Juniper Networks joins Cisco and Fortinet in confirming that the Shadow Brokers' leaks include zero-days for its products. NetScreen devices running ScreenOS are vulnerable.
Most observers who've expressed an opinion have concluded the leaks are genuine. There's more divergence on attribution of responsibility, although consensus continues to point to Russian intelligence. A minority argues that this couldn't be the case, because the Russian organs would have held the material quietly and exploited it for their own purposes, and that hence the leaks were the work of a rogue NSA insider. But more observers (Edward Snowden, of all people, among them) argue that disclosure is a deliberate move on the part of the Russian government to discredit NSA and place American intelligence collection in bad odor. And of course the (alleged) complicity of a compromised insider is consistent with Russian intelligence operations.
That the Shadow Brokers are private actors with a mix of hacktivist and mercenary motives seems unlikely. Their online auction of the material makes little sense: it's seen no serious bidders. And, as CIO points out, the loss leaders with which they've teased the market would have brought a great deal of money from zero-day brokers, whether white, grey, or black hat.
Speaking of Russian intelligence, Fancy Bear (of DNC hack fame) is back, and apparently behind the hack of the World Anti-Doping Agency.
Dr. Web warns that the Spy-Agent backdoor Trojan is now in active use against US targets.
Palo Alto sees a shift in Hancitor downloader tactics.