Updated to April 2024 (#693)

* Update threat-activity.md to April 2024 * Format markdown docs --------- Co-authored-by: DamoOne <[email protected]>
wagov · May 1, 2024 · cdde794 · cdde794
1 parent 4860d5f
commit cdde794
Showing 1 changed file with 7 additions and 4 deletions.
diff --git a/docs/threat-activity.md b/docs/threat-activity.md
@@ -2,18 +2,21 @@
 
 {{ date_index("docs/advisories", prefix="advisories/", expand=1, include=2) }}
 
-## WA SOC - Recent Threat Activity (March 2024)
+## WA SOC - Recent Threat Activity (April 2024)
 
 Based on recent high impact incidents seen by the WA SOC, security teams should be focusing on the below areas of improvement:
 
 !!! warning "WASOC Guidance targeted on recent threat activity"
-    - Phishing campaigns that attempt to impersonate legitimate webpages ["Spoofing"](https://www.mimecast.com/content/website-spoofing/) of organisations
+    - Lessons from XZ Utils: Achieving a More Sustainable Open Source Ecosystem (https://www.cisa.gov/news-events/news/lessons-xz-utils-achieving-more-sustainable-open-source-ecosystem)
+        - Secure by Design [CISA Guidance on SBOM](https://www.cisa.gov/sites/default/files/2023-10/SecureByDesign_1025_508c.pdf)
+        - Software Bill of Materials [SBOM](https://www.cisa.gov/sbom)
     - Publication on the [SVR](https://www.cyber.gov.au/about-us/view-all-content/alerts-and-advisories/svr-cyber-actors-adapt-tactics-initial-cloud-access) activity targeting Government cloud infrastructure. Review and adapt the [SCuBA Toolset](https://www.cisa.gov/resources-tools/services/secure-cloud-business-applications-scuba-project) to validate security controls.
 
 Recent WA SOC advisories this month worth staying across include:
 
-- [Fortinet Services](https://soc.cyber.wa.gov.au/advisories/20240313002-Fortinet-Updates-Multiple-Products/)
-- [XZ Utility](https://soc.cyber.wa.gov.au/advisories/20240402002-Supply-Chain-Compromise-Affecting-XZ-Utils-Data-Compression-Library/)
+- [Palo Alto Networks PAN-OS Command Injection Vulnerability](https://soc.cyber.wa.gov.au/advisories/20240415001-PaloAlto-Networks-PAN-OS-Command-Injection-Vulnerability/)
+- [Ivanti Security Update for Connect Secure and Policy Secure Gateways](https://soc.cyber.wa.gov.au/advisories/20240402002-Supply-Chain-Compromise-Affecting-XZ-Utils-Data-Compression-Library/)
+- [ArcaneDoor Exploiting Cisco ASA Vulnerabilities](https://soc.cyber.wa.gov.au/advisories/20240426001-ArcaneDoor-Exploiting-Cisco-ASA-Vulnerabilities/)
 
 Agencies should review the latest [NIST CSF 2.0](https://www.nist.gov/quick-start-guides) and the new [AI Policy and Assurance Framework](https://www.wa.gov.au/government/publications/wa-government-artificial-intelligence-policy-and-assurance-framework).