Do you have Siri enabled on your iPhone's lockscreen? You may want to disable it.
Egyptian hacker Sherif Hashim has found that it's possible to bypass the lockscreen of a device running iOS 7.1, call people on the phone's contact list and even, under certain circumstances, peruse the phone's entire contact list.
Fortunately, you can keep your phone safe from exploits of this kind by disabling Siri on your lockscreen. This means you can't make hands-free calls from a locked phone, but you'll trade a little bit of convenience for a little bit of security. Here's what to do.
1. Tap the gray Settings app on your phone's home screen.
2. Scroll down to "Touch ID & Passcode" and tap it.
3. If you have a passcode already enabled, you'll be asked to input it again. Do so.
4. On the "Touch ID & Passcode" menu, scroll down to where it says "Allow Access When Locked." Siri is listed below this heading, next to a slider. Move the slider to the left so the green disappears.
Alternatively, you can simply turn off "Voice Dial" (located just above Siri in the below image) by sliding the green slider to the left, and leave Siri on. This will also prevent Hashim's hack from working. If you disable Siri, the Voice Dial option will disappear, since it is a subset of Siri's features and is disabled when Siri is.
5. Once you've turned Siri off, the menu will look like this: