Update third-party rules as of 2024-12-16 (#706)

Co-authored-by: Update third-party rules <41898282+github-actions[bot]@users.noreply.github.com>

tests/linux/2021.FontOnLake/45E9.elf.simple

@@ -1,4 +1,5 @@
 # linux/2021.FontOnLake/45E9.elf: critical
+3P/elastic/rootkit: high
 3P/elastic/rootkit_fontonlake: critical
 anti-static/packer/upx: high
 c2/addr/ip: high

tests/macOS/2023.3CX/libffmpeg.dirty.dylib.simple

@@ -1,8 +1,6 @@
 # macOS/2023.3CX/libffmpeg.dirty.dylib: critical
 3P/sig_base/3cxdesktopapp_backdoor: critical
 3P/sig_base/nk_3cx_dylib: critical
-3P/sig_base/susp_xored_mozilla: critical
-3P/volexity/iconic: critical
 anti-static/xor/user_agent: critical
 c2/addr/url: low
 c2/tool_transfer/arch: low

tests/windows/2024.aspdasdksa2/callback.bat.json

@@ -12,11 +12,11 @@
                     ],
                     "RiskScore": 4,
                     "RiskLevel": "CRITICAL",
-                    "RuleURL": "https://github.com/Neo23x0/signature-base/blob/b1bc331bada41a30f3b2f8943e750798f7aaa1a9/yara/gen_powershell_susp.yar#L52-L91",
+                    "RuleURL": "https://github.com/Neo23x0/signature-base/blob/7f13b425aac90a00c208de8e3b28751b5aba3c45/yara/gen_powershell_susp.yar#L52-L91",
                     "ReferenceURL": "Internal%20Research",
                     "RuleAuthor": "Florian Roth (Nextron Systems)",
                     "RuleLicense": "Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE",
-                    "RuleLicenseURL": "https://github.com/Neo23x0/signature-base/blob/b1bc331bada41a30f3b2f8943e750798f7aaa1a9/LICENSE",
+                    "RuleLicenseURL": "https://github.com/Neo23x0/signature-base/blob/7f13b425aac90a00c208de8e3b28751b5aba3c45/LICENSE",
                     "ID": "3P/sig_base/powershell_webdownload",
                     "RuleName": "SIGNATURE_BASE_Suspicious_Powershell_Webdownload_1"
                 },

third_party/yara/YARAForge/RELEASE

@@ -1 +1 @@
-20241208
+20241215