In case you missed it, the "SANS Top 20 Internet Security Risks" was updated for 2007 at the end of November:
QuoteThis year's SANS Top 20 illuminates two new attack targets that criminals have chosen to exploit and the older targets where attackers have significantly raised the stakes. Although the Top 20 focuses on emerging attack patterns, the old vulnerabilities are still being targeted by automated attack programs constantly scanning the Web for vulnerable systems. So many automated programs are searching for victims that SANS Internet Storm Center (an early warning system for the Internet) reports that computers can expect to survive only five minutes before being attacked and will withstand the attacks only if they are configured securely before being connected to the Internet.
This is required reading for anyone with a computer and further details can be found at http://www.sans.org/top20/
Enjoy :blink: