LAS VEGAS -- The best-laid plans, and the seeds for a sweet hack, are sometimes sewn over a few drinks.

Peter Hannay, a researcher based at Edith Cowen University in Perth, Australia, recalled a conversation over a few cold ones with a client who was curious what an attacker could do should they pwn an Exchange Server. Patiently, Hannay explained bad things could happen; a lot of things could get broken. An attacker would be able to push policy updates and a lot more.

"How about pushing a remote wipe command to every mobile device connected to Exchange?" the client asked.