This presentation focuses on container security, particularly addressing the tactics, techniques, and procedures (TTPs) used by cybercrime groups like TeamTNT to exploit container vulnerabilities. The presentation starts with container security fundamentals and common misconfigurations, followed by an examination of TeamTNT's malware, C2 infrastructure, and evolution. Attendees will learn best practices for hardening container environments and the significance of runtime security and continuous monitoring. The talk is intended for security practitioners, DevOps engineers, and IT professionals seeking to improve their understanding of real-world container security threats and mitigation strategies. Actionable recommendations for enhancing container security posture will be provided.