Symantec just released their Internet Security Threat Report which can be thought (at least by me) as a larger version of the STEAM Reports we publish. The report notes trends and shifts in the threat landscape as reported by Symantec clients.
The summary seems to be that attacks are becoming more focused on client-side applications such as web browsers and Office programs. These attacks are different than worms of the past as they require user interaction (such as clicking a link) to work. We've noted similar changes over the last year here at Purdue, moving from large virus and worm outbreaks to IRC Bots infecting via Instant Messaging programs.
You can find the Threat Report at the link below. If you don't trust my link though, you can always use the search engine of your choice to find it as well. :-)
Posted by Addam Schroll on September 26, 2006, in Handlers Log.