The Register: At the Black Hat security conference in Las Vegas, researchers from iSec Partners said large networks of Macs are more vulnerable to advanced persistent threats (APTs) than their Windows counterparts. That's because DHX, Apple's proprietary authentication scheme, is very easy to compromise. "With a large enterprise, you have to assume that people are going to get tricked into installing malware," said iSec CTO Alex Stamos. "You can't assume that you'll never have malware somewhere in a network. You have to focus on parts where a bad guy goes from owning Bob the HR employee to become Sally the domain admin."
Stamos added, "Macs are fine as long as you run them as little islands, but once you hook them up to each other, they become much less secure."