This month I gave a similar talk to two user groups. The OWASP Wellington
(and Auckland over video conference), and the Wellington .NET user group
both invited me to speak on: "I know what you did last summer; The latest from the world of web hacks".
This was a fun talk to deliver. The focus was on recent web 'hacks' that had occurred in the past few months (I used a pretty general definition of 'hack'), but the main discussion was around the lessons that we could learn from these issues and what we could draw back into our own projects.
I think this talk had the most amount of interaction out of any of my previous talks. There was lively discussion about what the root cause of the problem was, whether it was even fixable at all, and we lamented the effects of 'users' :)
Since the .NET talk was a superset of the OWASP one (it was longer), I've included those slides below:2011-03-09-WellingtonNet.pdf (2.07 MB)
Thanks for coming!