Symantec released its Internet Security Threat Report - always a worthwhile read but be forewarned, it's also a decently long document.
A few highlights in report caught my eye. The first is a trend by hackers towards the use of medium severity, gateway attacks instead of direct, frontal attacks of high severity. These "gateway attacks" are of medium severity and used to gain a foothold in a corporate network environment, upon which to launch more significant attacks.
The second trend of using malicious techniques in combination - spamming, Trojans, phishing and bot networks all used in tandem - I think, signals bigger problems for the future. I've seen some of this already.
Finally, in the Futures section of the report, hackers are noted to be moving toward "staged downloaders". It's the idea of modular malware where a small specialized Trojan could perhaps download other malware components such as worms or backdoors. It is estimated by Symantec that as much as 75% of the top 50 malware reported had some sort of staged downloader capability. Think of it as service oriented malware, if you will, but it's another wrinkle in the kind of attacks we can come to expect.