From 6c42bfb64bdb214919644c404cb1d29eb388bb2e Mon Sep 17 00:00:00 2001
From: Wagga <6437862+wagga40@users.noreply.github.com>
Date: Mon, 29 Aug 2022 20:15:54 +0200
Subject: [PATCH] Update file_event_win_powershell_startup_shortcuts.yml

---
 .../file_event/file_event_win_powershell_startup_shortcuts.yml  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rules/windows/file_event/file_event_win_powershell_startup_shortcuts.yml b/rules/windows/file_event/file_event_win_powershell_startup_shortcuts.yml
index 066435f42..621b861c0 100644
--- a/rules/windows/file_event/file_event_win_powershell_startup_shortcuts.yml
+++ b/rules/windows/file_event/file_event_win_powershell_startup_shortcuts.yml
@@ -24,5 +24,5 @@ detection:
     condition: selection
 falsepositives:
     - Unknown
-    - Depending on your environment accepted applications may leverage this at times. It is recomended to search for recommended inidicative of malware.
+    - Depending on your environment accepted applications may leverage this at times. It is recommended to search for anomalies inidicative of malware.
 level: high