[Tuning] Updated references

rules/linux/command_and_control_cupsd_foomatic_rip_netcon.toml

@@ -2,7 +2,7 @@
 creation_date = "2024/09/27"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2024/09/27"
+updated_date = "2024/09/30"
 
 [rule]
 author = ["Elastic"]
@@ -64,6 +64,7 @@ This rule identifies potential exploitation attempts of several vulnerabilities
 - Use insights from the incident to improve detection and response times in future incidents (MTTD and MTTR).
 """
 references = [
+    "https://www.elastic.co/security-labs/cups-overflow",
     "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/",
     "https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1",
     "https://github.com/RickdeJager/cupshax/blob/main/cupshax.py",

rules/linux/execution_cupsd_foomatic_rip_file_creation.toml

@@ -2,7 +2,7 @@
 creation_date = "2024/09/27"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2024/09/27"
+updated_date = "2024/09/30"
 
 [rule]
 author = ["Elastic"]
@@ -64,6 +64,7 @@ This rule identifies potential exploitation attempts of several vulnerabilities
 - Use insights from the incident to improve detection and response times in future incidents (MTTD and MTTR).
 """
 references = [
+    "https://www.elastic.co/security-labs/cups-overflow",
     "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/",
     "https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1",
     "https://github.com/RickdeJager/cupshax/blob/main/cupshax.py",

rules/linux/execution_cupsd_foomatic_rip_lp_user_execution.toml

@@ -2,7 +2,7 @@
 creation_date = "2024/09/27"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2024/09/27"
+updated_date = "2024/09/30"
 
 [rule]
 author = ["Elastic"]
@@ -65,6 +65,7 @@ This rule identifies potential exploitation attempts of several vulnerabilities
 - Use insights from the incident to improve detection and response times in future incidents (MTTD and MTTR).
 """
 references = [
+    "https://www.elastic.co/security-labs/cups-overflow",
     "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/",
     "https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1",
     "https://github.com/RickdeJager/cupshax/blob/main/cupshax.py",

rules/linux/execution_cupsd_foomatic_rip_shell_execution.toml

@@ -2,7 +2,7 @@
 creation_date = "2024/09/27"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2024/09/27"
+updated_date = "2024/09/30"
 
 [rule]
 author = ["Elastic"]
@@ -64,6 +64,7 @@ This rule identifies potential exploitation attempts of several vulnerabilities
 - Use insights from the incident to improve detection and response times in future incidents (MTTD and MTTR).
 """
 references = [
+    "https://www.elastic.co/security-labs/cups-overflow",
     "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/",
     "https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1",
     "https://github.com/RickdeJager/cupshax/blob/main/cupshax.py",

rules/linux/execution_cupsd_foomatic_rip_suspicious_child_execution.toml

@@ -2,7 +2,7 @@
 creation_date = "2024/09/27"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2024/09/27"
+updated_date = "2024/09/30"
 
 [rule]
 author = ["Elastic"]
@@ -65,6 +65,7 @@ This rule identifies potential exploitation attempts of several vulnerabilities
 - Use insights from the incident to improve detection and response times in future incidents (MTTD and MTTR).
 """
 references = [
+    "https://www.elastic.co/security-labs/cups-overflow",
     "https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/",
     "https://gist.github.com/stong/c8847ef27910ae344a7b5408d9840ee1",
     "https://github.com/RickdeJager/cupshax/blob/main/cupshax.py",