[Tuning] Connection to Commonly Abused Web Services - alerts JetBrains to GH (#4973)

* Update command_and_control_common_webservices.toml

* Update command_and_control_common_webservices.toml

---------

Co-authored-by: Jonhnathan <[email protected]>

(cherry picked from commit 9dfc42a)

Author: Samirbous

rules/windows/command_and_control_common_webservices.toml

@@ -2,7 +2,7 @@
 creation_date = "2020/11/04"
 integration = ["endpoint"]
 maturity = "production"
-updated_date = "2025/04/30"
+updated_date = "2025/08/13"
 
 [transform]
 [[transform.investigate]]
@@ -290,6 +290,10 @@ network where host.os.type == "windows" and network.protocol == "dns" and
        process.code_signature.trusted == true) and dns.question.name : ("onedrive.live.com", "skyapi.onedrive.live.com")
       ) or
 
+      /* IntelliJ IDEA connecting to raw.githubusercontent.com m */
+      (process.code_signature.subject_name : "JetBrains s.r.o." and
+       process.code_signature.trusted == true and dns.question.name : "raw.githubusercontent.com")  or 
+
       (process.code_signature.subject_name : "Microsoft *" and process.code_signature.trusted == true and
        dns.question.name : ("*.sharepoint.com", "graph.microsoft.com", "g.live.com", "login.live.com", "login.live.com")) or