fix: apply suggestions from code review

rules/windows/builtin/taskscheduler/win_taskscheduler_lolbin_execution_via_task_scheduler.yml

@@ -29,7 +29,8 @@ detection:
     #filter_system:
     #    Path|endswith: '\rundll32.exe'
     #    TaskName|startswith: '\Microsoft\Windows\'
-    condition: selection #and not 1 of filter_*
+    #condition: selection and not 1 of filter_*
+    condition: selection
 falsepositives:
     - False positives may occur with some of the selected binaries if you have tasks using them (which could be very common in your environment). Exclude all the specific trusted tasks before using this rule
 level: medium

rules/windows/process_creation/proc_creation_win_mshta_javascript.yml

@@ -7,7 +7,7 @@ references:
     - https://github.com/redcanaryco/atomic-red-team/blob/f339e7da7d05f6057fdfcdd3742bfcf365fee2a9/atomics/T1218.005/T1218.005.md
 author: E.M. Anhaus (originally from Atomic Blue Detections, Endgame), oscd.community
 date: 2019/10/24
-modified: 2021/11/27
+modified: 2023/02/07
 tags:
     - attack.defense_evasion
     - attack.t1218.005

rules/windows/process_creation/proc_creation_win_mshta_lethalhta_technique.yml

@@ -6,7 +6,7 @@ references:
     - https://codewhitesec.blogspot.com/2018/07/lethalhta.html
 author: Markus Neis
 date: 2018/06/07
-modified: 2021/11/27
+modified: 2023/02/07
 tags:
     - attack.defense_evasion
     - attack.t1218.005