fix: Go marker

yara/gen_fireeye_redteam_tools.yar

@@ -59,7 +59,7 @@ rule APT_Backdoor_Win_GORAT_3
         $dirty4 = "gorat" ascii nocase wide
         $dirty5 = "flare" ascii nocase wide
         $go1 = "go.buildid" ascii wide
-        $go2 = "Go build ID:" ascii wide
+        $go2 = "Go build" ascii wide
         $json1 = "json:\"pid\"" ascii wide
         $json2 = "json:\"key\"" ascii wide
         $json3 = "json:\"agent_time\"" ascii wide
@@ -1460,7 +1460,7 @@ rule APT_Backdoor_Win_GORAT_2
         id = "e2c47711-d088-5cb4-8d21-f8199a865a28"
     strings:
         $go1 = "go.buildid" ascii wide
-        $go2 = "Go build ID:" ascii wide
+        $go2 = "Go build" ascii wide
         $json1 = "json:\"pid\"" ascii wide
         $json2 = "json:\"key\"" ascii wide
         $json3 = "json:\"agent_time\"" ascii wide

yara/gen_lnx_malware_indicators.yar

@@ -1,7 +1,7 @@
 
 rule SUSP_LNX_Linux_Malware_Indicators_Aug20_1 {
    meta:
-      description = "Detects indicators often found in linux malware samples"
+      description = "Detects indicators often found in linux malware samples. Note: This detection is based on common characteristics typically associated with the mentioned threats, must be considered a clue and does not conclusively prove maliciousness."
       author = "Florian Roth (Nextron Systems)"
       score = 65
       reference = "Internal Research"

yara/gen_powershell_obfuscation.yar

@@ -56,7 +56,7 @@ rule SUSP_PowerShell_Caret_Obfuscation_2 {
 
 rule SUSP_OBFUSC_PowerShell_True_Jun20_1 {
    meta:
-      description = "Detects indicators often found in obfuscated PowerShell scripts"
+      description = "Detects indicators often found in obfuscated PowerShell scripts. Note: This detection is based on common characteristics typically associated with the mentioned threats, must be considered a clue and does not conclusively prove maliciousness."
       author = "Florian Roth (Nextron Systems)"
       reference = "https://github.com/corneacristian/mimikatz-bypass/"
       date = "2020-06-27"