In early 2026, a campaign called EvilTokens quietly moved through federal agencies and enterprise environments. No malware. No exploited vulnerability. The attacker used Microsoft's own OAuth device code flow, a completely legitimate authentication mechanism — to steal session tokens directly. This bypassed both passwords and multi-factor authentication. The tokens lived for up to 90 days and survived password resets. Security tooling saw nothing wrong because, technically, nothing was wrong. It looked like a normal login.

That gap is what this talk is about.

There is a growing class of attacks built specifically to look legitimate. They do not trigger rules because they do not match known malicious patterns. Threat intelligence cannot flag what has never been documented. And by the time the attack is understood well enough to write a detection rule, it has already succeeded somewhere.

I will walk through the EvilTokens campaign in detail: how it worked, what it bypassed, and why the organizations that caught it caught it while others did not. The organizations that stopped it were not running better rules. They were asking a different question entirely. Instead of "does this match a known threat," they were asking "should this be happening at all for this user, on this device, at this time." That shift, from pattern matching to behavioral understanding, is what actually stopped the attack.

The rest of the talk covers what that shift looks like in practice. What behavioral baseline modeling requires. Where it fails and how to tune it without burying your team in false positives. What the transition looks like for organizations still running legacy detection stacks. And what you should be asking your vendors right now to figure out how exposed you actually are.

Learning Objectives:

Attendees will leave understanding exactly how OAuth device code flow abuse works and why it bypasses MFA. They will be able to identify the class of attacks that signature-based and rule-based defenses cannot structurally catch. They will understand behavioral baseline modeling as a practical detection alternative, not just a concept. And they will have a working evaluation framework to assess their own blind spots before an attacker finds them first.

Note: this has not been presented in any other conferences.