diff --git a/rules/windows/image_load/sysmon_foggyweb_nobelium.yml b/rules/windows/image_load/sysmon_foggyweb_nobelium.yml
index cb827bb81..81bbdf87c 100644
--- a/rules/windows/image_load/sysmon_foggyweb_nobelium.yml
+++ b/rules/windows/image_load/sysmon_foggyweb_nobelium.yml
@@ -1,7 +1,7 @@
 title: FoggyWeb Backdoor DLL Loading
 id: 640dc51c-7713-4faa-8a0e-e7c0d9d4654c
 status: experimental
-description: Detects DLL image load events as seen in FoggyWeb infections
+description: Detects DLL image load activity as used by FoggyWeb backdoor loader
 references:
     - https://www.microsoft.com/security/blog/2021/09/27/foggyweb-targeted-nobelium-malware-leads-to-persistent-backdoor/
 author: Florian Roth