RFC 2350 Profile

1.0 Document Information

This document complies with RFC 2350.

1.1. Date of Last Update
This is version 1.0 as of May 3rd, 2012.

1.2. Distribution List for Notifications
This profile is kept up-to-date in the location specified in section 1.3. E-mail notification of updates are sent to MyCERT Management and Incident Handler.

Please send any questions about updates to the MyCERT e-mail address:
[email protected]
[email protected]

1.3. Locations where this Document May Be Found
The current version of this profile is always available at https://www.mycert.org.my/


2.0 Contact Information

2.1 Name of the Team
Full name: Malaysia Computer Emergency Response Team.
Short name: MyCERT

2.2 Address
Malaysian Computer Emergency Response Team (MyCERT)
CyberSecurity Malaysia
Level 7 Tower 1
Menara Cyber Axis
Jalan Impact
63000 Cyberjaya
Selangor Darul Ehsan
MALAYSIA

2.3 Time Zon
GMT +0800

2.4 Telephone Number
MyCERT Cyber999 Hotline number: 1300882999
MyCERT 24x7 Mobile number: +6019-2665850

2.5 Facsimile Number
+603 - 8008 7000

2.6 Other Telecommunication
Twitter: http://www.twitter.com/mycert
Facebook: https://www.facebook.com/mycert.org.my

2.7 Electronic Mail Address
Please send incident reports to [email protected]
Non-incident related mail should be addressed to [email protected]

2.8 Public Keys and Encryption Information
Please encrypt any sensitive e-mail with the MyCERT's PGP key and send to [email protected]

MyCERT's Public Key is available at Section 4.3.
Please sign messages using a key that is verifiable using the public keyservers.

2.9 Team Members
No public information is provided about MyCERT team members.

2.10 Other Information
Further information about MyCERT can be found at: https://www.mycert.org.my

2.11 Points of Customer Contact
The preferred method for contacting MyCERT is e-mail.

For general inquiries, please send e-mail to: [email protected].
For abuse or security issues, please use [email protected].
For network, server, or service issues, please use [email protected].

MyCERT hours of operation are generally restricted to regular business hours, or 09:00 to 18:00 Monday to Friday except public holidays. After business hours/weekends/public holidays MyCERT can be contacted at 24x7 via +60192665850

2.12 Cyber999 Mobile Apps
Download on the App Store for Apple
Get it on Google Play for Android


3.0 Charter

3.1 Mission Statement
To address the computer security incidents of Malaysian Internet users and to reduce the probability of successful attacks and lower the risk of consequential damage.

3.2 Constituency
MyCERT constituency is all Internet users in Malaysia including all sectors and home users.

3.3 Sponsorship and/or Affiliation
Co-founder and member of APCERT
Member of FIRST
Co-founder and member of OIC CERT

3.4 Authority
CyberSecurity Malaysia (www.cybersecurity.my) is the national cyber security specialist centre under the Ministry of Communications and Multimedia (KKMM).

The Malaysian Government has gazetted the role of CyberSecurity Malaysia by Order of the Ministers of Federal Government Vol.53, No.13, dated June 22, 2009 by identifying CyberSecurity Malaysia as an agency that provides ICT security specialist services and continuously monitors threats to the national security.


4.0 Policies

4.1 Types of Incidents and Level of Support
All incidents are handled as according to the SLA as below: click here

4.2 Co-operation, Interaction, and Disclosure of Information
All incoming information is handled as CONFIDENTIAL by MyCERT, regardless of its priority.

When reporting an incident of sensitive nature, please state so explicitly (for example, by using the label SENSITIVE in the subject field of e-mail) and, if possible, using encryption as well.

4.3 Communication and Authentication
For Secure communication, below is MyCERT's PGP key
Click Here

MyCERT's PGP Key Version GnuPG v1.4.7 (GNU/Linux)

Bits: 1024
Key ID: 82B6ED71
Key Fingerprint: 57CD C689 1B0E 0835 3BBD AF97 D010 0570 82B6 ED71

-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.7 (GNU/Linux)

mQGiBEm1/NURBADycn3DgTtsmVbhTB+wXVuXHgekJ2QTd4BPcKKNtmTU6GVP/BfH gRlwKs5k7YrnVyAlM/LStA/Bx6cHy76GAyyFD5pH3dET2efxiWm3hJz9f1Df3+Jw gj3bVQqF7ieCEe3NnQJVLcmHmt/XCRR04AcitFi95D2jX7f7F9IrKI6qmwCg08zE gAQXhKJN7AiqeKKA7bkLkwED/0FR1myAc/3uskKV6vh7iiEZHTB91agqzW+D3ONh SzhoE9i2ADzDjHvquTswcMIMwspu+zhOVV11nrm71Lv4u0mY5uL/izlJCiwIdRsZ zkWe2fydnFQ8cDATyIin9l05AiEXrttUQigNoJE8uVSZ6RnQar1FnzQZcDL8gQen pzdzA/0cYgvCwZWtdmDIHKdx7zxfWIkKeYngzlc6YLdhS7sdHdOR/pb5zbHUB6Oa INZJDeW0zorU4TJlc5ABuka39otjRicgZQX645rfANZxfPwExzU89fm52XclPNdb ntoYnt5cBMKTmvFYnkOpizrWq+XIih+2GL6BKjQhyKLjjdBROrRJTWFsYXlzaWEg Q29tcHV0ZXIgRW1lcmdlbmN5IFJlc3BvbnNlIFRlYW0gKE15Q0VSVCkgPG15Y2Vy dEBteWNlcnQub3JnLm15PohhBBMRAgAhBQJJtfzVAhsDBwsJCAcDAgEEFQIIAwQW AgMBAh4BAheAAAoJENAQBXCCtu1xR64An0Y2j59ckOnEMsnD37rgzd5SeTpmAJ9U bdDateC1NxnfHz8mrq98Z9QSzLROTWFsYXlzaWEgQ29tcHV0ZXIgRW1lcmdlbmN5 IFJlc3BvbnNlIFRlYW0gKE15Q0VSVCkgPGN5YmVyOTk5QGN5YmVyc2VjdXJpdHku bXk+iGEEExECACEFAkm1/oQCGwMHCwkIBwMCAQQVAggDBBYCAwECHgECF4AACgkQ 0BAFcIK27XFU6QCeMGUOW2gdogFlan2ZF7si0EOavGsAoKCHUd6zrXrOOoSJ4hIB trdjRoJduQINBEm1/NUQCACIwNMZJWQ2swL6Nm6yEbUCHDUk2HpD7+upOAZITUGd Df4jD/Me5RCCcTkF+VuOW1jdxXab2+zFcL2+doepTko9ORksYe9DUEAg22JdPXBj L8mWxXTIMZrI/rIvFV7mYdH4nM/Ros+20zOPaC9kH13fHW5q/5KP+eGc8bJRNtkr 6feQhLVlvvn1pkS6NRdhdQuIUSDVmi5kCpLEf0ntZj8PwHbk3Xrh4xUJbmdnwYw0 GAiXjGR92wkX2seEfi+Wrgi6fGj5Fu4TJCqC6cbNG1vkY+xh+jJv6VsuxycUECw4 nFYzGcwkaSyU2dlSvLSB1L5nQCxZJ0ct3s4LZXonZe/bAAMGB/9XjJvDjst/JPdT SgySSkv+OWdIDr/YERzU3svcovipLMKe6GpDx6Ts8I8C0ECyCCzDFvVJ29hGlkOp ftdGrKHIxa+gKsvrRoGGoOoHClDnYSD8TDGmT2j2j2IAS1KvPaWqy8A/nOWxv3d0 MIT8e5+PpQ4y4muQ54Ldf8OCDblTvTXAi4UomRXLGY0Sa84Gobo9Oap9SbyQgzEd Mgo6dVwp65wIWrg2S1zxfWCfmPabhAK9Y09s5MLX0uJppQKD4njun9SDTpgboMCa JxYea/SJVFm5Lpw6j5112QW/MDHKSBwvD9PRrZasfRc0PpKJ0spHa4blefDHfKjO iguKSFiiiEkEGBECAAkFAkm1/NUCGwwACgkQ0BAFcIK27XHFnACgkbLDPoI01kJug YmSFKpnfdNKyekAoLJKPDvk9M+Mdee68VNNsBY6PJ5f =EVyh

-----END PGP PUBLIC KEY BLOCK-----


5.0 Services

5.1 Incident Response (Triage, Coordination, and Resolution)
MyCERT assist system administrators in handling the technical and organizational aspects of computer security incidents.

5.2 Proactive Activities
Producing Alerts, Advisories and Tools for the constituency.

List of Alerts and Advisories that had been produced are available at: Click Here

The Alerts and Advisories can be subscribed through MyCERT's Feed at: Click Here

The tools that had been developed and released are:
5.2.1 DNSChanger Removal Tool
5.2.2 MD5 Search
5.2.3 Gallus
5.2.4 DontPhishMe
5.2.5 pKaji: The PHP Analyzer
5.2.6 MyKotakPasir: The Malware Sandbox
5.2.7 DNSwatch
5.2.8 MyPHPIPS

Details on the above tools can be referred at: Click Here


6.0 Incident Reporting Forms

The form is available at: Click Here


7.0 Disclaimers

MyCERT disclaimer is available at: Click Here