update description (#2149)

rules/macos/lateral_movement_vpn_connection_attempt.toml

@@ -1,11 +1,14 @@
 [metadata]
 creation_date = "2020/01/25"
 maturity = "production"
-updated_date = "2022/03/31"
+updated_date = "2022/07/22"
 
 [rule]
 author = ["Elastic"]
-description = "Identifies the execution of macOS built-in commands to connect to an existing Virtual Private Network (VPN)."
+description = """
+Identifies the execution of macOS built-in commands to connect to an existing Virtual Private Network (VPN).
+Adversaries may use VPN connections to laterally move and control remote systems on a network.
+"""
 from = "now-9m"
 index = ["auditbeat-*", "logs-endpoint.events.*"]
 language = "eql"