28|Veille 28.06.2022]]|[[29|Veille 29.06.2022]]|[[30|Veille 30.06.2022]]|!|!|!|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|[[2022.05|Veille 2022.05]]|background-color:#B31D18;|!|!|!|!|!|!|01|background-color:#B31D18;|[[02|Veille 02.05.2022]]|[[03|Veille 03.05.2022]]|[[04|Veille 04.05.2022]]|[[05|Veille 05.05.2022]]|[[06|Veille 06.05.2022]]|07|08|background-color:#B31D18;|[[09|Veille 09.05.2022]]|[[10|Veille 10.05.2022]]|[[11|Veille 11.05.2022]]|[[12|Veille 12.05.2022]]|[[13|Veille 13.05.2022]]|14|15|background-color:#B31D18;|[[16|Veille 16.05.2022]]|[[17|Veille 17.05.2022]]|[[18|Veille 18.05.2022]]|[[19|Veille 19.05.2022]]|[[20|Veille 20.05.2022]]|21|22|background-color:#B31D18;|[[23|Veille 23.05.2022]]|[[24|Veille 24.05.2022]]|[[25|Veille 25.05.2022]]|[[26|Veille 26.05.2022]]|[[27|Veille 27.05.2022]]|28|29|background-color:#B31D18;|[[30|Veille 30.05.2022]]|[[31|Veille 31.05.2022]]|background-color:#B31D18;|
|background-color:#B31D18;|[[2022.04|Veille 2022.04]]|background-color:#B31D18;|!|!|!|!|[[01|Veille 01.04.2022]]|02|03|background-color:#B31D18;|[[04|Veille 04.04.2022]]|[[05|Veille 05.04.2022]]|[[06|Veille 06.04.2022]]|[[07|Veille 07.04.2022]]|[[08|Veille 08.04.2022]]|09|10|background-color:#B31D18;|[[11|Veille 11.04.2022]]|[[12|Veille 12.04.2022]]|[[13|Veille 13.04.2022]]|[[14|Veille 14.04.2022]]|[[15|Veille 15.04.2022]]|16|17|background-color:#B31D18;|[[18|Veille 18.04.2022]]|[[19|Veille 19.04.2022]]|[[20|Veille 20.04.2022]]|[[21|Veille 21.04.2022]]|[[22|Veille 22.04.2022]]|23|24|background-color:#B31D18;|[[25|Veille 25.04.2022]]|[[26|Veille 26.04.2022]]|[[27|Veille 27.04.2022]]|[[28|Veille 28.04.2022]]|[[29|Veille 29.04.2022]]|30|!|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|background-color:#B31D18;|background-color:#B31D18;|
|background-color:#B31D18;|[[2022.03|Veille 2022.03]]|background-color:#B31D18;|!|[[01|Veille 01.03.2022]]|[[02|Veille 02.03.2022]]|[[03|Veille 03.03.2022]]|[[04|Veille 04.03.2022]]|05|06|background-color:#B31D18;|[[07|Veille 07.03.2022]]|[[08|Veille 08.03.2022]]|[[09|Veille 09.03.2022]]|[[10|Veille 10.03.2022]]|[[11|Veille 11.03.2022]]|12|13|background-color:#B31D18;|[[14|Veille 14.03.2022]]|[[15|Veille 15.03.2022]]|[[16|Veille 16.03.2022]]|[[17|Veille 17.03.2022]]|[[18|Veille 18.03.2022]]|19|20|background-color:#B31D18;|[[21|Veille 21.03.2022]]|[[22|Veille 22.03.2022]]|[[23|Veille 23.03.2022]]|[[24|Veille 24.03.2022]]|[[25|Veille 25.03.2022]]|26|27|background-color:#B31D18;|[[28|Veille 28.03.2022]]|[[29|Veille 29.03.2022]]|[[30|Veille 30.03.2022]]|[[31|Veille 31.03.2022]]|!|!|!|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|[[2022.02|Veille 2022.02]]|background-color:#B31D18;|!|[[01|Veille 01.02.2022]]|[[02|Veille 02.02.2022]]|[[03|Veille 03.02.2022]]|[[04|Veille 04.02.2022]]|05|06|background-color:#B31D18;|[[07|Veille 07.02.2022]]|[[08|Veille 08.02.2022]]|[[09|Veille 09.02.2022]]|[[10|Veille 10.02.2022]]|[[11|Veille 11.02.2022]]|12|13|background-color:#B31D18;|[[14|Veille 14.02.2022]]|[[15|Veille 15.02.2022]]|[[16|Veille 16.02.2022]]|[[17|Veille 17.02.2022]]|[[18|Veille 18.02.2022]]|19|20|background-color:#B31D18;|[[21|Veille 21.02.2022]]|[[22|Veille 22.02.2022]]|[[23|Veille 23.02.2022]]|[[24|Veille 24.02.2022]]|[[25|Veille 25.02.2022]]|26|27|background-color:#B31D18;|[[28|Veille 28.02.2022]]|!|!|!|!|!|!|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|[[2022.01|Veille 2022.01]]|background-color:#B31D18;|!|!|!|!|!|01|02|background-color:#B31D18;|[[03|Veille 03.01.2022]]|[[04|Veille 04.01.2022]]|[[05|Veille 05.01.2022]]|[[06|Veille 06.01.2022]]|[[07|Veille 07.01.2022]]|08|09|background-color:#B31D18;|[[10|Veille 10.01.2022]]|[[11|Veille 11.01.2022]]|[[12|Veille 12.01.2022]]|[[13|Veille 13.01.2022]]|[[14|Veille 14.01.2022]]|15|16|background-color:#B31D18;|[[17|Veille 17.01.2022]]|[[18|Veille 18.01.2022]]|[[19|Veille 19.01.2022]]|[[20|Veille 20.01.2022]]|[[21|Veille 21.01.2022]]|22|23|background-color:#B31D18;|[[24|Veille 24.01.2022]]|[[25|Veille 25.01.2022]]|[[26|Veille 26.01.2022]]|[[27|Veille 27.01.2022]]|[[28|Veille 28.01.2022]]|29|30|background-color:#B31D18;|31|!|background-color:#B31D18;|
|background-color:#B31D18;|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|background-color:#B31D18;|background-color:#B31D18;|
|background-color:#B31D18;| [[2021|Veille 2021]] |background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|!Me|!Je|!Ve|Sa|Di|background-color:#B31D18;|!Lu|!Ma|background-color:#B31D18;|
|background-color:#B31D18;|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|background-color:#B31D18;|background-color:#B31D18;|
|background-color:#B31D18;|[[2021.12|Veille 2021.12]]|background-color:#B31D18;|!|!|[[01|Veille 01.12.2021]]|[[02|Veille 02.12.2021]]|[[03|Veille 03.12.2021]]|04|05|background-color:#B31D18;|[[06|Veille 06.12.2021]]|[[07|Veille 07.12.2021]]|[[08|Veille 08.12.2021]]|[[09|Veille 09.12.2021]]|[[10|Veille 10.12.2021]]|11|12|background-color:#B31D18;|[[13|Veille 13.12.2021]]|[[14|Veille 14.12.2021]]|[[15|Veille 15.12.2021]]|[[16|Veille 16.12.2021]]|[[17|Veille 17.12.2021]]|18|19|background-color:#B31D18;|[[20|Veille 20.12.2021]]|[[21|Veille 21.12.2021]]|[[22|Veille 22.12.2021]]|[[23|Veille 23.12.2021]]|[[24|Veille 24.12.2021]]|25|26|background-color:#B31D18;|[[27|Veille 27.12.2021]]|[[28|Veille 28.12.2021]]|[[29|Veille 29.12.2021]]|[[30|Veille 30.12.2021]]|[[31|Veille 31.12.2021]]|!|!|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|[[2021.11|Veille 2021.11]]|background-color:#B31D18;|[[01|Veille 01.11.2021]]|[[02|Veille 02.11.2021]]|[[03|Veille 03.11.2021]]|[[04|Veille 04.11.2021]]|[[05|Veille 05.11.2021]]|06|07|background-color:#B31D18;|[[08|Veille 08.11.2021]]|[[09|Veille 09.11.2021]]|[[10|Veille 10.11.2021]]|[[11|Veille 11.11.2021]]|[[12|Veille 12.11.2021]]|13|14|background-color:#B31D18;|[[15|Veille 15.11.2021]]|[[16|Veille 16.11.2021]]|[[17|Veille 17.11.2021]]|[[18|Veille 18.11.2021]]|[[19|Veille 19.11.2021]]|20|21|background-color:#B31D18;|[[22|Veille 22.11.2021]]|[[23|Veille 23.11.2021]]|[[24|Veille 24.11.2021]]|[[25|Veille 25.11.2021]]|[[26|Veille 26.11.2021]]|27|28|background-color:#B31D18;|[[29|Veille 29.11.2021]]|[[30|Veille 30.11.2021]]|!|!|!|!|!|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|[[2021.10|Veille 2021.10]]|background-color:#B31D18;|!|!|!|!|[[01|Veille 01.10.2021]]|02|03|background-color:#B31D18;|[[04|Veille 04.10.2021]]|[[05|Veille 05.10.2021]]|[[06|Veille 06.10.2021]]|[[07|Veille 07.10.2021]]|[[08|Veille 08.10.2021]]|09|10|background-color:#B31D18;|[[11|Veille 11.10.2021]]|[[12|Veille 12.10.2021]]|[[13|Veille 13.10.2021]]|[[14|Veille 14.10.2021]]|[[15|Veille 15.10.2021]]|16|17|background-color:#B31D18;|[[18|Veille 18.10.2021]]|[[19|Veille 19.10.2021]]|[[20|Veille 20.10.2021]]|[[21|Veille 21.10.2021]]|[[22|Veille 22.10.2021]]|23|24|background-color:#B31D18;|[[25|Veille 25.10.2021]]|[[26|Veille 26.10.2021]]|[[27|Veille 27.10.2021]]|[[28|Veille 28.10.2021]]|[[29|Veille 29.10.2021]]|30|31|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|background-color:#B31D18;|background-color:#B31D18;|
|background-color:#B31D18;|[[2021.09|Veille 2021.09]]|background-color:#B31D18;|!|!|01|02|03|04|05|background-color:#B31D18;|06|07|08|09|10|11|12|background-color:#B31D18;|13|14|15|16|17|18|19|background-color:#B31D18;|20|21|22|23|24|25|26|background-color:#B31D18;|[[27|Veille 27.09.2021]]|[[28|Veille 28.09.2021]]|[[29|Veille 29.09.2021]]|[[30|Veille 30.09.2021]]|!|!|!|background-color:#B31D18;|!|!|background-color:#B31D18;|
|background-color:#B31D18;|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|>|>|>|>|>|background-color:#B31D18;|background-color:#B31D18;|>|background-color:#B31D18;|background-color:#B31D18;|
/% ==== Veille-END ==== %/