Update credential_access_forced_authentication.toml

Author: w0rk3r

rules/cross-platform/credential_access_forced_authentication.toml

@@ -8,13 +8,13 @@ updated_date = "2024/07/22"
 author = ["Elastic"]
 description = """
 Identifies a potential forced authentication. Attackers may attempt to force targets to authenticate to a Linux machine
-controlled by them to capture hashes or to enable relay attacks.
+controlled by them to capture hashes or enable relay attacks.
 """
 from = "now-9m"
 index = ["logs-endpoint.events.network-*", "logs-system.security-*"]
 language = "eql"
 license = "Elastic License v2"
-name = "Potential Forced Authentication"
+name = "Active Directory Forced Authentication from Linux Host"
 references = [
     "https://www.thehacker.recipes/a-d/movement/mitm-and-coerced-authentications/ms-efsr",
     "https://www.thehacker.recipes/a-d/movement/mitm-and-coerced-authentications/ms-rprn",