Well, there is no SMB v1 on either, main propagation bug. Next propagation tools are SSH bruteforce, subnet scan for vuln apps, Domain admin creds stored locally and sniffing NTLM hashes from network interface. Again only SSH and app vulns are viable in non-windows.

I was asked once to do reference design of Windows on AWS. After I learned how many ports has to be open for every machine and all of them had to be in same network as Domain Controller, I quit my job.

> If you believe that ransomware doesn't exist for macOS

Example? I have not seen any.

Absence of evidence != Evidence of absence

but is a pretty good guideline :) If Windows got ransomed every time and MacOS is never, that is interesting, right?

Windows holds perceived monopoly on company-wide identity control. There are Mac solutions: https://www.jamf.com/products/jamf-pro/deployment/

unfalsifiability != evidence

https://en.wikipedia.org/wiki/Russell%27s_teapot

Such as? Everytime ransomware is in the news, it's always something that targets Windows exploits. Even though Linux machines would be a much more valuable target since they usually host production databases and such.