Patched with flash version 188.8.131.52, CVE-2015-5560 is now being exploited by Angler EK.
Angler EK :
[Edit : 2015-09-01] Exploit candidated by Kasperky as CVE-2015-5560 [/edit]
The exploit has been added the 28th. It's not being sent to Flash 184.108.40.206.
It uses the same Diffie-Hellman Key Exchange technique described by FireEye as in their CVE-2015-2419 implementation making a default fiddler unreplayable.
Angler EK pushing Bedep to Win7 IE11 Flash 220.127.116.11 - CVE-2015-5560
Sample in that pass : 9fbb043f63bb965a48582aa522cb1fd0
Fiddler sent to VT (password is malware)
Note: with help from G Data, a replayable fiddler is available. No public share (you know how to get it).
Read More :
Three bypasses and a fix for one of Flash's Vector.<*> mitigations - 2015-08-19 - Chris Evans - Google Project Zero
CVE-2015-2419 – Internet Explorer Double-Free in Angler EK - 2015-08-10 - FireEye
Bedep’s DGA: Trading Foreign Exchange for Malware Domains - 2015-04-21 - Dennis Schartz - Arbor Sert