Most observers who've looked into what the Shadow Brokers are offering think it likely that the dump contains actual NSA files. Much of the material relates to ways of subverting firewalls and other security products. Cisco and Fortinet confirm that zero-days referenced in the files are indeed genuine, and both companies have begun issuing patches. Analysts see this as displaying the unwisdom of hoarding zero-days, even in small numbers.
No one appears willing to pay the 1 million Bitcoin (roughly $576 million) for the Shadow Brokers complete trove, which isn't surprising, since money probably isn't the object here. The fact that someone has rickrolled the auction site doesn't help, but half a billion dollars is a lot to fork over, even for Wealthy Elite.
Most observers also think the operation can be credited to Russian intelligence services, although how those services might have got the files is still up for speculation. Most disturbing is the possibility the files were physically exfiltrated on some storage media, possibly by an insider.
The Clinton Foundation is said to have hired FireEye after noticing indicators of compromise.
Suspicion of North Korean involvement in recent SWIFT bank fraud re-emerges: the DPRK is thought to have used the theft to increase its hard currency reserves.
Kaspersky reports a large cyberespionage campaign in progress, affecting companies and universities in at least thirty countries. The goal appears to be theft of trade secrets; the actors appear to be a criminal gang (probably operating from Russia).
Cisco announces layoffs.