Well, felt it was finally time to start posting again. I've been working on quite a few interesting applications over the past few months, so I hope to add some useful posts soon.
In the meantime there's an interesting new series of posts on MSDN about developing threat models for web applications. While you may be aware of most of the threats, and the steps to prevent them becoming attacks, it's always good to review your knowledge, and to read about formalising the processes you hopefully already go through.