diff --git a/rules/linux/linux_mknod_activity.toml b/rules/linux/linux_mknod_activity.toml
index c0c47cf5a..9fbcaf82d 100644
--- a/rules/linux/linux_mknod_activity.toml
+++ b/rules/linux/linux_mknod_activity.toml
@@ -2,7 +2,7 @@
 creation_date = "2020/02/18"
 ecs_version = ["1.6.0"]
 maturity = "production"
-updated_date = "2020/08/03"
+updated_date = "2020/09/09"
 
 [rule]
 author = ["Elastic"]
@@ -21,7 +21,7 @@ index = ["auditbeat-*", "logs-endpoint.events.*"]
 language = "kuery"
 license = "Elastic License"
 name = "Mknod Process Activity"
-references = ["https://pen-testing.sans.org/blog/2013/05/06/netcat-without-e-no-problem"]
+references = ["https://web.archive.org/web/20191218024607/https://pen-testing.sans.org/blog/2013/05/06/netcat-without-e-no-problem/"]
 risk_score = 21
 rule_id = "61c31c14-507f-4627-8c31-072556b89a9c"
 severity = "low"