Revert "att&ck tags review: windows/process_creation part 5"

This reverts commit e94c47e74e.

rules/windows/process_creation/win_remote_powershell_session_process.yml

@@ -3,13 +3,13 @@ id: 734f8d9b-42b8-41b2-bcf5-abaf49d5a3c8
 description: Detects remote PowerShell sections by monitoring for wsmprovhost as a parent or child process (sign of an active ps remote session)
 status: experimental
 date: 2019/09/12
-modified: 2020/09/06
+modified: 2019/11/10
 author: Roberto Rodriguez @Cyb3rWard0g
 references:
-    - https://github.com/OTRF/ThreatHunter-Playbook/blob/master/playbooks/WIN-190511223310.yaml
+    - https://github.com/Cyb3rWard0g/ThreatHunter-Playbook/tree/master/playbooks/windows/02_execution/T1086_powershell/powershell_remote_session.md
 tags:
     - attack.execution
-    - attack.t1086 # an old one
+    - attack.t1086
     - attack.t1059.001
 logsource:
     category: process_creation