Process hollowing is indeed a memory injection technique where an attacker creates a new process in a suspended state and replaces its image with malicious code, effectively 'hollowing out' the legitimate process. This can be used to evade detection from security software that is monitoring for the launch of malicious processes.