The November 2006 issue has lots of good security articles, which are available online too. Check out Security Habits, Threat Modeling (STRIDE approach), Extending SDL or SQL Security to name a few.