DEF CON 33 Talk Schedule

Vulnerability Disclosure in Aviation has long been, and continues to be, a very sensitive topic. Whilst large improvements have been made by some in recent years, there are still some corners of the industry who could do much better. Gaffers has experience in both submitting and receiving vulnerability disclosures within the industry and will share some stories highlighting the good, the bad, and the ugly.

The frequency of space missions has been increasing in recent years, raising concerns about security breaches and satellite cyber threats. Each space mission relies on highly specialized hardware and software components that communicate through dedicated protocols and standards developed for mission-specific purposes. Numerous potential failure points exist across both the space and ground segments, any of which could compromise mission integrity. Given the critical role that space-based infrastructure plays in modern society, every component involved in space missions should be recognized as part of critical infrastructure and afforded the highest level of security consideration.

This briefing highlights a subset of vulnerabilities that we identified within last couple of years across both ground-based systems and onboard spacecraft software. We will provide an in-depth analysis of our findings, demonstrating the impact of these vulnerabilities by showing our PoC exploits in action—including their potential to grant unauthorized control over targeted spacecraft. Additionally, we will show demonstrations of the exploitation process, illustrating the real-world implications of these security flaws.

The Moonlight Defender purple team exercise series provides a low-cost, modular, and scalable exercise framework for realistic space-cyber training—even in environments with restricted access, limited visibility, and contested information flows.

Designed and run by The Aerospace Corporation, MITRE, and AFRL, these exercises integrate purple teaming methodologies, enabling offensive and defensive cyber operators to refine their Tactics, Techniques, and Procedures (TTPs) in a high-fidelity, live-fire setting.

Moonlight Defender 1 (MD1) leveraged the Moonlighter satellite and Aerospace’s Dark Sky cyber range to train operators in adversarial emulation, space asset defense, and real-world cyber ops under extreme constraints. Building on this, Moonlight Defender 2 (MD2) introduced virtual satellite simulators, ICS/OT systems, and enterprise environments, pushing the limits of how we access and test cyber defenses in space-based systems.

These exercises broke down traditional silos and operationalized space hacking, proving that security through obscurity fails in space just as it does on Earth. Attendees will get a behind-the-scenes look at real-world space-cyber exercises, from attack chain development to defense strategy refinement, all within the context of operating under limited access and denied environments. Expect insights into methodologies, tools, lessons learned, and how the hacker community can shape the future of space-cyber operations.

Satellite Networks Under Siege: Cybersecurity Challenges of Targeted DDoS Attacks explores how the rapid evolution of Low Earth Orbit constellations, such as those providing global broadband, has introduced a new frontier of cybersecurity challenges. This presentation delves deep into the unique vulnerabilities of satellite networks—including dynamic topologies, limited bandwidth, and predictable orbital patterns—that enable adversaries to execute persistent, targeted DDoS attacks with minimal botnet footprints. Attendees will learn about advanced attack methodologies and frameworks—exemplified by research on approaches like the HYDRA framework—that optimize botnet composition and allocation for multi-zone disruptions. Combining detailed theoretical models, simulation results, and optimization techniques, this talk provides a comprehensive analysis of both attack strategies and the emerging countermeasures. Focusing on enhancing cybersecurity for critical communication infrastructures, this session presents actionable insights drawn from thorough analysis and illustrative case studies, offering practical recommendations and a clear framework for understanding both offensive tactics and defensive measures essential for securing satellite communications.