diff --git a/modules/signatures/windows/exploitation.py b/modules/signatures/windows/exploitation.py
index 5d63288f..a0a23f23 100644
--- a/modules/signatures/windows/exploitation.py
+++ b/modules/signatures/windows/exploitation.py
@@ -142,7 +142,7 @@ class DEPHeapBypass(Signature):
     categories = ["exploit"]
     authors = ["Optiv", "Kevin Ross"]
     minimum = "2.0"
-    ttp = ["C0002.002"]
+    ttp = ["C0008.002"]
 
     filter_apinames = critical_apinames
 
@@ -180,7 +180,7 @@ class DEPStackBypass(Signature):
     categories = ["exploit"]
     authors = ["Optiv", "Kevin Ross"]
     minimum = "2.0"
-    ttp = ["C0002.001"]
+    ttp = ["C0008.001"]
 
     filter_apinames = critical_apinames