🎅 SantaStealer wants your crypto

Happy Holidays! The only bells ringing around here are Slack notifications you’re ignoring… yet, slightly more stable than your holiday travel plans, we bring you another issue of ByteSize!

On this day in 1968, Apollo 8 astronauts Frank Borman, James Lovell, and William Anders became the first humans to orbit the Moon. They performed 10 lunar orbits and read from Genesis on live TV—the most-watched program ever at the time. These guys literally shot for the Moon and actually hit it, unlike most startup pitch decks.

Fast-forward 57 years, and we can't even get Windows to update without breaking something.

SantaStealer Wants More Than Milk and Cookies This Year

Ho, ho, holy security nightmare! A new malware called SantaStealer is making cybercriminals' Christmas dreams come true, and unfortunately, their gift list includes your credentials and crypto wallets.

This festive piece of malware, advertised on Telegram for the bargain price of $175 per month (premium version: $300 since even cybercriminals have pricing tiers now), promises to run "fully undetected" even on government and financial systems. It’s sort of like us promising your relatives that yes, you'll definitely fix their computer "soon."

The good news is according to Rapid7's security researchers, SantaStealer is about as undetectable as a drunk relative at Christmas dinner. The samples they analyzed were so poorly obfuscated that they included original function names like "payload_main" and "check_antivm.”

Turns out SantaStealer is just a rebranding of the earlier "Blueline Stealer" (creative naming clearly isn't their strong suit). The developers, going by the handles "Cracked" and "Furix," are offering this as malware-as-a-service on Russian forums. So, if cybercrime has embraced the subscription economy… what's next, a ransomware loyalty program?

The malware compresses stolen data and splits it into 10MB chunks before sending it over unencrypted HTTP, which is roughly the security equivalent of mailing your house keys in a see-through envelope. But hey, at least they're not asking you to accept their cookies policy first.

Microsoft Finally Puts RC4 Out of Its Misery After 26 Years

Nobody saw this coming… (and by “nobody”, I mean everybody.)

Microsoft is finally killing off the RC4 encryption cipher that's been a security researcher's favorite punching bag since the Clinton administration.

RC4 has been living in Windows like that relative who "just needs to crash on your couch for a few weeks." Except it's been 26 years, and it's actively making your life worse. The cipher has been known to be vulnerable since 1994, which means it's been compromised longer than some of our readers have been alive.

Microsoft's response to this decades-old vulnerability? "By mid-2026, we'll be updating domain controller defaults." Sure, because we treat “urgency” with a two-year deployment timeline.

The delay isn't entirely Microsoft's fault (honestly, very surprising!). As one Microsoft engineer explained, "It's hard to kill off a cryptographic algorithm that is present in every OS that's shipped for the last 25 years." Fair point. It's like trying to remove a load-bearing wall from a house, except the wall has been slowly poisoning everyone inside with whatever that Stranger Things demogorgon body fluid plaguing Hawkins right now.

RC4's continued existence has enabled countless hacks, including last year's Ascension health breach that affected 140 hospitals. So, for IT admins reading this: yes, you should probably check if any of your legacy systems are still using RC4. And by "probably," I mean "definitely, right now, before you finish this newsletter."

Microsoft's Latest Gift: Broken IIS and a Support Phone Number

Microsoft's December Patch Tuesday delivered the gift that keeps on giving: widespread IIS failures and MSMQ issues that are making enterprise applications crash harder than my motivation on Monday mornings.

This month’s security updates (KB5071546, KB5071544, and KB5071543) have been causing enterprise applications to fail with "insufficient resources" errors, even when there are plenty of resources available. It's like your computer is gaslighting you with "Are you sure you have enough memory? Because I'm not seeing it."

The issue stems from changes to the MSMQ security model that now require users to have write access to a folder that's normally restricted to administrators. Microsoft's solution is to contact Microsoft Support for business. Insulting. Like a “mechanic breaking your car and then charging you for a diagnostic” insulting... Honestly, I’d respect them more if they’d just come out and admit that they broke it and weren’t going to tell us how to fix it unless we call them first.

As of now, For affected admins, your choices are: call Microsoft support (good luck), wait for an emergency patch (could be weeks), or roll back the updates (and live with whatever security vulnerabilities they were supposed to fix).

⚙️ TOOL TIME

The 2025 Expert Awards: Celebrate People Who Actually Know What They're Doing

Now, let’s talk of things that actually work... The 2025 Expert Awards are almost here!

• Fellow: The lifetime achievement award for community legends

• Most Valuable Expert: For those who go above and beyond

• Expert of the Year: The person who earned the most points

• Author/Producer of the Year: Content creators extraordinaire

• Community Leader: The unsung heroes keeping things running

• Rookie of the Year: First-year standouts

• Jack of All Trades: Multi-topic masters

While we're putting together the 2025 awards (coming in 2026 because that's how time works), let's celebrate last year's winners.

The Heavy Hitters from 2024:

• gr8gonzo became an “Experts Exchange Fellow”: a guy who's been here since 1998 (longer than some operating systems have existed)

• Andrew Hancock won both “Most Valuable Expert” AND “Producer of the Year”: this man has created more helpful content than Microsoft has created confusing error messages

• David Johnson took home “Expert of the Year” AND “Most Valuable Expert”:  basically the Keanu Reeves of IT support, but with more solutions and fewer motorcycle stunts

The awards prove what we've always known: The real treasure was the friends we made along the way.

Check out all the winners and maybe get inspired to contribute to the community. Or just bookmark their profiles for when you inevitably need help with something at 2 AM on a weekend.

👨‍💻 JOB OPPORTUNITIES

Vice President, Information Technology @ DraftKings

DraftKings want someone to lead global IT strategy while "managing teams, overseeing cloud adoption, integrating AI, and ensuring operational excellence." Basically, they need someone to juggle flaming torches while riding a unicycle.

IT Manager @ Digible

This Denver-based role wants someone who can "translate tech speak into business speak." Think of yourself as the IT world's version of Google Translate, but actually useful.

Staff IT Program Manager @ Qualtrics

They're looking for someone with "extensive experience leading quote-to-cash program management." If you can manage to get money out of people while using Salesforce, you're basically a wizard. Bonus points if you can do it without crying.

🛩 INDUSTRY MOVES

• The US froze a $42B trade pact with the UK over digital taxes, proving that even international relationships can be ruined by arguing over who pays for what—like roommates splitting the Wi-Fi bill, but with more consequences.

• X is suing Operation Bluebird for trying to reclaim Twitter's "abandoned" trademarks, because apparently Elon's rebrand was so successful that someone thought Twitter could be the second coming of Christ.

• Amazon might invest $10B in OpenAI, creating the most expensive circle of tech companies passing money around since the last crypto bubble. So… musical chairs, but make it venture capital for companies that’ll one day terminate us all.

• Intel quietly discontinued their open-source Gaudi driver code. It’s corporate speak for "we're giving up but don't want to make a big deal about it” like an “Irish Goodbye.”

Hey there, tech troubleshooters!  As we wrap up 2025, let's look back at some of the burning questions that kept our Experts Exchange community busy this year:

• One user discovered their business runs entirely as a one-person operation. It's like finding out your entire company's IT infrastructure is held together by the digital version of duct tape and prayers.

• Someone needed to scan all computers on their local network for hardware and software details. Basically, they wanted to take inventory of their digital kingdom without manually visiting each computer like some medieval census taker.

• A user couldn't figure out why System Idle was taxing their hard drive. Turns out, even when your computer is doing "nothing," it's still somehow managing to be busier than most of us on a Monday morning.

To all who celebrate… surviving Q4. We see you, and we salute you. May your cookies be actual desserts, not tracking scripts, and for the love of DNS, double-check that cron job.

Enjoyed the news? Discuss over on Experts Exchange.

Got news to share or topics you'd like us to cover? Send ‘em our way by responding to this email. We can’t wait to hear from you. Really.