ESET researchers publish their findings about how the Winnti Group deployed ShadowPad and Winnti malware to target universities in Hong Kong. Meanwhile, the FBI has warned of a scam where fraudsters spoof company websites and post bogus job ads in order to dupe job seekers into handing over their personal data and paying fraudulent fees. The UK government is proposing legislation to secure IoT devices, and other countries may follow suit – what do such laws mean for IoT device makers and users? All this – and more – on WeLiveSecurity.com.