iOS 12.1 exploit bypasses the lockscreen for access to contacts
https://www.theverge.com/2018/11/1/18051186/ios-12-1-exploit-lockscreen-bypass-security
Apple released its latest iOS 12.1 update to devices earlier this week, and security researchers have already discovered a new lockscreen bypass. The exploit provides access to all contact information on an iPhone, and involves activating a FaceTime call and accessing the new group FaceTime feature to see contact information without a passcode.
This particular exploit only works on iOS 12.1, and was discovered hours after Apple released the update on Tuesday. We’ve tested this exploit and can confirm it works on iOS 12.1. It follows yet another lockscreen bypass in the previous iOS 12.0.1 update that allowed attackers to steal recent photos from a device. Both attacks require physical access to an iPhone, and are particularly troublesome for victims of domestic abuse or anyone who leaves a phone unattended in a shared space.