Here is a good presentation that shows some of the vulnerabilities that were exposed at the Black Hat conference.
http://www.eweek.com/slideshow/0,1206,a=213412,00.asp
Editor’s Note (Valle): We continue to see how the Internet’s beneficial attributes (distributed, redundant, open architecture, etc) are turned into critical vulnerabilities that have even the best security minds perplexed.
A new attack on MySpace users in June was turning their sites into bots to serve phishing scams and viruses. This new technique (called fast-flux) was used to hide malicious sites behind constantly changing network of proxy servers that make it almost impossible to track down the malicious sites
http://www.eweek.com/article2/0%2C1895%2C2163609%2C00.asp
[Editor's note (Valle): This technique is similar to anti-forensic methods use by cybercriminals to hide their true origins. The main difference is that fast-flux has a larger and more rapidly changing number of proxy servers to hide behind.]
I recently started listening to one of SearchSecurity.com’s (which is the online version of Information Security magazine) podcasts, Threat Monitor. In this January 17th podcast, Ed Skoudis has, in my opinion, created the most relevent and comprehensive list of emerging malware threats that I know of.
http://threatmonitor.blogspot.com/2007_01_01_archive.html
