The Pwnie Awards are like Blackhat's version of the SANS Top 20. Categories include Best Client-Side Bug, Best Server-Side Bug, Most Epic FAIL, Mass Øwnage, etc... Check it out at: http://pwnie-awards.org/2008/awards.html
One big change that I haven't posted about yet was my transition from Visual Studio Diagnostics to Office Security a few months ago. Here's an article published yesterday in "Dark Reading" that covers my team and the pen test system we're building:
Microsoft Office Security Team Enlists Bots, Pen Tests
http://www.darkreading.com/document.asp?doc_id=159305
"posting nearly 5,000 pages of new technical documentation for the Microsoft Office binary file formats for Word, Excel and PowerPoint"
Press release:
http://www.microsoft.com/presspass/press/2008/jun08/06-30InteropUpdatePR.mspx
Technical specs:
http://go.microsoft.com/fwlink/?LinkId=122062