MCI CERT

MCI CERT

mci-pages-sharing

MCI-CERT as a Security Incident Management and Handling Team, is responsible for receiving, coordination, managing and handling of ICT security incidents of Mobile Communication Company of Iran (MCI). The mission of this team is responding to ICT security incidents, performing proactive actions to mitigate damages and reduce the probability of security incidents occurrence according to business continuity plan..
The objectives of MCI-CERT are as follows:

  • Provide an internal/external trusted contact point in ICT security incident handling
  • Provide a unified authority for receiving ICT security incident reports and responding them
  • Interaction and sharing knowledge, experiences and skills with other CSIRTs and law enforcement in order to improve security and manage ICT security incidents effectively.
  • Handling of ICT security threats, vulnerabilities and incidents in predefined deadlines
  • Reducing the damage of ICT security incidents in quality of services
  • Reduce the probability of reoccurrence of incidents
  • Improve organization's awareness and readiness against ICT security attacks and threats
  • Improve policies and mechanisms for the prevention of incidents continuously
  • Increase the accountability to the official authorities and law enforcement
Reactive Services
  • Alerts and Warnings
  • Incident Handling
Proactive Service
  • Announcements

You can submit incident or potential vulnerability report to MCI-CERT by email. It must contain at least following content:

  • Identical Information including Name and Last Name
  • Contact Information including Tel and Email Address
  • Status (Choose one of the: 1- Active, 2- Not Active, 3- Recurrence)
  • Occurrence time
  • Detection time
  • Incident category (Choose one or more of the: 1- Compromised Information, 2- Compromised Asset, 3- External Hacking, 4- Unlawful activity, 5- Email)
  • The approximate number of affected users
  • Detailed description of the incident or potential vulnerability
  • How to detect incident or potential vulnerability
  • How to exploit potential vulnerability

Note that all incident reports and information received by MCI-CERT will be confidential.

It is necessary to encrypt email with MCI-CERT's PGP Public key before sending it.

barcode
Identify more than 30 malware applications in Iranian app market :::: Date: 06/02/2020
EventBot Malware in Social Medias :::: Date: 05/27/2020
Recording meetings by zoom malware :::: Date: 05/13/2020
Awareness of phone and SMS scams :::: Date: 05/09/2020
PhantomLance Malware in Google Play Store :::: Date: 05/09/2020
IOS and MacOS operating system vulnerable to a specific text :::: Date: 04/29/2020
Malware in Iranian Application Market :::: Date: 04/22/2020
Google removes SuperVPN application from Play store :::: Date: 04/15/2020
56 apps were discovered spreading a new malware :::: Date: 04/11/2020
Cookiethief Malware :::: Date: 03/17/2020
Malicious emails with corona virus issue :::: Date: 03/11/2020
Android adware named Ashas affected millions of users :::: Date: 03/04/2020
Eight apps were discovered spreading a new malware:::: Date: 02/29/2020
Fix dangerous vulnerabilities in Chrome and Mozilla Firefox browsers :::: Date: 02/19/2020
Dangerous Vulnerability in Bluetooth Android :::: Date: 02/10/2020
Presence of Fleeceware applications at Google Play store :::: Date: 02/05/2020
Social engineering and the new methods of abuse :::: Date: 01/21/2020
3 Malicious App in the Google Play :::: Date: 01/18/2020
Investigate the dangers and threats that continue to exist around cyberspace around users (Part 1) :::: Date: 01/01/2020
New WhatsApp vulnerability and disruption to access for all members of the WhatsApp groups :::: Date: 12/25/2019
Critical Android Security Vulnerability Let Remote Attacker Cause Permanent Denial of Service :::: Date: 12/18/2019
iOS 13.3 brings bug fixes and a new security feature, but does it bring new bugs :::: Date: 12/14/2019
Fake messages in WhatsApp that invite users to download Malware named WhatsApp Gold :::: Date: 12/05/2019
Google Chrome has use after free on android prior to 77.0.3865.75 :::: Date: 11/28/2019
Attackers using WhatsApp MP4 video files vulnerability can remotely execute code :::: Date: 11/20/2019
Telegram MTProxy Servers Used to DDoS Iranian Cloud Provider :::: Date: 11/16/2019
Release of two zero-day vulnerabilities for Google Chrome browser :::: Date: 11/05/2019
Sudo Bug Opens Root Access on Linux Systems :::: Date: 11/02/2019
Discover new vulnerabilities in WhatsApp with remote code execution :::: Date: 10/26/2019
Checkm8 vulnerability details :::: Date: 10/21/2019
Microsoft releases emergency patches for Internet Explorer zero-day vulnerability :::: Date: 10/09/2019
Increased level of access on the Android OS kernel by the attacker :::: Date: 10/08/2019
Malware in CamScanner android app :::: Date: 08/31/2019
Android/Filecoder.C Mobile Malware :::: Date: 08/01/2019
Agent Smith Mobile Malware :::: Date: 07/15/2019
MobOk Mobile Malware :::: Date: 07/02/2019
Zero2 Malware :::: Date: 06/22/2019
Scam Emails :::: Date: 05/26/2019
Mobogram 5.4 Mobile Malware :::: Date: 05/19/2019
Remote Desktop Services Remote Code Execution Vulnerability :::: Date: 05/15/2019
Scranos Malware :::: Date: 05/05/2019
Social engineering to extract membership code in social networks :::: Date: 02/23/2019
Calendar Mobile Malware :::: Date: 02/21/2019
Fake Payment Ports :::: Date: 02/03/2019
Instagram's social network applications :::: Date: 01/05/2019
Security announcement about unwanted premium rate text messages :::: Date: 12/29/2018
FREEnet Mobile Malware :::: Date: 12/16/2018
Bluetooth Unlock Bypassing Vulnerability in Some Huawei Mobile Phones :::: Date: 7/1/2018
Clash_Hack Mobile Malware:::: Date: 6/9/2018
Security Announcement about joining telegram's bots :::: Date: 4/25/2018
Safety tips on receiving messages and promotional links :::: Date: 3/3/2018
Ensure lack contamination of the Apps on mobile phone :::: Date: 2/28/2018
Trackmageddon Vulnerabilities Discovered services of location tracking :::: Date: 1/22/2018
TrueCaller Application Announcement :::: Date: 1/14/2018
Avoid returning unknown international numbers :::: Date: 1/13/2018
Safety tips on bank payment terminals :::: 12/16/2017
Malware infection preventing :::: 11/26/2017
Double Locker – Android based ransomware :::: Date: 11/08/2017
Malicious links for free internet :::: Date: 10/30/2017
Don't Pay Extra :::: Date: 09/24/2017
Security announcement about activating value added services :::: Date: 08/16/2017
Social Engineering :::: Date: 07/29/2017
Securing Wi-Fi and ADSL Modems :::: Date: 06/11/2017
Familiarity with common malwares in cell phones :::: Date: 05/21/2017
Introduction to Zeus Malware :::: Date: 29/01/2017
Familiarity with common malwares :::: Date: 21/12/2016
Deactivate your social network account before pass the sim card to the new owner :::: Date: 14/11/2016
Awareness about Caller id application (Such as Holaa) :::: Date: 14/11/2016
Do not use unreliable network setting :::: Date: 29/10/2016
Security risks of "Pokemon Go :::: Date: 09/10/2016
The introduction of malware calljam on Google play:::: Date: 27/09/2016
Making phone call to unrelated country without user intervention incident announcement:::: Date: 06/04/2016