* [Rule Tuning] Linux DR Tuning - 8
* Revise investigation guide for THC tool downloads
Updated investigation guide to reflect THC tool instead of SSH-IT worm. Enhanced description for clarity.
* Update exfiltration_unusual_file_transfer_utility_launched.toml
* Refine ESQL query for brute force malware detection
Updated the query to include additional fields and modified the conditions for filtering events.
---------
Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>
Ruben Groenewoud